Fallos del tipo CWE-862

6960 resultados
CVE-2026-53866HIGHOpenClaw < 2026.5.12 - Allowlist Bypass in Shell Inline-Command ParsingEPSS 0.3%CVE-2026-50026MEDIUMFrappe: Lack of permissions checks in 'relink' and 'set_email_password' endpointsEPSS 0.3%CVE-2026-42226HIGHn8n: Credential Authorization Bypass in dynamic-node-parameters Allows Foreign API Key ReplayEPSS 0.3%CVE-2026-45350HIGHOpen WebUI: Chat completion API allows tool restrictions to be bypassedEPSS 0.3%CVE-2026-0511HIGHMultiple vulnerabilities in SAP Fiori App (Intercompany Balance Reconciliation)EPSS 0.3%CVE-2025-22280HIGHWordPress DefendWP Firewall Plugin <= 1.1.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-26741HIGHPX4 Autopilot versions 1.12.x through 1.15.x contain a logic flaw in the mode switching mechanism. When switching from Auto mode to Manual mEPSS 0.3%CVE-2025-22770MEDIUMWordPress Envo Multipurpose theme <= 1.1.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-57622MEDIUMWordPress WPCafe plugin <= 3.0.14 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-3964MEDIUMwithstars Books-Management-System Article del cross-site request forgeryEPSS 0.3%CVE-2026-6834HIGHaEnrich|a+HRD - Missing AuthorizationEPSS 0.3%CVE-2026-24575MEDIUMWordPress WishList Member X plugin <= 3.29.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-31878MEDIUMWordPress UPC/EAN/GTIN Code Generator plugin <= 2.0.2 - Settings Change vulnerabilityEPSS 0.3%CVE-2025-4571MEDIUMGiveWP – Donation Plugin and Fundraising Platform <= 4.3.0 - Missing Authorization To Authenticated (Contributor+) Campaign Data View And ModificationEPSS 0.3%CVE-2025-3979MEDIUMdazhouda lecms Password Change index.php cross-site request forgeryEPSS 0.3%CVE-2026-59227MEDIUMOpen WebUI: POST /api/v1/images/edit bypasses the global image-edit switch and the per-user image-generation permissionEPSS 0.3%CVE-2025-62944MEDIUMWordPress MSTW CSV EXPORTER plugin <= 1.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-15235HIGHQuanta Computer|QOCA aim AI Medical Cloud Platform - Missing AuthorizationEPSS 0.3%CVE-2025-3959MEDIUMwithstars Books-Management-System reader_delete.html cross-site request forgeryEPSS 0.3%CVE-2025-31879MEDIUMWordPress Barcode Generator for WooCommerce plugin <= 2.0.4 - Settings Change vulnerabilityEPSS 0.3%