Vulnerabilidades CVE
Base de dados CVE enriquecida com CISA KEV e NVD
| CVE ID | CVSS | Severidade | KEV | Avistamentos |
|---|---|---|---|---|
| CVE-2025-15067 Unrestricted Upload of File with Dangerous Type vulnerability in Innorix Innorix WP allows Upload a Web Shell to a Web Server.This issue affects Innorix WP from All versions If the "exam" directory ex... | 7.7 | HIGH | — | 0 |
| CVE-2026-20852 Incorrect privilege assignment in Windows Hello allows an unauthorized attacker to perform tampering locally. | 7.7 | HIGH | — | 0 |
| CVE-2025-69377 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in vanquish User Extra Fields wp-user-extra-fields allows Path Traversal.This issue affects User Extra Fiel... | 7.7 | HIGH | — | 0 |
| CVE-2026-22035 Greenshot is an open source Windows screenshot utility. Versions 1.3.310 and below arvulnerable to OS Command Injection through unsanitized filename processing. The FormatArguments method in ExternalC... | 7.7 | HIGH | — | 0 |
| CVE-2026-24322 SAP Solution Tools Plug-In (ST-PI) contains a function module that does not perform the necessary authorization checks for authenticated users, allowing sensitive information to be disclosed. This vul... | 7.7 | HIGH | — | 0 |
| CVE-2026-23529 Kafka Connect BigQuery Connector is an implementation of a sink connector from Apache Kafka to Google BigQuery. Prior to 2.11.0, there is an arbitrary file read in Google BigQuery Sink connector. Aive... | 7.7 | HIGH | — | 0 |
| CVE-2025-15068 Missing Authorization vulnerability in Gmission Web Fax allows Authentication Abuse, Session Credential Falsification through Manipulation.This issue affects Web Fax: from 3.0 before 3.0.1 | 7.7 | HIGH | — | 0 |
| CVE-2025-69217 coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additiona... | 7.7 | HIGH | — | 0 |
| CVE-2026-25157 OpenClaw is a personal AI assistant. Prior to version 2026.1.29, there is an OS command injection vulnerability via the Project Root Path in sshNodeCommand. The sshNodeCommand function constructed a s... | 7.7 | HIGH | — | 0 |
| CVE-2026-2592 The Zarinpal Gateway for WooCommerce plugin for WordPress is vulnerable to Improper Access Control to Payment Status Update in all versions up to and including 5.0.16. This is due to the payment callb... | 7.7 | HIGH | — | 0 |
| CVE-2026-22558 An Authenticated NoSQL Injection vulnerability found in UniFi Network Application could allow a malicious actor with authenticated access to the network to escalate privileges. | 7.7 | HIGH | — | 0 |
| CVE-2026-28521 arduino-TuyaOpen before version 1.2.1 contains an out-of-bounds memory read vulnerability in the TuyaIoT component. An attacker who hijacks or controls the Tuya cloud service can issue malicious DP ev... | 7.7 | HIGH | — | 0 |
| CVE-2026-20100 A vulnerability in the LUA interperter of the Remote Access SSL VPN feature of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could ... | 7.7 | HIGH | — | 0 |
| CVE-2026-31891 Cockpit is a headless content management system. Any Cockpit CMS instance running version 2.13.4 or earlier with API access enabled is potentially affected by a a SQL Injection vulnerability in the Mo... | 7.7 | HIGH | — | 0 |
| CVE-2026-26017 CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a logical vulnerability in CoreDNS allows DNS access controls to be bypassed due to the default execution order of plugins. Securi... | 7.7 | HIGH | — | 0 |
| CVE-2026-32121 OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, Stored XSS in prescription CSS/HTML print view via patient demographics. Tha... | 7.7 | HIGH | — | 0 |
| CVE-2026-2092 A flaw was found in Keycloak. Keycloak's Security Assertion Markup Language (SAML) broker endpoint does not properly validate encrypted assertions when the overall SAML response is not signed. An atta... | 7.7 | HIGH | — | 0 |
| CVE-2026-32064 OpenClaw versions prior to 2026.2.21 sandbox browser entrypoint launches x11vnc without authentication for noVNC observer sessions, allowing unauthenticated access to the VNC interface. Remote attacke... | 7.7 | HIGH | — | 0 |
| CVE-2026-21887 OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 6.8.16, the OpenCTI platform’s data ingestion feature accepts user-supplied URLs without v... | 7.7 | HIGH | — | 0 |
| CVE-2026-30953 LinkAce is a self-hosted archive to collect website links. When a user creates a link via POST /links, the server fetches HTML metadata from the provided URL (LinkRepository::create() calls HtmlMeta::... | 7.7 | HIGH | — | 0 |
| CVE-2026-21670 A vulnerability allowing a low-privileged user to extract saved SSH credentials. | 7.7 | HIGH | — | 0 |
| CVE-2026-20804 Incorrect privilege assignment in Windows Hello allows an unauthorized attacker to perform tampering locally. | 7.7 | HIGH | — | 0 |
| CVE-2025-14804 The Frontend File Manager Plugin WordPress plugin before 23.5 did not validate a path parameter and ownership of the file, allowing any authenticated users, such as subscribers to delete arbitrary fil... | 7.7 | HIGH | — | 0 |
| CVE-2026-23477 Rocket.Chat is an open-source, secure, fully customizable communications platform. In Rocket.Chat versions up to 6.12.0, the API endpoint GET /api/v1/oauth-apps.get is exposed to any authenticated use... | 7.7 | HIGH | — | 0 |
| CVE-2026-23689 Due to an uncontrolled resource consumption (Denial of Service) vulnerability, an authenticated attacker with regular user privileges and network access can repeatedly invoke a remote-enabled function... | 7.7 | HIGH | — | 0 |
| CVE-2026-21433 Emlog is an open source website building system. Versions up to and including 2.5.19 are vulnerable to server-side Out-of-Band (OOB) requests / SSRF via uploaded SVG files. An attacker can upload a cr... | 7.7 | HIGH | — | 0 |
| CVE-2026-22219 Chainlit versions prior to 2.9.4 contain a server-side request forgery (SSRF) vulnerability in the /project/element update flow when configured with the SQLAlchemy data layer backend. An authenticated... | 7.7 | HIGH | — | 0 |
| CVE-2025-61879 In Infoblox NIOS through 9.0.7, a High-Privileged User Can Trigger an Arbitrary File Write via the Account Creation Mechanism. | 7.7 | HIGH | — | 0 |
| CVE-2025-1272 The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensitiv... | 7.7 | HIGH | — | 0 |
| CVE-2026-27938 WPGraphQL provides a GraphQL API for WordPress sites. Prior to version 2.9.1, the `wp-graphql/wp-graphql` repository contains a GitHub Actions workflow (`release.yml`) vulnerable to OS command injecti... | 7.7 | HIGH | — | 0 |
| CVE-2026-27464 Metabase is an open-source data analytics platform. In versions prior to 0.57.13 and versions 0.58.x through 0.58.6, authenticated users are able to retrieve sensitive information from a Metabase inst... | 7.7 | HIGH | — | 0 |
| CVE-2022-40619 FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server over the LAN interface of affected devices. This interface is vulnerable to unauthenticate... | 7.7 | HIGH | — | 0 |
| CVE-2026-27706 Plane is an an open-source project management tool. Prior to version 1.2.2, a Full Read Server-Side Request Forgery (SSRF) vulnerability has been identified in the "Add Link" feature. This flaw allows... | 7.7 | HIGH | — | 0 |
| CVE-2022-40620 FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, does not properly validate TLS certificates when downloading update packages through its auto-update mechanism. A... | 7.7 | HIGH | — | 0 |
| CVE-2026-20049 A vulnerability in the processing of Galois/Counter Mode (GCM)-encrypted Internet Key Exchange version 2 (IKEv2) IPsec traffic of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and C... | 7.7 | HIGH | — | 0 |
| CVE-2026-25506 MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer overflow vulnerability in munged (the MUNGE authentication daem... | 7.7 | HIGH | — | 0 |
| CVE-2026-20105 A vulnerability in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an authenti... | 7.7 | HIGH | — | 0 |
| CVE-2026-27479 Wallos is an open-source, self-hostable personal subscription tracker. Versions 4.6.0 and below contain a Server-Side Request Forgery (SSRF) vulnerability in the subscription and payment logo/icon upl... | 7.7 | HIGH | — | 0 |
| CVE-2026-25958 Cube is a semantic layer for building data applications. From 0.27.19 to before 1.5.13, 1.4.2, and 1.0.14, it is possible to make a specially crafted request with a valid API token that leads to privi... | 7.7 | HIGH | — | 0 |
| CVE-2025-13523 Mattermost Confluence plugin version <1.7.0 fails to properly escape user-controlled display names in HTML template rendering which allows authenticated Confluence users with malicious display names t... | 7.7 | HIGH | — | 0 |
| CVE-2026-25153 Backstage is an open framework for building developer portals, and @backstage/plugin-techdocs-node provides common node.js functionalities for TechDocs. In versions of @backstage/plugin-techdocs-node ... | 7.7 | HIGH | — | 0 |
| CVE-2026-25116 Runtipi is a personal homeserver orchestrator. Starting in version 4.5.0 and prior to version 4.7.2, an unauthenticated Path Traversal vulnerability in the `UserConfigController` allows any remote use... | 7.6 | HIGH | — | 0 |
| CVE-2026-26322 OpenClaw is a personal AI assistant. Prior to OpenClaw version 2026.2.14, the Gateway tool accepted a tool-supplied `gatewayUrl` without sufficient restrictions, which could cause the OpenClaw host to... | 7.6 | HIGH | — | 0 |
| CVE-2026-26724 Cross Site Scripting vulnerability in Key Systems Inc Global Facilities Management Software v. 20230721a allows a remote attacker to execute arbitrary code via the selectgroup and gn parameters on the... | 7.6 | HIGH | — | 0 |
| CVE-2026-25378 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Blind SQL Injection.This issue affects Nel... | 7.6 | HIGH | — | 0 |
| CVE-2025-67102 A SQL injection vulnerability in the alldayoffs feature in Jorani up to v1.0.4, allows an authenticated attacker to execute arbitrary SQL commands via the entity parameter. | 7.6 | HIGH | — | 0 |
| CVE-2026-27013 Fabric.js is a Javascript HTML5 canvas library. Prior to version 7.2.0, Fabric.js applies `escapeXml()` to text content during SVG export (`src/shapes/Text/TextSVGExportMixin.ts:186`) but fails to app... | 7.6 | HIGH | — | 0 |
| CVE-2026-28403 Textream is a free macOS teleprompter app. Prior to version 1.5.1, the `DirectorServer` WebSocket server (`ws://127.0.0.1:<httpPort+1>`) accepts connections from any origin without validating the HTTP... | 7.6 | HIGH | — | 0 |
| CVE-2026-25418 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bitpressadmin Bit Form bit-form allows SQL Injection.This issue affects Bit Form: from n/a through... | 7.6 | HIGH | — | 0 |
| CVE-2026-25802 New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. Prior to version 0.10.8-alpha.9, a potential unsafe operation occurs in component `MarkdownRend... | 7.6 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.