Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2026-6331 2026-06-25 N/A 0.0 HMAC zero-length tag forgery in EVP_DigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility HMAC verify path the supplied signature length…
CVE-2026-6330 2026-06-25 N/A 0.0 The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time…
CVE-2026-6329 2026-06-25 N/A 0.0 PKCS#12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS#12 verify path compared…
CVE-2026-6325 2026-06-25 N/A 0.0 Out-of-bounds write in SetSuitesHashSigAlgo when processing an oversized signature algorithms list, allowing a write past the bounds of the destination buffer.
CVE-2026-6092 2026-06-25 N/A 0.0 When HAVE_ENCRYPT_THEN_MAC is configured, the implementation could fall back to MAC-then-Encrypt rather than enforcing Encrypt-then-MAC.
CVE-2026-55962 2026-06-25 N/A 0.0 TLS 1.3 post-handshake authentication (PHA) issue where a server could accept a client's Finished message without the client having sent a Certificate and CertificateVerify. The post-handshake-auth exemption that…
CVE-2026-11703 2026-06-25 N/A 0.0 Missing SNI/ALPN binding on stateful (session-ID) resumption, which previously skipped the binding check performed for ticket-based resumption. A cached session could be resumed under a different SNI/ALPN than…
CVE-2026-10098 2026-06-25 N/A 0.0 OCSP CertID serial-number length-confusion in wolfSSL_OCSP_resp_find_status allows a same-issuer SingleResponse whose serial is a prefix of the target serial to be reported as the revocation status of a…
CVE-2026-48936 2026-06-26 LOW 3.3 A flaw in Node.js Permission API can cause a local server to be started (via a Unix domain socket), even without the `--allow-net` permission. This vulnerability affects one…
CVE-2026-55686 2026-06-26 MEDIUM 5.3 Podman is a tool for managing OCI containers and pods. From 3.0.0 until 5.7.1, running a malicious container image where the WORKDIR path contains a symlink can create…
CVE-2026-48090 2026-06-26 MEDIUM 5.9 Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, the HTTP OAuth2 filter (envoy.filters.http.oauth2) can leave an in-flight…
CVE-2026-47220 2026-06-26 HIGH 7.5 Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, when the %REQUESTED_SERVER_NAME(X:Y)% is used in log format and…
CVE-2026-48497 2026-06-26 MEDIUM 5.9 Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, in cases where UDP DNS filter is configured…
CVE-2026-48044 2026-06-26 HIGH 7.5 Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.23.0 until 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a vulnerability has been identified in Envoy's…
CVE-2026-47221 2026-06-26 MEDIUM 5.9 Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.18.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, the router filter contains a null pointer…
CVE-2026-47207 2026-06-26 MEDIUM 6.5 Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, Envoy crashes if an ext_proc server sends…
CVE-2026-48743 2026-06-26 HIGH 7.5 Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, Envoy can translate a downstream HTTP/3 request that…
CVE-2026-48042 2026-06-26 HIGH 7.5 Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, destructor of JSON Object results in stack overflow…
CVE-2026-47775 2026-06-26 MEDIUM 6.8 Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, the OAuth2 HTTP filter's encrypt()/decrypt() functions use AES-256-CBC…
CVE-2026-47204 2026-06-26 MEDIUM 6.5 Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.26.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, the envoy.filters.http.grpc_stats filter crashes (null pointer dereference…
CVE-2026-57518 2026-06-26 HIGH 8.8 Pagekit CMS 1.0.18 contains a privilege escalation vulnerability that allows authenticated users with the 'user: manage users' permission to escalate privileges by assigning arbitrary custom roles to themselves…
CVE-2026-57915 2026-06-26 HIGH 7.3 It is possible to bypass the Kerberos pre-authentication check in Apache Kerby by sending a PA-DATA with an unrecognized or unsupported type. Users are recommended to upgrade to…
CVE-2026-57914 2026-06-26 MEDIUM 6.5 By sending a deeply nested ASN1 structure to a Apache Kerby client or service, it's possible to trigger a StackOverFlow Exception which can lead to denial of service…
CVE-2026-56823 2026-06-26 MEDIUM 5.4 AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to , the `POST /api/integrations/webhooks/{webhook_id}/ping` endpoint fetches the target webhook by primary…
CVE-2026-56663 2026-06-26 HIGH 8.5 AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.52, an authenticated user can bypass the SSRF / private-IP protections…
CVE-2026-49486 2026-06-26 HIGH 7.5 The Apache Airflow FTP provider's `FTPSHook.get_conn()` created an `ftplib.FTP_TLS` connection but never called `prot_p()`, so although the control channel was TLS-protected the data channel was transmitted in cleartext.…
CVE-2026-45408 2026-06-26 CRITICAL 9.0 Dokku is a docker-powered PaaS. Prior to 0.38.2, the app name validation regex (^[a-z0-9][^/:_A-Z]*$) permits shell metacharacters. When an authenticated user pushes to a git remote with a…
CVE-2026-45407 2026-06-26 MEDIUM 5.0 Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:auth command creates $DOKKU_ROOT/.netrc using bash's touch command, which applies the default umask of 0644. This pre-creation defeats the…
CVE-2026-45406 2026-06-26 CRITICAL 9.0 Dokku is a docker-powered PaaS. Prior to 0.38.2, the openresty-vhosts plugin copies files from an app's openresty/http-includes/ git repository directory to the host and then interpolates their filenames,…
CVE-2026-40082 2026-06-25 MEDIUM 5.4 Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have missing session_regenerate_id() after login, leading to Session Fixation. session_regenerate_id() is NOT called after…
CVE-2025-64152 2026-06-26 CRITICAL 9.1 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.6, from 2.0.0 before 2.0.7.…
CVE-2026-13325 2026-06-26 HIGH 8.5 A flaw was found in KubeVirt's migration proxy. When spec.configuration.migrations.disableTLS is set to true on the KubeVirt custom resource, the target virt-handler binds a plain TCP listener on…
CVE-2025-71335 2026-06-25 HIGH 8.1 Flowise before 3.0.10 (affected versions 3.0.7 and earlier) fails to invalidate existing sessions and session tokens after a user changes their password. An attacker who already holds an…
CVE-2025-55017 2026-06-26 CRITICAL 9.1 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 2.0.0 before 2.0.6, from 1.0.0 before 1.3.6.…
CVE-2026-54636 2026-06-26 CRITICAL 9.0 Dokku is a docker-powered PaaS. Prior to 0.38.7, the cron plugin utilizes commands in the app.json file to manage system cron running as the Dokku user. An app.json…
CVE-2020-37256 2026-06-25 MEDIUM 5.4 Grav before 1.6.30 contains a cross-site scripting vulnerability in the Admin plugin page editor default security configuration. Privileged users with page editing capabilities can inject malicious scripts to…
CVE-2026-45256 2026-06-26 MEDIUM 5.5 When used to deliver a signal to a specific thread, thr_kill2(2) called p_cansignal() to determine whether the operation was permitted but did not check the result before delivering…
CVE-2026-45405 2026-06-26 CRITICAL 9.0 Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:from-archive and certs:add commands extract user-supplied tar/zip archives into temporary directories without sanitizing member paths or preventing symlink traversal.…
CVE-2026-10592 2026-06-25 MEDIUM 5.3 Certificates with wildcard DNS SANs (e.g. *.example.com) bypassed CA name-constraint checks. A certificate with a wildcard DNS SAN that should be rejected by the issuing CA's permitted/excluded DNS…
CVE-2026-11310 2026-06-25 HIGH 7.5 X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier (wolfSSL_X509_verify_cert()). This affects only builds with --enable-opensslextra (OPENSSL_EXTRA) and whose application validates certificates by calling X509_verify_cert() with caller-supplied untrusted…
CVE-2026-12340 2026-06-25 HIGH 7.5 Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Identifier computation reads the trailing 65 bytes of the…
CVE-2026-55958 2026-06-25 HIGH 7.5 Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsip_StoreMessage() the capacity check guarding the fixed message bag (MSGBAG_SIZE) sets an error code but fails to…
CVE-2026-55960 2026-06-25 HIGH 7.5 Un-negotiated Raw Public Key (RFC 7250) accepted in place of an X.509 certificate, bypassing chain validation. A raw public key has no chain, so ParseCertRelative() accepts it without…
CVE-2026-55964 2026-06-25 MEDIUM 5.3 Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA. Intermediate CA certificates are required to have the keyCertSign key usage when a Key Usage extension is present,…
CVE-2026-57663 2026-06-26 HIGH 8.5 Contributor SQL Injection in Recipe Maker For Your Food Blog from Zip Recipes
CVE-2026-57657 2026-06-26 MEDIUM 4.3 Unauthenticated Cross Site Request Forgery (CSRF) in Gmail SMTP
CVE-2026-57651 2026-06-26 MEDIUM 6.5 Contributor Cross Site Scripting (XSS) in Ghost Kit
CVE-2026-57645 2026-06-26 HIGH 8.1 newsletters_subscribers Broken Access Control in Newsletters
CVE-2026-57638 2026-06-26 MEDIUM 6.5 Contributor Cross Site Scripting (XSS) in Fluent Booking
CVE-2026-57632 2026-06-26 MEDIUM 5.4 Subscriber Broken Access Control in Email Marketing for WooCommerce by Omnisend
« Anterior Página 6 de 4502 Siguiente »