Fallos del tipo CWE-346
379 resultadosCVE-2026-6657MEDIUMCORS Origin Validation Bypass in jupyter-serverEPSS 0.1%CVE-2026-41057HIGHAVideo has CORS Origin Reflection Bypass via plugin/API/router.php and allowOrigin(true) that Exposes Authenticated API ResponsesEPSS 0.1%CVE-2026-11309MEDIUMInsufficient policy enforcement in History in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crEPSS 0.1%CVE-2021-26735MEDIUMUntrusted Search Path While Executing REG DELETE by UninstallerEPSS 0.1%CVE-2026-22030MEDIUMReact Router has CSRF issue in Action/Server Action Request ProcessingEPSS 0.1%CVE-2026-41342HIGHOpenClaw < 2026.3.28 - Unauthenticated Discovery Endpoint Credential Exfiltration via Remote OnboardingEPSS 0.1%CVE-2026-46728HIGHDas U-Boot before 2026.04 allows FIT (Flat Image Tree) signature verification bypass because hashed-nodes is omitted from a hash.EPSS 0.1%CVE-2026-10010MEDIUMInappropriate implementation in Input in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the EPSS 0.1%CVE-2025-61740HIGHJohnson Controls IQ Panels2, 2+, IQHub, IQPanel 4, PowerG Origin Validation ErrorEPSS 0.1%CVE-2026-20893HIGHOrigin validation error issue exists in Fujitsu Security Solution AuthConductor Client Basic V2 2.0.25.0 and earlier. If this vulnerability EPSS 0.1%CVE-2023-47197HIGHAn origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affecteEPSS 0.1%CVE-2023-47199HIGHAn origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affecteEPSS 0.1%CVE-2023-47200HIGHA plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privilEPSS 0.1%CVE-2023-47198HIGHAn origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affecteEPSS 0.1%CVE-2026-34777MEDIUMElectron: Incorrect origin passed to permission request handler for iframe requestsEPSS 0.1%CVE-2023-47194HIGHAn origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affecteEPSS 0.1%CVE-2023-47195HIGHAn origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affecteEPSS 0.1%CVE-2023-47196HIGHAn origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affecteEPSS 0.1%CVE-2026-44184HIGHCleanuparr: Reflective CORS combined with trusted-network auth allows cross-origin admin API readsEPSS 0.1%CVE-2026-41393MEDIUMOpenClaw < 2026.3.31 - Arbitrary DNS Authority Acceptance and Credential Exfiltration via Wide-Area DiscoveryEPSS 0.1%