Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-23410 In the Linux kernel, the following vulnerability has been resolved: apparmor: fix race on rawdata dereference There is a race condition that leads to a use-after-free situation: because the rawdata ... | 7.8 | HIGH | β | 0 |
| CVE-2026-23411 In the Linux kernel, the following vulnerability has been resolved: apparmor: fix race between freeing data and fs accessing it AppArmor was putting the reference to i_private data on its end after ... | 7.8 | HIGH | β | 0 |
| CVE-2026-23417 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix constant blinding for PROBE_MEM32 stores BPF_ST | BPF_PROBE_MEM32 immediate stores are not handled by bpf_jit_blind_insn(... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-40474 wger is a free, open-source workout and fitness manager. In versions 2.5 and below, the GymConfigUpdateView declares permission_required = 'config.change_gymconfig' but inherits WgerFormMixin instead ... | 7.6 | HIGH | β | 0 |
| CVE-2026-6750 Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | 8.8 | HIGH | β | 0 |
| CVE-2026-41058 WWBN AVideo is an open source video platform. In versions 29.0 and below, the incomplete fix for AVideo's CloneSite `deleteDump` parameter does not apply path traversal filtering, allowing `unlink()` ... | 8.1 | HIGH | β | 0 |
| CVE-2026-41060 WWBN AVideo is an open source video platform. In versions 29.0 and below, the `isSSRFSafeURL()` function in `objects/functions.php` contains a same-domain shortcircuit (lines 4290-4296) that allows an... | 7.7 | HIGH | β | 0 |
| CVE-2026-41061 WWBN AVideo is an open source video platform. In versions 29.0 and below, the `isValidDuration()` regex at `objects/video.php:918` uses `/^[0-9]{1,2}:[0-9]{1,2}:[0-9]{1,2}/` without a `$` end anchor, ... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-31160 An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the provider parameter to /cgi-bin/cstecgi.cgi. | 6.5 | MEDIUM | β | 0 |
| CVE-2026-31164 An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the pppoeMtu parameter to /cgi-bin/cstecgi.cgi. | 6.5 | MEDIUM | β | 0 |
| CVE-2026-31165 An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the pppoeServiceName parameter to /cgi-bin/cstecgi.cgi. | 6.5 | MEDIUM | β | 0 |
| CVE-2026-31171 An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the url parameter to /cgi-bin/cstecgi.cgi. | 6.5 | MEDIUM | β | 0 |
| CVE-2026-31172 An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the user parameter to /cgi-bin/cstecgi.cgi. | 6.5 | MEDIUM | β | 0 |
| CVE-2026-31174 An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the informEnable parameter to /cgi-bin/cstecgi.cgi. | 6.5 | MEDIUM | β | 0 |
| CVE-2026-31175 An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the stunEnable parameter to /cgi-bin/cstecgi.cgi. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-41137 Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, The CSVAgent allows providing a custom Pandas CSV read code. Due to lack of sanitization, an at... | 8.8 | HIGH | β | 0 |
| CVE-2026-41265 Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the specific flaw exists within the run method of the Airtable_Agents class. The issue results ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-31955 Xibo is an open source digital signage platform with a web content management system and Windows display player software. An authenticated Server-Side Request Forgery (SSRF) vulnerability in versions ... | 4.9 | MEDIUM | β | 0 |
| CVE-2026-32870 Kirby is an open-source content management system. Kirby's `Xml::value()` method has special handling for `<![CDATA[ ]]>` blocks. If the input value is already valid `CDATA`, it is not escaped a secon... | 7.5 | HIGH | β | 0 |
| CVE-2026-31551 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Fix static_branch_dec() underflow for aql_disable. syzbot reported static_branch_dec() underflow in aql_enable_wri... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31591 In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish Lock all vCPUs when synchronizing and encrypting VMSAs for ... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31609 In the Linux kernel, the following vulnerability has been resolved: smb: client: avoid double-free in smbd_free_send_io() after smbd_send_batch_flush() smbd_send_batch_flush() already calls smbd_fre... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-31648 In the Linux kernel, the following vulnerability has been resolved: mm: filemap: fix nr_pages calculation overflow in filemap_map_pages() When running stress-ng on my Arm64 machine with v7.0-rc3 ker... | 7.8 | HIGH | β | 0 |
| CVE-2026-23348 In the Linux kernel, the following vulnerability has been resolved: cxl: Fix race of nvdimm_bus object when creating nvdimm objects Found issue during running of cxl-translate.sh unit test. Adding a... | 4.7 | MEDIUM | β | 0 |
| CVE-2026-23382 In the Linux kernel, the following vulnerability has been resolved: HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them In commit 2ff5baa9b527 ("HID: appleir: Fix potential NULL de... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23390 In the Linux kernel, the following vulnerability has been resolved: tracing/dma: Cap dma_map_sg tracepoint arrays to prevent buffer overflow The dma_map_sg tracepoint can trigger a perf buffer overf... | 7.8 | HIGH | β | 0 |
| CVE-2026-23393 In the Linux kernel, the following vulnerability has been resolved: bridge: cfm: Fix race condition in peer_mep deletion When a peer MEP is being deleted, cancel_delayed_work_sync() is called on ccm... | 7.8 | HIGH | β | 0 |
| CVE-2026-5205 A vulnerability was identified in chatwoot up to 4.11.2. Affected by this vulnerability is the function Webhooks::Trigger in the library lib/webhooks/trigger.rb of the component Webhook API. Such mani... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-4668 The Booking for Appointments and Events Calendar - Amelia plugin for WordPress is vulnerable to SQL Injection via the `sort` parameter in the payments listing endpoint in all versions up to, and inclu... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-4350 The Perfmatters plugin for WordPress is vulnerable to arbitrary file deletion via path traversal in all versions up to, and including, 2.5.9.1. This is due to the `PMCS::action_handler()` method proce... | 8.1 | HIGH | β | 0 |
| CVE-2026-5462 A vulnerability was identified in Wahoo Fitness SYSTM App up to 7.2.1 on Android. Impacted is an unknown function of the file com/WahooFitness/SYSTM/BuildConfig.java of the component com.WahooFitness.... | 3.3 | LOW | β | 0 |
| CVE-2026-2949 The Xpro Addons β 140+ Widgets for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Icon Box widget in versions up to, and including, 1.4.24 due to insufficient inpu... | 6.4 | MEDIUM | β | 0 |
| CVE-2025-13368 The Xpro Addons β 140+ Widgets for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Pricing Widget's 'onClick Event' setting in all versions up to, and including, 1.... | 6.4 | MEDIUM | β | 0 |
| CVE-2025-15064 The Ultimate Member β User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user descri... | 6.4 | MEDIUM | β | 0 |
| CVE-2026-0552 The Simple Shopping Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpsc_display_product' shortcode in all versions up to, and including, 5.2.4 due to insuffic... | 6.4 | MEDIUM | β | 0 |
| CVE-2026-0664 The Royal Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'button_text' parameter in all versions up to, and including, 1.7.1049 due to insufficient inpu... | 6.4 | MEDIUM | β | 0 |
| CVE-2026-5169 The Inquiry Form to Posts or Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Form Header' field in versions up to and including 1.0. This is due to insufficient input ... | 4.4 | MEDIUM | β | 0 |
| CVE-2026-5506 The Wavr plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `wave` shortcode in all versions up to, and including, 0.2.6. This is due to insufficient input sanitization... | 6.4 | MEDIUM | β | 0 |
| CVE-2026-5508 The WowPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `wowpress` shortcode in all versions up to, and including, 1.0.0. This is due to insufficient input sani... | 6.4 | MEDIUM | β | 0 |
| CVE-2026-4654 The Awesome Support β WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 6.3.7. This is due to the wpas_get_ti... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-4655 The Element Pack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the SVG Image Widget in versions up to and including 8.4.2. This is due to insufficient inpu... | 6.4 | MEDIUM | β | 0 |
| CVE-2026-39541 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Hydra Booking hydra-booking allows Stored XSS.This issue affects Hydra Booking: from n/a ... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-39542 Insertion of Sensitive Information Into Sent Data vulnerability in Doofinder Doofinder for WooCommerce doofinder-for-woocommerce allows Retrieve Embedded Sensitive Data.This issue affects Doofinder fo... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-39544 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themeStek LabtechCO labtechco allows PHP Local File Inclusion.This issue affect... | 7.5 | HIGH | β | 0 |
| CVE-2026-39562 Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client In... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-39564 Insertion of Sensitive Information Into Sent Data vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Retrieve Embedded Sensitive Data.This issue affects Sunshine Photo C... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-39569 Missing Authorization vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 12 Step Meeti... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-39570 Insertion of Sensitive Information Into Sent Data vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Retrieve Embedded Sensitive Data.This issue affects 12 Step Meeting L... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-39647 Server-Side Request Forgery (SSRF) vulnerability in sonaar MP3 Audio Player for Music, Radio & Podcast by Sonaar mp3-music-player-by-sonaar allows Server Side Request Forgery.This issue affects MP3 Au... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-39649 Missing Authorization vulnerability in themebeez Royale News royale-news allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royale News: from n/a through <= 2.2... | 5.3 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.