Fallos del tipo CWE-470
48 resultadosCVE-2026-48517MEDIUMMessagePack-CSharp: Typeless deserialization type restrictions do not recurse into arrays or generic argumentsEPSS 0.2%CVE-2026-57284MEDIUMJenkins Pipeline: Groovy Plugin 4331.v9d06ed4658ff and earlier does not restrict the types that can be instantiated through the Pipeline SniEPSS 0.2%CVE-2024-8048HIGHTelerik Reporting Insecure Expression EvaluationEPSS 0.2%CVE-2026-48817MEDIUMStarlette: Arbitrary HTTP method dispatched to `HTTPEndpoint` attributes via `getattr`EPSS 0.2%CVE-2024-1574MEDIUMUse of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in the licensing feature of Mitsubishi ElecEPSS 0.2%CVE-2018-25239MEDIUMSmart VPN 1.1.3.0 Denial of Service via SearchEPSS 0.2%CVE-2023-35680—In multiple locations, there is a possible way to import contacts belonging to other users due to a confused deputy. This could lead to locaEPSS 0.1%CVE-2023-0460MEDIUMRemote code execution in YouTube Android Player API SDKEPSS 0.1%