Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-23481 Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is an authenticated arbitrary file write vulnerability in saveAdditionalDevFile. This issue has been patched in version ... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-23483 Blinko is an AI-powered card note-taking project. In versions from 1.8.3 and prior, the plugin file server endpoint uses join() to concatenate paths but does not verify if the final path is within the... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-33517 Mantis Bug Tracker (MantisBT) is an open source issue tracker. In version 2.28.0, when deleting a Tag (tag_delete.php), improper escaping of its name when displaying the confirmation message allows an... | 6.1 | MEDIUM | — | 0 |
| CVE-2026-33548 Mantis Bug Tracker (MantisBT) is an open source issue tracker. In version 2.28.0, improper escaping of tag names retrieved from History in Timeline (my_view_page.php) allows an attacker to inject HTML... | 6.1 | MEDIUM | — | 0 |
| CVE-2026-4368 Race Condition in NetScaler ADC and NetScaler Gateway when appliance is configured as Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server leading to User Session Mixup | N/A | NONE | — | 0 |
| CVE-2026-4597 A security flaw has been discovered in 648540858 wvp-GB28181-pro up to 2.7.4. Impacted is the function selectAll of the file src/main/java/com/genersoft/iot/vmp/streamProxy/dao/provider/StreamProxyPro... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-60946 Census CSWeb 8.0.1 allows arbitrary file path input. A remote, authenticated attacker could access unintended file directories. Fixed in 8.1.0 alpha. | 8.8 | HIGH | — | 0 |
| CVE-2025-60948 Census CSWeb 8.0.1 allows stored cross-site scripting in user supplied fields. A remote, authenticated attacker could store malicious javascript that executes in a victim's browser. Fixed in 8.1.0 alp... | 4.6 | MEDIUM | — | 0 |
| CVE-2026-1940 An incomplete fix for CVE-2024-47778 allows an out-of-bounds read in gst_wavparse_adtl_chunk() function. The patch added a size validation check lsize + 8 > size, but it does not account for the GST_R... | 5.1 | MEDIUM | — | 0 |
| CVE-2026-27183 OpenClaw versions prior to 2026.3.7 contain a shell approval gating bypass vulnerability in system.run dispatch-wrapper handling that allows attackers to skip shell wrapper approval requirements. The ... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-27646 OpenClaw versions prior to 2026.3.7 contain a sandbox escape vulnerability in the /acp spawn command that allows authorized sandboxed sessions to initialize host-side ACP runtime. Attackers can bypass... | 6.1 | MEDIUM | — | 0 |
| CVE-2026-4612 A vulnerability has been found in itsourcecode Free Hotel Reservation System 1.0. This affects an unknown part of the file /hotel/admin/mod_users/index.php?view=edit&id=8 of the component Parameter Ha... | 7.3 | HIGH | — | 0 |
| CVE-2026-4681 A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. This issue a... | N/A | NONE | — | 0 |
| CVE-2026-33167 Action Pack is a Rubygem for building web applications on the Rails framework. In versions on the 8.1 branch prior to 8.1.2.1, the debug exceptions page does not properly escape exception messages. A ... | N/A | NONE | — | 0 |
| CVE-2026-33168 Action View provides conventions and helpers for building web pages with the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, when a blank string is used as an HTML attribute name in ... | N/A | NONE | — | 0 |
| CVE-2026-3533 The Jupiter X Core plugin for WordPress is vulnerable to limited file uploads due to missing authorization on import_popup_templates() function as well as insufficient file type validation in the uplo... | 8.8 | HIGH | — | 0 |
| CVE-2026-3225 The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized deletion of quiz question answers due to a missing capability check in the delete_question_answer() function of... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-4066 The Smart Custom Fields plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the relational_posts_search() function in all versions up to, and includi... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-4306 The WP Job Portal plugin for WordPress is vulnerable to SQL Injection via the 'radius' parameter in all versions up to, and including, 2.4.8 due to insufficient escaping on the user supplied parameter... | 7.5 | HIGH | — | 0 |
| CVE-2026-33250 Freeciv21 is a free open source, turn-based, empire-building strategy game. Versions prior to 3.1.1 crash with a stack overflow when receiving specially-crafted packets. A remote attacker can use this... | 7.5 | HIGH | — | 0 |
| CVE-2026-33286 Graphiti is a framework that sits on top of models and exposes them via a JSON:API-compliant interface. Versions prior to 1.10.2 have an arbitrary method execution vulnerability that affects Graphiti'... | 9.1 | CRITICAL | — | 0 |
| CVE-2026-4001 The Woocommerce Custom Product Addons Pro plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 5.4.1 via the custom pricing formula eval() in the process_c... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-4021 The Contest Gallery plugin for WordPress is vulnerable to an authentication bypass leading to admin account takeover in all versions up to, and including, 28.1.5. This is due to the email confirmation... | 8.1 | HIGH | — | 0 |
| CVE-2026-4056 The User Registration & Membership plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the Content Access Rules REST API endpoints in versions ... | 5.4 | MEDIUM | — | 0 |
| CVE-2026-4613 A vulnerability was found in SourceCodester E-Commerce Site 1.0. This vulnerability affects unknown code of the file /products.php. The manipulation of the argument Search results in sql injection. Th... | 7.3 | HIGH | — | 0 |
| CVE-2026-4614 A vulnerability was determined in itsourcecode sanitize or validate this input 1.0. This issue affects some unknown processing of the file /admin/subjects.php of the component Parameter Handler. This ... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-4615 A vulnerability was identified in SourceCodester Online Catering Reservation 1.0. Impacted is an unknown function of the file /search.php. Such manipulation of the argument rcode leads to sql injectio... | 7.3 | HIGH | — | 0 |
| CVE-2026-33298 llama.cpp is an inference of several LLM models in C/C++. Prior to b7824, an integer overflow vulnerability in the `ggml_nbytes` function allows an attacker to bypass memory validation by crafting a G... | 7.8 | HIGH | — | 0 |
| CVE-2026-33320 Dasel is a command-line tool and library for querying, modifying, and transforming data structures. Starting in version 3.0.0 and prior to version 3.3.1, Dasel's YAML reader allows an attacker who can... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-4617 A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. The impacted element is the function ValidateToken of the file /php/api_patient_checkin.php of the c... | 7.3 | HIGH | — | 0 |
| CVE-2026-33306 bcrypt-ruby is a Ruby binding for the OpenBSD bcrypt() password hashing algorithm. Prior to version 3.1.22, an integer overflow in the Java BCrypt implementation for JRuby can cause zero iterations in... | 7.5 | HIGH | — | 0 |
| CVE-2026-3079 The LearnDash LMS plugin for WordPress is vulnerable to blind time-based SQL Injection via the 'filters[orderby_order]' parameter in the 'learndash_propanel_template' AJAX action in all versions up to... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-4623 A security vulnerability has been detected in DefaultFuction Jeson-Customer-Relationship-Management-System up to 1b4679c4d06b90d31dd521c2b000bfdec5a36e00. This affects an unknown function of the file ... | 7.3 | HIGH | — | 0 |
| CVE-2026-4625 A flaw has been found in SourceCodester Online Admission System 1.0. This affects an unknown function of the file /programmes.php. Executing a manipulation of the argument program can lead to sql inje... | 7.3 | HIGH | — | 0 |
| CVE-2026-4731 Integer Overflow or Wraparound vulnerability in artraweditor ART (rtengine modules). This vulnerability is associated with program files dcraw.C. This issue affects ART: before 1.25.12. | N/A | NONE | — | 0 |
| CVE-2026-4732 Out-of-bounds Read vulnerability in tildearrow furnace (extern/libsndfile-modified/src modules). This vulnerability is associated with program files flac.C. This issue affects furnace: before 0.7. | N/A | NONE | — | 0 |
| CVE-2026-4733 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6-stcop: before 1.3. | 5.3 | MEDIUM | — | 0 |
| CVE-2026-4734 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in yoyofr modizer (libs/libopenmpt/openmpt-trunk/include/premake/contrib/curl/lib modules). This vulnerability is ... | N/A | NONE | — | 0 |
| CVE-2026-4735 Deserialization of Untrusted Data vulnerability in DTStack chunjun (chunjun-core/src/main/java/com/dtstack/chunjun/util modules). This vulnerability is associated with program files GsonUtil.Java. T... | N/A | NONE | — | 0 |
| CVE-2026-4736 Improper Handling of Values vulnerability in No-Chicken Echo-Mate (SDK/rv1106-sdk/sysdrv/source/kernel/include/net/netfilter modules). This vulnerability is associated with program files nf_tables.H,... | N/A | NONE | — | 0 |
| CVE-2026-3138 The Product Filter for WooCommerce by WBW plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check in all versions up to, and including, 3.1.2. This is due to the... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-4283 The WP DSGVO Tools (GDPR) plugin for WordPress is vulnerable to unauthorized account destruction in all versions up to, and including, 3.1.38. This is due to the `super-unsubscribe` AJAX action accept... | 9.1 | CRITICAL | — | 0 |
| CVE-2026-4627 A vulnerability was found in D-Link DIR-825 and DIR-825R 1.0.5/4.5.1. Affected is the function handler_update_system_time of the file libdeuteron_modules.so of the component NTP Service. The manipulat... | 7.2 | HIGH | — | 0 |
| CVE-2026-4632 A weakness has been identified in itsourcecode Online Enrollment System 1.0. This vulnerability affects unknown code of the file /sms/user/index.php?view=add of the component Parameter Handler. Execut... | 7.3 | HIGH | — | 0 |
| CVE-2026-4662 The JetEngine plugin for WordPress is vulnerable to SQL Injection via the `listing_load_more` AJAX action in all versions up to, and including, 3.8.6.1. This is due to the `filtered_query` parameter b... | 7.5 | HIGH | — | 0 |
| CVE-2026-4745 Improper Control of Generation of Code ('Code Injection') vulnerability in dendibakh perf-ninja (labs/misc/pgo/lua modules). This vulnerability is associated with program files ldo.C. This issue affe... | N/A | NONE | — | 0 |
| CVE-2026-4746 Out-of-bounds Write vulnerability in timeplus-io proton (base/poco/Foundation/src modules). This vulnerability is associated with program files inflate.C. This issue affects proton: before 1.6.16. | N/A | NONE | — | 0 |
| CVE-2026-33847 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms.This issue affects rapidvms: before PR#96. | 7.8 | HIGH | — | 0 |
| CVE-2026-33848 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms.This issue affects rapidvms: before PR#96. | 8.8 | HIGH | — | 0 |
| CVE-2026-33849 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms.This issue affects rapidvms: before PR#96. | 8.8 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.