Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2026-2995 GitLab has remediated an issue in GitLab EE affecting all versions from 15.4 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to add email addr... | 7.7 | HIGH | — | 0 |
| CVE-2026-35668 OpenClaw before 2026.3.24 contains a path traversal vulnerability in sandbox enforcement allowing sandboxed agents to read arbitrary files from other agents' workspaces via unnormalized mediaUrl or fi... | 7.7 | HIGH | — | 0 |
| CVE-2026-32064 OpenClaw versions prior to 2026.2.21 sandbox browser entrypoint launches x11vnc without authentication for noVNC observer sessions, allowing unauthenticated access to the VNC interface. Remote attacke... | 7.7 | HIGH | — | 0 |
| CVE-2026-34853 Permission bypass vulnerability in the LBS module. Impact: Successful exploitation of this vulnerability may affect availability. | 7.7 | HIGH | — | 0 |
| CVE-2026-31941 Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Chamilo LMS contains a Server-Side Request Forgery (SSRF) vulnerability in the Social Wall feature. The endpoint read_url_... | 7.7 | HIGH | — | 0 |
| CVE-2026-32252 Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to 4.9.0, a cross-tenant authorization bypass exists in Chartbrew i... | 7.7 | HIGH | — | 0 |
| CVE-2026-24970 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in designingmedia Energox energox allows Path Traversal.This issue affects Energox: from n/a through <= 1.2... | 7.7 | HIGH | — | 0 |
| CVE-2026-35533 mise manages dev tools like node, python, cmake, and terraform. From 2026.2.18 through 2026.4.5, mise loads trust-control settings from a local project .mise.toml before the trust check runs. An attac... | 7.7 | HIGH | — | 0 |
| CVE-2026-34056 OpenEMR is a free and open source electronic health records and medical practice management application. A Broken Access Control vulnerability in OpenEMR up to and including version 8.0.0.3 allows low... | 7.7 | HIGH | — | 0 |
| CVE-2026-20125 A vulnerability in the HTTP Server feature of Cisco IOS Software and Cisco IOS XE Software Release 3E could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly, ... | 7.7 | HIGH | — | 0 |
| CVE-2026-33913 OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, an authenticated user with access to the Carecoordination module can ... | 7.7 | HIGH | — | 0 |
| CVE-2025-68862 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Murtaza Bhurgri Woo File Dropzone woo-file-dropzone allows Path Traversal.This issue affects Woo File Dr... | 7.7 | HIGH | — | 0 |
| CVE-2026-25958 Cube is a semantic layer for building data applications. From 0.27.19 to before 1.5.13, 1.4.2, and 1.0.14, it is possible to make a specially crafted request with a valid API token that leads to privi... | 7.7 | HIGH | — | 0 |
| CVE-2026-20048 A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an authenticated, remote attacker to cause a denial of ser... | 7.7 | HIGH | — | 0 |
| CVE-2025-1272 The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensitiv... | 7.7 | HIGH | — | 0 |
| CVE-2026-2592 The Zarinpal Gateway for WooCommerce plugin for WordPress is vulnerable to Improper Access Control to Payment Status Update in all versions up to and including 5.0.16. This is due to the payment callb... | 7.7 | HIGH | — | 0 |
| CVE-2026-22219 Chainlit versions prior to 2.9.4 contain a server-side request forgery (SSRF) vulnerability in the /project/element update flow when configured with the SQLAlchemy data layer backend. An authenticated... | 7.7 | HIGH | — | 0 |
| CVE-2025-61879 In Infoblox NIOS through 9.0.7, a High-Privileged User Can Trigger an Arbitrary File Write via the Account Creation Mechanism. | 7.7 | HIGH | — | 0 |
| CVE-2026-27464 Metabase is an open-source data analytics platform. In versions prior to 0.57.13 and versions 0.58.x through 0.58.6, authenticated users are able to retrieve sensitive information from a Metabase inst... | 7.7 | HIGH | — | 0 |
| CVE-2026-25153 Backstage is an open framework for building developer portals, and @backstage/plugin-techdocs-node provides common node.js functionalities for TechDocs. In versions of @backstage/plugin-techdocs-node ... | 7.7 | HIGH | — | 0 |
| CVE-2026-27479 Wallos is an open-source, self-hostable personal subscription tracker. Versions 4.6.0 and below contain a Server-Side Request Forgery (SSRF) vulnerability in the subscription and payment logo/icon upl... | 7.7 | HIGH | — | 0 |
| CVE-2026-25157 OpenClaw is a personal AI assistant. Prior to version 2026.1.29, there is an OS command injection vulnerability via the Project Root Path in sshNodeCommand. The sshNodeCommand function constructed a s... | 7.7 | HIGH | — | 0 |
| CVE-2025-13523 Mattermost Confluence plugin version <1.7.0 fails to properly escape user-controlled display names in HTML template rendering which allows authenticated Confluence users with malicious display names t... | 7.7 | HIGH | — | 0 |
| CVE-2025-69377 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in vanquish User Extra Fields wp-user-extra-fields allows Path Traversal.This issue affects User Extra Fiel... | 7.7 | HIGH | — | 0 |
| CVE-2026-0017 In onChange of BiometricService.java, there is a possible way to enable fingerprint unlock due to a logic error in the code. This could lead to local escalation of privilege with no additional executi... | 7.7 | HIGH | — | 0 |
| CVE-2025-48635 In multiple functions of TaskFragmentOrganizerController.java, there is a possible activity token leak due to a logic error in the code. This could lead to local escalation of privilege with no additi... | 7.7 | HIGH | — | 0 |
| CVE-2026-25991 Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.5.1, there is a Blind Server-Side Request Forgery (SSRF) vulnerability in the Cookmate r... | 7.7 | HIGH | — | 0 |
| CVE-2026-25506 MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer overflow vulnerability in munged (the MUNGE authentication daem... | 7.7 | HIGH | — | 0 |
| CVE-2026-28468 OpenClaw versions 2026.1.29-beta.1 prior to 2026.2.14 contain a vulnerability in the sandbox browser bridge server in which it accepts requests without requiring gateway authentication, allowing local... | 7.7 | HIGH | — | 0 |
| CVE-2024-1524 When the "Silent Just-In-Time Provisioning" feature is enabled for a federated identity provider (IDP) there is a risk that a local user store user's information may be replaced during the account pr... | 7.7 | HIGH | — | 0 |
| CVE-2026-29186 Backstage is an open framework for building developer portals. Prior to version 1.14.3, this is a configuration bypass vulnerability that enables arbitrary code execution. The @backstage/plugin-techdo... | 7.7 | HIGH | — | 0 |
| CVE-2026-29192 ZITADEL is an open source identity management platform. From version 4.0.0 to 4.11.1, a vulnerability in Zitadel's login V2 interface was discovered that allowed a possible account takeover via Defaul... | 7.7 | HIGH | — | 0 |
| CVE-2026-26017 CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a logical vulnerability in CoreDNS allows DNS access controls to be bypassed due to the default execution order of plugins. Securi... | 7.7 | HIGH | — | 0 |
| CVE-2026-28393 OpenClaw versions 2.0.0-beta3 prior to 2026.2.14 contain a path traversal vulnerability in hook transform module loading that allows arbitrary JavaScript execution. The hooks.mappings[].transform.modu... | 7.7 | HIGH | — | 0 |
| CVE-2026-27938 WPGraphQL provides a GraphQL API for WordPress sites. Prior to version 2.9.1, the `wp-graphql/wp-graphql` repository contains a GitHub Actions workflow (`release.yml`) vulnerable to OS command injecti... | 7.7 | HIGH | — | 0 |
| CVE-2026-24322 SAP Solution Tools Plug-In (ST-PI) contains a function module that does not perform the necessary authorization checks for authenticated users, allowing sensitive information to be disclosed. This vul... | 7.7 | HIGH | — | 0 |
| CVE-2026-29925 Invoice Ninja v5.12.46 and v5.12.48 is vulnerable to Server-Side Request Forgery (SSRF) in CheckDatabaseRequest.php. | 7.7 | HIGH | — | 0 |
| CVE-2024-51346 An issue in Eufy Homebase 2 version 3.3.4.1h allows a local attacker to obtain sensitive information via the cryptographic scheme. | 7.7 | HIGH | — | 0 |
| CVE-2026-35409 Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.0, a Server-Side Request Forgery (SSRF) protection bypass has been identified and fixed in Directus. The... | 7.7 | HIGH | — | 0 |
| CVE-2026-33399 Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.7.0, the SSRF fix applied in version 4.6.2 for CVE-2026-30839 and CVE-2026-30840 is incomplete. The validate_w... | 7.7 | HIGH | — | 0 |
| CVE-2026-32441 Missing Authorization vulnerability in WebToffee Comments Import & Export comments-import-export-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ... | 7.7 | HIGH | — | 0 |
| CVE-2026-24969 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in designingmedia Instant VA instantva allows Path Traversal.This issue affects Instant VA: from n/a throug... | 7.7 | HIGH | — | 0 |
| CVE-2026-34769 Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8, an undocumented commandLineSwitches... | 7.7 | HIGH | — | 0 |
| CVE-2026-34214 Trino is a distributed SQL query engine for big data analytics. From version 439 to before version 480, Iceberg connector REST catalog static credentials (access key) or vended credentials (temporary ... | 7.7 | HIGH | — | 0 |
| CVE-2026-20049 A vulnerability in the processing of Galois/Counter Mode (GCM)-encrypted Internet Key Exchange version 2 (IKEv2) IPsec traffic of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and C... | 7.7 | HIGH | — | 0 |
| CVE-2026-34619 ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in a Security feature ... | 7.7 | HIGH | — | 0 |
| CVE-2026-21670 A vulnerability allowing a low-privileged user to extract saved SSH credentials. | 7.7 | HIGH | — | 0 |
| CVE-2026-32695 Traefik is an HTTP reverse proxy and load balancer. Prior to versions 3.6.11 and 3.7.0-ea.2, Traefik's Knative provider builds router rules by interpolating user-controlled values into backtick-delimi... | 7.7 | HIGH | — | 0 |
| CVE-2026-34222 Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.11, there is a broken access control vulnerability in tool values. This issue ha... | 7.7 | HIGH | — | 0 |
| CVE-2026-32123 OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, sensitivity checks for group encounters are broken because the code only cons... | 7.7 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.