Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2026-25741 Zulip is an open-source team collaboration tool. Prior to commit bf28c82dc9b1f630fa8e9106358771b20a0040f7, the API endpoint for creating a card update session during an upgrade flow was accessible to ... | 7.1 | HIGH | — | 0 |
| CVE-2026-27162 Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, `posts_nearby` was checking topic access but then returning all posts regardless of type, includin... | 4.9 | MEDIUM | — | 0 |
| CVE-2026-27152 Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, DM communication-preference bypass when adding members via `Chat::AddUsersToChannel` — a user coul... | 3.8 | LOW | — | 0 |
| CVE-2026-27151 Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, the `move_posts` action only checked `can_move_posts?` on the source topic but never validated wri... | 2.7 | LOW | — | 0 |
| CVE-2026-27150 Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, missing `validate_before_create` authorization in Data Explorer's `QueryGroupBookmarkable` allows ... | 3.8 | LOW | — | 0 |
| CVE-2026-27149 Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, SQL injection in PM tag filtering (`list_private_messages_tag`) allows bypassing tag filter condit... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-27021 Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, the voters endpoint in the poll plugin lacked post visibility checks which allowed unauthorized ac... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-22207 OpenViking through version 0.1.18, prior to commit 0251c70, contains a broken access control vulnerability that allows unauthenticated attackers to gain ROOT privileges when the root_api_key configura... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-22206 SPIP versions prior to 4.4.10 contain a SQL injection vulnerability that allows authenticated low-privilege users to execute arbitrary SQL queries by manipulating union-based injection techniques. Att... | 8.8 | HIGH | — | 0 |
| CVE-2026-22205 SPIP versions prior to 4.4.10 contain an authentication bypass vulnerability caused by PHP type juggling that allows unauthenticated attackers to access protected information. Attackers can exploit lo... | 7.5 | HIGH | — | 0 |
| CVE-2023-31364 Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine (VM) to flood a host with writes, potentially causing a fatal machine... | N/A | NONE | — | 0 |
| CVE-2026-27510 Unitree Go2 firmware versions 1.1.7 through 1.1.11, when used with the Unitree Go2 Android application (com.unitree.doggo2), are vulnerable to remote code execution due to missing integrity protection... | 9.6 | CRITICAL | — | 0 |
| CVE-2026-27509 Unitree Go2 firmware versions V1.1.7 through V1.1.9 and V1.1.11 (EDU) do not implement DDS authentication or authorization for the Eclipse CycloneDDS topic rt/api/programming_actuator/request handled ... | 8.0 | HIGH | — | 0 |
| CVE-2026-27141 Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic | 7.5 | HIGH | — | 0 |
| CVE-2026-26979 Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, TL4 users are able to close, archive and pin topics in private categories they don't have access t... | 2.7 | LOW | — | 0 |
| CVE-2026-26973 Discourse is an open source discussion platform. Versions prior to 2025.12.2, 2026.1.1, and 2026.2.0 have an IDOR (Insecure Direct Object Reference) in `ReviewableNotesController`. When `enable_catego... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-23939 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in hexpm hexpm/hexpm ('Elixir.Hexpm.Store.Local' module) allows Relative Path Traversal. This vulnerability... | 7.5 | HIGH | — | 0 |
| CVE-2026-1565 The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validati... | 8.8 | HIGH | — | 0 |
| CVE-2026-1241 The Pelco, Inc. Sarix Professional 3 Series Cameras are vulnerable to an authentication bypass issue in their web management interface. The flaw stems from inadequate enforcement of access controls, a... | N/A | NONE | — | 0 |
| CVE-2025-11384 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | NONE | — | 0 |
| CVE-2025-11383 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | NONE | — | 0 |
| CVE-2025-11382 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | NONE | — | 0 |
| CVE-2025-11381 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | NONE | — | 0 |
| CVE-2026-26938 Improper Neutralization of Special Elements Used in a Template Engine (CWE-1336) exists in Workflows in Kibana which could allow an attacker to read arbitrary files from the Kibana server filesystem, ... | 8.6 | HIGH | — | 0 |
| CVE-2026-26937 Uncontrolled Resource Consumption (CWE-400) in the Timelion component in Kibana can lead Denial of Service via Input Data Manipulation (CAPEC-153) | 6.5 | MEDIUM | — | 0 |
| CVE-2026-22722 A malicious actor with authenticated user privileges on a Windows based Workstation host may be able to cause a null pointer dereference error. To Remediate CVE-2026-22722, apply the patches listed in... | 6.1 | MEDIUM | — | 0 |
| CVE-2026-22715 VMWare Workstation and Fusion contain a logic flaw in the management of network packets. Known attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt... | 5.9 | MEDIUM | — | 0 |
| CVE-2026-26936 Inefficient Regular Expression Complexity (CWE-1333) in the AI Inference Anonymization Engine in Kibana can lead Denial of Service via Regular Expression Exponential Blowup (CAPEC-492). | 4.9 | MEDIUM | — | 0 |
| CVE-2026-26935 Improper Input Validation (CWE-20) in the internal Content Connectors search endpoint in Kibana can lead Denial of Service via Input Data Manipulation (CAPEC-153) | 6.5 | MEDIUM | — | 0 |
| CVE-2026-26934 Improper Validation of Specified Quantity in Input (CWE-1284) in Kibana can allow an authenticated attacker with view-only privileges to cause a Denial of Service via Input Data Manipulation (CAPEC-15... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-26932 Improper Validation of Array Index (CWE-129) in the PostgreSQL protocol parser in Packetbeat can lead Denial of Service via Input Data Manipulation (CAPEC-153). An attacker can send a specially crafte... | 5.7 | MEDIUM | — | 0 |
| CVE-2026-26682 An issue in fastCMS before v.0.1.6 allows a local attacker to execute arbitrary code via the PluginController.java component | 7.8 | HIGH | — | 0 |
| CVE-2026-26227 VideoLAN VLC for Android prior to version 3.7.0 contains an authentication bypass in the Remote Access Server feature due to missing or insufficient rate limiting on one-time password (OTP) verificati... | 3.7 | LOW | — | 0 |
| CVE-2026-23750 Golioth Pouch version 0.1.0, prior to commit 1b2219a1, contains a heap-based buffer overflow in BLE GATT server certificate handling. server_cert_write() allocates a heap buffer of size CONFIG_POUCH_S... | 8.1 | HIGH | — | 0 |
| CVE-2026-23749 Golioth Firmware SDK version 0.19.1 prior to 0.22.0, fixed in commit 0e788217, contain an out-of-bounds read due to improper null termination of a blockwise transfer path. blockwise_transfer_init() ac... | 2.9 | LOW | — | 0 |
| CVE-2026-23748 Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit d7f55b38, contain an out-of-bounds read in LightDB State string parsing. When processing a string payload, a payload_size value les... | 3.7 | LOW | — | 0 |
| CVE-2026-23747 Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit 48f521b, contain a stack-based buffer overflow in Payload Utils. The golioth_payload_as_int() and golioth_payload_as_float() helper... | 3.7 | LOW | — | 0 |
| CVE-2025-50857 ZenTaoPMS v18.11 through v21.6.beta is vulnerable to Directory Traversal in /module/ai/control.php. This allows attackers to execute arbitrary code via a crafted file upload | 9.8 | CRITICAL | — | 0 |
| CVE-2026-28296 A flaw was found in the FTP GVfs backend. A remote attacker could exploit this input validation vulnerability by supplying specially crafted file paths containing carriage return and line feed (CRLF) ... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-28295 A flaw was found in the FTP GVfs backend. A malicious FTP server can exploit this vulnerability by providing an arbitrary IP address and port in its passive mode (PASV) response. The client unconditio... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-26265 Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, an IDOR vulnerability in the directory items endpoint allows any user, including anonymous users, ... | 7.5 | HIGH | — | 0 |
| CVE-2026-26228 VideoLAN VLC for Android prior to version 3.7.0 contains a path traversal vulnerability in the Remote Access Server routing for the authenticated endpoint GET /download. The file query parameter is co... | 4.9 | MEDIUM | — | 0 |
| CVE-2026-26207 Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, `discourse-policy` plugin allows any authenticated user to interact with policies on posts they do... | 5.4 | MEDIUM | — | 0 |
| CVE-2026-26078 Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, when the `patreon_webhook_secret` site setting is blank, an attacker can forge valid webhook signa... | 7.5 | HIGH | — | 0 |
| CVE-2025-71057 Improper session management in D-Link Wireless N 300 ADSL2+ Modem Router DSL-124 ME_1.00 allows attackers to execute a session hijacking attack via spoofing the IP address of an authenticated user. | 8.2 | HIGH | — | 0 |
| CVE-2025-56605 A reflected Cross-Site Scripting (XSS) vulnerability exists in the register.php backend script of PuneethReddyHC Event Management System 1.0. The mobile POST parameter is improperly validated and echo... | 5.4 | MEDIUM | — | 0 |
| CVE-2026-3071 Deserialization of untrusted data in the LanguageModel class of Flair from versions 0.4.1 to latest are vulnerable to arbitrary code execution when loading a malicious model. | 8.4 | HIGH | — | 0 |
| CVE-2026-2244 A vulnerability in Google Cloud Vertex AI Workbench from 7/21/2025 to 01/30/2026 allows an attacker to exfiltrate valid Google Cloud access tokens of other users via abuse of a built-in startup script... | N/A | NONE | — | 0 |
| CVE-2026-26077 Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, several webhook endpoints (SendGrid, Mailjet, Mandrill, Postmark, SparkPost) in the `WebhooksContr... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-2680 Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'customerVATNumber', in 'a3factura-app.wolterskluwer.es/#/incomes/salesDeliveryNotes' endpoint, which could allow an at... | 6.1 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.