Búsqueda de CVEs
363.019 resultadosCVE-2026-7803CRITICALFlow Validation Bypass via Empty Component Type FieldEPSS 0.4%CVE-2026-7871CRITICALInsecure Deserialization in Redis Cache BackendEPSS 0.4%CVE-2026-7873CRITICALCode Injection Vulnerability in Code Validation EndpointEPSS 0.3%CVE-2026-7874CRITICALWeak Cryptographic Key Derivation Exposed All Stored CredentialsEPSS 0.2%CVE-2026-9002MEDIUMIBM WebSphere eXtremes Scale is affected by uncontrolled resource consumption when XDF is enabledEPSS 0.3%CVE-2026-9836LOWIBM DataStage Flow Designer application is affected by an information disclosure vulnerabilityEPSS 0.2%CVE-2026-58138CRITICALOrkes Conductor 3.21.21 < 3.30.2 Unauthenticated RCE via GraalVM Script EvaluatorsEPSS 0.9%CVE-2026-10513HIGHWebmention <= 5.8.0 - Unauthenticated Stored Cross-Site Scripting via MF2 'photo'/'url' Author PropertiesEPSS 0.2%CVE-2026-10655MEDIUMUse-after-free race in SNTP async client when closing the socket while the socket service is still polling itEPSS 0.2%CVE-2026-10654LOWRFCOMM session-disconnect race leaks session/L2CAP and denies further RFCOMM service in Zephyr Bluetooth ClassicEPSS 0.1%CVE-2026-8864HIGHHP Fan Control App – Potential Escalation of PrivilegeEPSS 0.1%CVE-2026-10653MEDIUMNon-atomic `net_buf` reference counts cause double-free / free-list corruption under concurrent unrefEPSS 0.2%CVE-2026-9263MEDIUMOut-of-bounds read in Bluetooth Controller ISOAL framed RX reassembly leaks adjacent memory into host HCI ISO packetsEPSS 0.2%CVE-2026-49451HIGHMicrosoft.OpenAPI: Circular schema references may terminate OpenAPI parsingEPSS 0.7%CVE-2026-58377HIGHJeecgBoot 3.9.2 - Missing Authorization on OpenAPI Credential Management Endpoints Exposes Access/Secret KeysEPSS 0.3%CVE-2026-58376HIGHDolibarr - SQL Injection via sqlfilters Parameter in Multiple REST API List EndpointsEPSS 0.2%CVE-2026-58375HIGHJimuReport 2.5.0 - Unauthenticated Report Export via /jmreport/auto/exportEPSS 0.5%CVE-2026-58373MEDIUMCVAT < 2.69.0 - Missing Authorization on Quality Reports parent_id Filter Leaks Cross-Organization Report ExistenceEPSS 0.2%CVE-2026-58372HIGHSeaweedFS < 4.34 - Cross-Bucket Object Deletion via DeleteObjects Request-Body KeysEPSS 0.8%CVE-2026-58371LOWSeaweedFS < 4.30 - Cross-Origin Information Disclosure via Unvalidated JSONP callback ParameterEPSS 0.2%