Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2026-52913 2026-06-24 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: batman-adv: v: stop OGMv2 on disabled interface When a batadv_hard_iface is disabled, its mesh_iface pointer is set to…
CVE-2026-52912 2026-06-24 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_queue: hold bridge skb->dev while queued br_pass_frame_up() rewrites skb->dev from the ingress port to the bridge master…
CVE-2026-9643 2026-06-24 HIGH 7.2 The WP Meta SEO plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting via the REQUEST_URI server variable in all versions up to, and including, 4.5.18. When…
CVE-2026-9620 2026-06-24 MEDIUM 6.4 The WP Latest Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via crafted image src attributes in post content in versions up to, and including, 5.0.11.…
CVE-2026-9183 2026-06-24 MEDIUM 4.3 The 24liveblog - live blog tool plugin for WordPress is vulnerable to Exposure of Sensitive Information in versions up to, and including, 2.2. This is due to the…
CVE-2026-9179 2026-06-24 HIGH 7.5 The WP Forms Connector plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the /wp-json/wp/v3/post/list REST endpoint in versions up to and including 1.8.…
CVE-2026-8896 2026-06-24 MEDIUM 6.4 The MIR blocks and shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' attribute (and other attributes such as 'ready_animation_text') of the 'msc_stats' shortcode…
CVE-2026-8865 2026-06-24 MEDIUM 6.4 The Avalon23 Products Filter for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'avalon23_qr' shortcode in all versions up to, and including, 1.1.6. This…
CVE-2026-8622 2026-06-24 MEDIUM 6.1 The Image Sizes on Demand plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PHP_SELF Server Variable in all versions up to, and including, 1.3 due to…
CVE-2026-8617 2026-06-24 MEDIUM 5.3 The SearchPlus plugin for WordPress is vulnerable to unauthorized modification and deletion of data in versions up to, and including, 1.7.1. This is due to a missing capability…
CVE-2026-12417 2026-06-24 CRITICAL 9.8 The SignUp & SignIn plugin for WordPress is vulnerable to Authentication Bypass via Weak Password Reset Validation leading to Account Takeover in versions up to, and including, 1.0.0.…
CVE-2026-12416 2026-06-24 CRITICAL 9.8 The Invoice Generator plugin for WordPress is vulnerable to Account Takeover via Password Reset in all versions up to, and including, 1.0.0. This is due to the `pravel_invoice_change_password()`…
CVE-2026-11370 2026-06-24 MEDIUM 6.4 The WP Meta SEO plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.5.18 via the 'new_link' parameter. This makes it…
CVE-2026-10552 2026-06-24 MEDIUM 4.3 The Blue Captcha plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 2.0.1. This is due to missing or incorrect nonce validation…
CVE-2026-54012 2026-06-23 HIGH 7.1 Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI lets a user who can create, update, or import workspace…
CVE-2026-54010 2026-06-23 HIGH 8.3 Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI lets an authenticated user attach arbitrary file_id values to their…
CVE-2026-48519 2026-06-23 CRITICAL 9.6 Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, the "Shareable Playground" (or "Public Flows" in code) contains a critical RCE vulnerability.…
CVE-2026-33760 2026-06-23 HIGH 8.8 Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.0, Langflow's /api/v1/monitor router exposes 7 endpoints that perform read, write, and delete operations…
CVE-2026-11374 2026-06-23 CRITICAL 9.0 In ManageEngine ADSelfService Plus, RecoveryManager Plus, M365 Manager Plus, and ADAudit Plus, the SSO tickets generated to authenticate that session could be predicted by an unauthenticated user, leading…
CVE-2020-9695 2026-06-23 HIGH 7.8 Acrobat Reader versions 2020.009.20074, 2020.001.30002, 2017.011.30171, 2015.006.30523 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the…
CVE-2026-9073 2026-06-23 MEDIUM 6.2 A flaw was found in foreman-mcp-server. This component utilizes two distinct logging mechanisms that can expose sensitive session and authentication data. One mechanism logs session identifiers, which are…
CVE-2026-12112 2026-06-23 HIGH 7.8 A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauthenticated attackers to hijack active administrative sessions due to an improper cache…
CVE-2026-11807 2026-06-23 CRITICAL 9.6 A missing authorization vulnerability was found in the Event-Driven Ansible (EDA) websocket API. The /api/eda/ws/ansible-rulebook endpoint does not verify user permissions when processing Worker messages. Any authenticated user…
CVE-2026-48493 2026-06-23 MEDIUM 5.5 Snipe-IT is an IT asset/license management system. In versions prior to 8.6.0, a user with only users.edit can send a PATCH to /api/v1/users/{their_own_id} and grant themselves any permission…
CVE-2026-56120 2026-06-23 N/A 0.0 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it's a duplicate of CVE-2026-56784.
CVE-2026-56784 2026-06-23 HIGH 8.1 OpenRemote before 1.25.0 contains an insecure direct object reference (IDOR) vulnerability in the bulk alarm deletion endpoint that allows authenticated users to permanently delete alarms belonging to other…
CVE-2026-54517 2026-06-23 MEDIUM 5.3 jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.21.0 until 2.21.4 and 3.1.4, in BeanDeserializer._deserializeUsingPropertyBased, the active-view (@JsonView) filter was applied only to…
CVE-2026-54514 2026-06-23 MEDIUM 5.3 jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.0.0 until 2.18.8, 2.21.4, and 3.1.4, JDKFromStringDeserializer constructed InetSocketAddress with new InetSocketAddress(host, port), which performs…
CVE-2026-54513 2026-06-23 HIGH 8.1 jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.10.0 until 2.18.8, 2.21.4, and 3.1.4, BasicPolymorphicTypeValidator.Builder.allowIfSubTypeIsArray() allowlists any array type based only on clazz.isArray(),…
CVE-2026-54512 2026-06-23 HIGH 8.1 jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.10.0 until 2.18.8, 2.21.4, and 3.1.4, jackson-databind's PolymorphicTypeValidator (PTV) is the primary safety mechanism guarding…
CVE-2026-54325 2026-06-23 MEDIUM 4.4 Pi is a minimal terminal coding harness. Pi before 0.79.0 loaded project-local configuration and resources from a repository's .pi directory without first asking the user to trust that…
CVE-2026-53931 2026-06-23 N/A 0.0 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the spreadsheet-import endpoint axiosRequestMake could be used as a generic HTTP proxy. Before the fix it was…
CVE-2026-53929 2026-06-23 N/A 0.0 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, with NC_SECURE_ATTACHMENTS=true, an authenticated uploader could deliver .html or .svg attachments that the browser rendered inline from…
CVE-2026-53926 2026-06-23 N/A 0.0 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, revokeAllOAuthTokensByUser in the users service is an empty stub being called from passwordChange, passwordForgot, and passwordReset. OAuth…
CVE-2026-50193 2026-06-23 N/A 0.0 jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.13.0 until 2.14.0, a potential Denial-of-Service exists when attacker sends deeply nested JSON if (and…
CVE-2026-52844 2026-06-23 HIGH 7.5 Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, on Windows, Caddy path matchers treat /private\secret.txt as outside /private/*, but file_server later resolves…
CVE-2026-47388 2026-06-23 N/A 0.0 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, a low-privilege MCP token holder with knowledge of an attachment path could read any file in shared…
CVE-2026-47386 2026-06-23 N/A 0.0 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, two concurrent token-exchange requests using the same OAuth authorization code could each mint a distinct valid (access_token,…
CVE-2026-47383 2026-06-23 N/A 0.0 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, an authenticated commenter could store HTML in row comments that executed as script when other users hovered…
CVE-2026-47381 2026-06-23 N/A 0.0 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, a user in one workspace could exercise another workspace's integration through the testConnection endpoint by supplying its…
CVE-2026-47378 2026-06-23 N/A 0.0 NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, Public shared-view endpoints exposed values from columns that the view owner had hidden, via three independent paths:…
CVE-2026-47377 2026-06-23 N/A 0.0 NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the client-side hashRedirect plugin called window.location.replace() on a path extracted from the URL hash fragment after only…
CVE-2026-47375 2026-06-23 MEDIUM 6.0 NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, an authenticated user with columnAdd permission on a Postgres-backed base can inject arbitrary SQL into the formula…
CVE-2026-46553 2026-06-23 N/A 0.0 NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the upload-by-URL path did not enforce NC_ATTACHMENT_FIELD_SIZE against either the remote file's advertised Content-Length or the decoded…
CVE-2026-46552 2026-06-23 MEDIUM 5.8 NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, shared-base sessions were granted the same base-member capabilities as authenticated viewers. Using only the shared-base UUID (xc-shared-base-id),…
CVE-2026-46550 2026-06-23 MEDIUM 5.4 NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the refresh-token cookie was set with httpOnly: true but missing both the secure flag and the sameSite…
CVE-2026-46547 2026-06-23 MEDIUM 6.1 NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, a reflected XSS vulnerability exists in the Page Leaving Warning page. The ncRedirectUrl and ncBackUrl query parameters…
CVE-2026-41862 2026-06-23 HIGH 8.8 Spring Statemachine's Kryo-based persistence backends (JPA, MongoDB, Redis and ZooKeeper) deserialise persisted state-machine contexts without enforcing a class allowlist (CWE-502, deserialisation of untrusted data), which can lead to…
CVE-2026-23513 2026-06-23 N/A 0.0 FOSSBilling is a free, open-source billing and client management system. In versions 0.7.2 and prior, a query-construction flaw in client list endpoints allowed authenticated clients to bypass tenant…
CVE-2026-39253 2026-06-23 HIGH 8.1 An issue in Pivotal CRM v.6.6.04.08 allows a remote attacker to execute arbitrary code via the Pivotal.Core.Common.dll and Pivotal.Engine.Client.Services.Conversion.dll components.
« Anterior Página 38 de 4510 Siguiente »