Búsqueda de CVEs

364.842 resultados
CVE-2026-25119HIGHGogs: Authentication Bypass via Unvalidated Reverse Proxy HeadersEPSS 0.9%CVE-2026-52795MEDIUMGogs: Authorization Bypass in Watch API allows any user to monitor private repository activityEPSS 0.2%CVE-2025-64719MEDIUMGogs: Denial of Service in repository/wiki file listing web pagesEPSS 0.4%CVE-2026-52815MEDIUMGogs: Unauthenticated Organization Teams Information Disclosure via APIEPSS 1.6%CVE-2026-50129HIGHMastodon: Persistent anonymous DoS via unhandled NoMethodError in MATH_TRANSFORMEREPSS 0.3%CVE-2026-50128MEDIUMMastodon: Spoofing of attribution domainsEPSS 0.1%CVE-2026-1840HIGHMissing authentication for critical function in Hubbell Aclara Metrum Cellular Web InterfaceEPSS 0.7%CVE-2026-7539HIGHHP Dock Accessory WMI Provider Installer Security UpdateEPSS 0.1%CVE-2026-48028MEDIUMMastodon: Removal of integrity-protected JSON entries from signed activitiesEPSS 0.1%CVE-2026-47389HIGHMastodon: SSRF protection bypass on older Ruby versionsEPSS 0.2%CVE-2026-46349MEDIUMMastodon: LD-Signature Bypass via JSON-LD Named-Graph RestructuringEPSS 0.2%CVE-2026-46348HIGHMastodon: SSRF Bypass via IPv6 Unspecified Address (::)EPSS 0.3%CVE-2026-27708HIGHFOSSBilling: IDOR in Servicecustom Client API allows cross-client data accessEPSS 0.3%CVE-2026-55583HIGHTwenty: Cross-workspace IDOR in AgentTurnResolverEPSS 0.2%CVE-2026-23879HIGHpy7zr: Arbitrary File Write VulnerabilityEPSS 0.4%CVE-2026-13037HIGHUse after free in WebView in Google Chrome on Android prior to 149.0.7827.197 allowed a local attacker to execute arbitrary code inside a saEPSS 0.1%CVE-2026-13036HIGHUse after free in Blink in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code inside a sandbox via a EPSS 0.2%CVE-2026-13035HIGHUse after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code via a maliciEPSS 0.2%CVE-2026-13034MEDIUMInappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the rendereEPSS 0.1%CVE-2026-13031HIGHUse after free in Blink in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code inside a sandbox via a EPSS 0.2%