Búsqueda de CVEs
361.812 resultadosCVE-2026-57926LOWIn JetBrains YouTrack before 2026.2.16593 the websandbox bridge was vulnerable to a prototype pollution attackEPSS 0.2%CVE-2026-57925MEDIUMIn JetBrains YouTrack before 2026.2.16593 improper access control allowed reading saved queries and tagsEPSS 0.2%CVE-2026-57924MEDIUMIn JetBrains YouTrack before 2026.2.16593 default role configuration exposed excessive user profile detailsEPSS 0.2%CVE-2026-57923MEDIUMIn JetBrains YouTrack before 2026.2.16593 improper authorisation in the app configurations endpoint allowed modifying project settingsEPSS 0.2%CVE-2026-57922LOWIn JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possibleEPSS 0.1%CVE-2026-57921MEDIUMIn JetBrains YouTrack before 2026.2.16593 improper access control allowed reading users' private data via the comment templates endpointEPSS 0.2%CVE-2026-40711HIGHDell Dell Container Storage Modules, version(s) csi-powerstore v2.16.0, csi-unity v2.16.0, csi-powerflex v2.16.0, csi-powermax v2.16.0, contEPSS 1.0%CVE-2026-57920HIGHPeplink InControl 2 through 2.14.2 before 2026-06-03 allows use of a semicolon to bypass access-control rules for certain /rest/o/{orgId} enEPSS 0.2%CVE-2025-64152CRITICALApache IoTDB: Path Traversal VulnerabilityEPSS 0.4%CVE-2025-55017CRITICALApache IoTDB: Path Traversal VulnerabilityEPSS 0.4%CVE-2026-57915HIGHApache Kerby: Kerberos Pre-Authentication BypassEPSS 0.3%CVE-2026-57620MEDIUMWordPress Exclusive Addons Elementor plugin <= 2.7.9.8 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.1%CVE-2026-57914MEDIUMApache Kerby: StackOverflow on parsing deeply nested ASN1 structuresEPSS 0.3%CVE-2026-57918HIGHlibnfs through 6.0.2 before 935b8db has an xid integer underflow in READ_IOVEC in rpc_read_from_socket in lib/socket.c during a connection tEPSS 0.2%CVE-2026-57473MEDIUMA vulnerability exists in the netclient and factory services of Reolink Home Hub (versions prior to v3.3.0.456_26031911) due to the possibilEPSS 0.1%CVE-2026-13325HIGHVirt-handler-rhel9: kubevirt: kubevirt: disabletls migration setting removes authentication, exposing unauthenticated virtqemud proxy on all interfacesEPSS 0.2%CVE-2025-7958HIGHA Code Injection vulnerability existed in Trellix Network Security CM and NX. A locally authenticated admin user can execute arbitrary code EPSS 0.2%CVE-2026-57913HIGHJohnson & Johnson Audit Tracking Management System (ATMS) before 2026-04-21 allows viewing of meeting minutes and transcripts.EPSS 0.2%CVE-2026-57912HIGHJohnson & Johnson Campus Recruiting before 2025-10-31 allows viewing of data provided by recruited students, and notes entered about studentEPSS 0.2%CVE-2026-6658MEDIUMCross-site Scripting (XSS) in jupyter/nbconvertEPSS 0.1%