Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2026-56053 2026-06-25 HIGH 8.8 Subscriber PHP Object Injection in EventPrime
CVE-2026-56014 2026-06-25 HIGH 7.1 Unauthenticated Cross Site Scripting (XSS) in Master Slider
CVE-2026-54845 2026-06-25 HIGH 8.1 Unauthenticated Local File Inclusion in MDTF
CVE-2026-54836 2026-06-25 CRITICAL 9.3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YMC Filter allows SQL Injection. This issue affects YMC Filter: from n/a through 3.11.5.
CVE-2026-54821 2026-06-25 HIGH 7.4 Subscriber Sensitive Data Exposure in Visual Link Preview
CVE-2026-12079 2026-06-25 MEDIUM 6.5 The Dokan Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ’orderby’ parameter in all versions up to, and including, 5.0.4 due to insufficient escaping…
CVE-2026-56774 2026-06-25 MEDIUM 5.4 Kanboard through 1.2.52, fixed in commit 928c68a, UserViewController::removeSession fails to validate the session id parameter before passing it to RememberMeSessionModel::remove, allowing authenticated users to delete other users' Remember…
CVE-2026-56767 2026-06-25 HIGH 8.8 Maxun before 0.0.42 contains a cross-tenant insecure direct object reference vulnerability in storage and webhook API handlers that allows authenticated users to access other users' robots and OAuth…
CVE-2026-57520 2026-06-25 HIGH 7.1 Bitwarden Server before 2026.5.0 contains a privilege escalation vulnerability that allows authenticated Custom users with ManageUsers permission to remove Admin accounts from an organization by exploiting a missing…
CVE-2026-54573 2026-06-25 N/A 0.0 Outline is a service that allows for collaborative documentation. Prior to 1.8.0, the AuthenticationHelper.canAccess function uses ctx.originalUrl to verify if an API key or OAuth token has the…
CVE-2026-55477 2026-06-25 HIGH 7.2 3X-UI is a web control panel for managing Xray-core servers. Prior to 3.3.1, an authenticated administrator can abuse the database import functionality to achieve arbitrary file write on…
CVE-2026-54448 2026-06-25 N/A 0.0 Trivy is a security scanner. Prior to 0.71.0, when Trivy scans a Helm chart archive (.tgz), its custom tar unpacker reads each entry with io.ReadAll(tr) and no size…
CVE-2026-39894 2026-06-24 LOW 2.9 Cacti is an open source performance and fault management framework. In versions 1.2.30 and below, the locale-dependent decimal formatting in rrdtool_function_update() can corrupt RRDtool metric values. The rrdtool_function_update()…
CVE-2026-54917 2026-06-25 N/A 0.0 SeaweedFS is a distributed storage system for object storage (S3), file systems, and Iceberg tables. Prior to 4.30, the S3 API gateway and the Iceberg REST catalog gateway…
CVE-2026-4930 2026-06-25 N/A 0.0 SYMCRYPTO is the SiXG301's host side hardware engine accessed by PSA crypto library that accelerates symmetric cryptographic operations (AES encryption/decryption and hashing). DPA Countermeasures on SYMCRYPTO can be…
CVE-2026-28898 2026-06-25 MEDIUM 5.3 swift-nio-http2's HTTP/2-to-HTTP/1.1 codec did not validate pseudo-header values for control characters before placing them into the translated HTTP/1.1 message. swift-nio-http2 1.44.1 adds validation of all pseudo-header values (:path,…
CVE-2026-12844 2026-06-25 HIGH 7.5 List::SomeUtils::XS versions before 0.59 for Perl have a heap buffer overflow in the pairwise function. pairwise() collects the values returned by the block into a heap buffer sized…
CVE-2026-12921 2026-06-25 N/A 0.0 In AzeoTech DAQFactory versions 21.1 and prior, a Use After Free vulnerability can be exploited by an attacker using specially crafted .ctl files which can result in code…
CVE-2026-12897 2026-06-25 N/A 0.0 Horner Automation Cscape versions prior to 10.2 SP3 are vulnerable to an Out-of-Bounds Read vulnerability through parsing CSP files. Successful exploitation of this vulnerability could allow an attacker…
CVE-2026-4522 2026-06-25 N/A 0.0 Missing authentication for critical function vulnerability in HYPR Passwordless on Windows allows Credentials Interception. This issue affects HYPR Passwordless: before 11.1.1.
CVE-2026-6432 2026-06-25 N/A 0.0 Improper bounds validation in EmberZNet SDK versions 9.0.2 and earlier may result in crashes or dynamic memory leakage.
CVE-2026-57700 2026-06-25 CRITICAL 10.0 Unrestricted Upload of File with Dangerous Type vulnerability in Daan.Dev OMGF Pro allows Using Malicious Files. This issue affects OMGF Pro: from n/a through 5.2.6.
CVE-2026-13350 2026-06-25 N/A 0.0 Permissions where checked incorrectly during room creation, allowing attackers to create rooms of types they shouldn't be allowed to create.
CVE-2026-54250 2026-06-25 MEDIUM 5.8 K3s is a fully conformant production-ready Kubernetes distribution. Prior to 1.35.3+k3s1, 1.34.6+k3s1, v1.33.10+k3s1, a path traversal vulnerability exists in K3s's etcd snapshot decompression functionality. Zip files containing archive…
CVE-2026-54096 2026-06-25 HIGH 8.4 File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.7, `POST /api/share/` accepts an authenticated request…
CVE-2026-54094 2026-06-25 HIGH 7.5 File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.14, it does not stop the HTTP…
CVE-2026-54093 2026-06-25 N/A 0.0 File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.6, filebrowser builds the download-as-zip / download-as-tar…
CVE-2026-54091 2026-06-25 HIGH 7.5 File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.6, File Browser's public share handlers rebase…
CVE-2026-54089 2026-06-25 CRITICAL 9.1 File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Starting with 2.0.0-rc.1, when FileBrowser is configured with proxy…
CVE-2026-54088 2026-06-25 N/A 0.0 File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.6, the Hook Authentication feature in File…
CVE-2026-53925 2026-06-25 HIGH 7.8 Glances is an open-source system cross-platform monitoring tool. From 4.0.8 until 4.5.5, the secure_popen() function in glances/secure.py interprets > (file redirection), | (pipe), and && (command chaining) operators…
CVE-2026-46608 2026-06-25 HIGH 7.4 Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, the Glances XML-RPC server (glances -s) introduced a configurable CORS origin list in version 4.5.3 as a…
CVE-2026-46607 2026-06-25 HIGH 7.8 Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, glances/outdated.py uses pickle.load() to read a version-check cache file stored at a predictable, world-accessible path (~/.cache/glances/glances-version.db or…
CVE-2026-46606 2026-06-25 HIGH 7.8 Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, the Glances KVM/QEMU monitoring engine (glances/plugins/vms/engines/virsh.py) passes VM domain names, read directly from virsh list --all output,…
CVE-2026-55439 2026-06-25 MEDIUM 5.5 Halo is an open source website building tool. Prior to 2.24.3, a path traversal vulnerability in the backup download endpoint allows authenticated administrators to read arbitrary files from…
CVE-2026-56779 2026-06-25 MEDIUM 6.4 MaxKB before 2.10.0 contains a server-side request forgery vulnerability in tool creation and update endpoints that allows authenticated users to make arbitrary server requests by supplying unvalidated downloadCallbackUrl…
CVE-2026-56772 2026-06-25 MEDIUM 4.3 NewsBlur before 14.5.0 contains a broken access control vulnerability that allows authenticated users to read private notification feeds by supplying arbitrary user_id values to the GET /social/interactions endpoint…
CVE-2026-56769 2026-06-25 HIGH 8.5 Huly Platform through 0.7.423, fixed in commit 68cbf8a contains an authenticated server-side request forgery vulnerability in the /import endpoint of front pod that allows workspace users to make…
CVE-2026-56766 2026-06-25 HIGH 8.8 Hydra through 9.7, fixed in commit 9cc84c2, contains a stack buffer overflow in NTLM authentication across SMTP, POP3, IMAP, NNTP, HTTP, HTTP-Proxy, and HTTP-Proxy-Urlenum modules when processing malicious…
CVE-2026-56770 2026-06-25 HIGH 7.5 libais through 0.15 VdmStream::AddLine uses an unchecked sentinel value as a vector index when processing AIS sentences with empty or out-of-range sequential message IDs. Remote attackers can crash…
CVE-2026-56768 2026-06-25 HIGH 8.8 Seahub before 13.0.23 does not enforce SHARE_LINK_LOGIN_REQUIRED on GET /api/v2.1/share-link-zip-task/, allowing unauthenticated users to bypass authentication. Attackers with a folder share-link token can call the GET endpoint to…
CVE-2026-45233 2026-06-25 HIGH 8.1 HTMLy CMS through 3.1.1 contains a path traversal vulnerability that allows low-privileged authenticated attackers to relocate arbitrary files by supplying directory traversal sequences in the oldfile parameter at…
CVE-2026-56122 2026-06-25 HIGH 7.5 Winstone Servlet Engine through 0.9.10 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by sending HTTP GET requests with dot-dot-slash sequences that are…
CVE-2026-47110 2026-06-24 MEDIUM 6.5 Tiptap for PHP before version 2.1.1 contains an input validation vulnerability that allows authenticated attackers to cause a denial of service by submitting Tiptap JSON with the attrs.href…
CVE-2026-6291 2026-06-25 N/A 0.0 Bleichenbacher padding oracle in PKCS#7 KTRI decryption. When decrypting PKCS#7 EnvelopedData using RSA PKCS#1 v1.5 key transport, wolfSSL returned distinguishable error codes depending on whether RSA padding validation…
CVE-2026-6094 2026-06-25 N/A 0.0 Heap buffer overread in wc_PKCS7_DecodeEnvelopedData when parsing crafted PKCS7 EnvelopedData. This could theoretically be triggered by attacker-supplied data delivered via S/MIME or CMS.
CVE-2026-6091 2026-06-25 N/A 0.0 Partial-chain certificate verification may accept chains that terminate at a peer-supplied, untrusted intermediate certificate rather than a trusted anchor. An attacker could present a chain that ends at…
CVE-2026-55967 2026-06-25 N/A 0.0 AES-GCM encryption/decryption with extremely large cumulative single message sizes (>64 GiB) were not properly rejected by the streaming APIs, allowing counter wrap, keystream reuse, and consequent plaintext recovery.
CVE-2026-55961 2026-06-25 N/A 0.0 wolfSSL_PKCS7_verify() returning success for a degenerate (certs-only) PKCS#7 object that contains no signer. Such an object has empty signerInfos, so the underlying signed-data verification succeeds without authenticating any…
CVE-2026-55700 2026-06-25 HIGH 7.1 pnpm is a package manager. From 11.3.0 until 11.5.3, `pnpm stage download` derived a local filename from registry-controlled package name and version fields. A crafted manifest could escape…
« Anterior Página 12 de 4502 Siguiente »