Búsqueda de CVEs
361.855 resultadosCVE-2026-57940LOWHTMLy 3.1.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the RSS feed import functionality. The function get_feed() in sysEPSS 0.2%CVE-2026-53914MEDIUMIn JetBrains Kotlin before 2.4.20 code execution was possible via unsafe deserialization in the build cache metadataEPSS 0.2%CVE-2026-57926LOWIn JetBrains YouTrack before 2026.2.16593 the websandbox bridge was vulnerable to a prototype pollution attackEPSS 0.2%CVE-2026-57925MEDIUMIn JetBrains YouTrack before 2026.2.16593 improper access control allowed reading saved queries and tagsEPSS 0.2%CVE-2026-57924MEDIUMIn JetBrains YouTrack before 2026.2.16593 default role configuration exposed excessive user profile detailsEPSS 0.2%CVE-2026-57923MEDIUMIn JetBrains YouTrack before 2026.2.16593 improper authorisation in the app configurations endpoint allowed modifying project settingsEPSS 0.2%CVE-2026-57922LOWIn JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possibleEPSS 0.1%CVE-2026-57921MEDIUMIn JetBrains YouTrack before 2026.2.16593 improper access control allowed reading users' private data via the comment templates endpointEPSS 0.2%CVE-2026-40711HIGHDell Dell Container Storage Modules, version(s) csi-powerstore v2.16.0, csi-unity v2.16.0, csi-powerflex v2.16.0, csi-powermax v2.16.0, contEPSS 1.0%CVE-2026-57920HIGHPeplink InControl 2 through 2.14.2 before 2026-06-03 allows use of a semicolon to bypass access-control rules for certain /rest/o/{orgId} enEPSS 0.2%CVE-2025-64152CRITICALApache IoTDB: Path Traversal VulnerabilityEPSS 0.4%CVE-2025-55017CRITICALApache IoTDB: Path Traversal VulnerabilityEPSS 0.4%CVE-2026-57915HIGHApache Kerby: Kerberos Pre-Authentication BypassEPSS 0.3%CVE-2026-57620MEDIUMWordPress Exclusive Addons Elementor plugin <= 2.7.9.8 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.1%CVE-2026-57914MEDIUMApache Kerby: StackOverflow on parsing deeply nested ASN1 structuresEPSS 0.3%CVE-2026-57918HIGHlibnfs through 6.0.2 before 935b8db has an xid integer underflow in READ_IOVEC in rpc_read_from_socket in lib/socket.c during a connection tEPSS 0.2%CVE-2026-57473MEDIUMA vulnerability exists in the netclient and factory services of Reolink Home Hub (versions prior to v3.3.0.456_26031911) due to the possibilEPSS 0.1%CVE-2026-13325HIGHVirt-handler-rhel9: kubevirt: kubevirt: disabletls migration setting removes authentication, exposing unauthenticated virtqemud proxy on all interfacesEPSS 0.2%CVE-2025-7958HIGHA Code Injection vulnerability existed in Trellix Network Security CM and NX. A locally authenticated admin user can execute arbitrary code EPSS 0.2%CVE-2026-57913HIGHJohnson & Johnson Audit Tracking Management System (ATMS) before 2026-04-21 allows viewing of meeting minutes and transcripts.EPSS 0.2%