Fallos del tipo CWE-94

3799 resultados
CVE-2026-45353CRITICALelecterm: Local code through electerm's single-instance socketEPSS 0.1%CVE-2025-59042HIGHPyInstaller has local privilege escalation vulnerabilityEPSS 0.1%CVE-2026-31252MEDIUMCosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e (2025-30-21) contains an insecure deserialization vulnerability (CWE-502) in EPSS 0.1%CVE-2022-33725MEDIUMA vulnerability using PendingIntent in Knox VPN prior to SMR Aug-2022 Release 1 allows attackers to access content providers with system priEPSS 0.1%CVE-2022-23426MEDIUMA vulnerability using PendingIntent in DeX Home and DeX for PC prior to SMR Feb-2022 Release 1 allows attackers to access files with system EPSS 0.1%CVE-2026-40602MEDIUMhass-cli: Handling of user-supplied Jinja2 templatesEPSS 0.1%CVE-2021-25411Improper address validation vulnerability in RKP api prior to SMR JUN-2021 Release 1 allows root privileged local attackers to write read-onEPSS 0.1%CVE-2022-33721MEDIUMA vulnerability using PendingIntent in DeX for PC prior to SMR Aug-2022 Release 1 allows attackers to access files with system privilege.EPSS 0.1%CVE-2026-59833HIGHSiYuan: Stored XSS to RCE in SiYuan via a per-attribute URL-scheme sanitizer gap in Lute (form action / SVG xlink:href)EPSS CVE-2026-59826CRITICALMetabase: Arbitrary Code Execution via Database Connection Detail BypassEPSS CVE-2026-59216HIGHOpen WebUI: Cross-user code-interpreter and tool execution via unvalidated Socket.IO event-caller session_idEPSS CVE-2026-54769CRITICALLangroid: Sandbox Escape to Remote Code Execution via Incomplete `eval()` Mitigation in TableChatAgentEPSS CVE-2026-15202MEDIUMYzmCMS Header yzmphp.php get_url cross site scriptingEPSS CVE-2026-15311MEDIUMNousResearch hermes-agent Matrix Adapter matrix.py MatrixAdapter._markdown_to_html cross site scriptingEPSS CVE-2026-59856HIGHVim: Arbitrary Code Execution via PHP Omni-CompletionEPSS CVE-2026-59858HIGHVim: Arbitrary Code Execution via C Omni-CompletionEPSS CVE-2026-15187MEDIUMenquirer Public Package API Enquirer.set prototype pollutionEPSS CVE-2026-15321MEDIUMMyEMS Admin Backend svg.py on_post cross site scriptingEPSS CVE-2026-15195MEDIUMapidevtools json-schema-ref-parser pointer.ts Pointer.set prototype pollutionEPSS