Búsqueda de CVEs
363.346 resultadosCVE-2026-54350CRITICALBudibase: Anonymous NoSQL operator injection via published-app query templatesEPSS 0.5%CVE-2026-50137HIGHBudibase: POST /api/attachments/:datasourceId/url is unauthenticated and lets anonymous callers mint S3 PUT pre-signed URLs using stored datasource IAM credentialsEPSS 0.4%CVE-2024-23581MEDIUMHCL Traveler for Microsoft Outlook (HTMO) is susceptible to an application modification vulnerabilityEPSS 0.1%CVE-2026-50136HIGHBudibase: Unauthenticated S3 signed upload URL generation allows arbitrary writes with stored datasource credentialsEPSS 0.3%CVE-2026-50132HIGHBudibase: Chat Identity Link Hijacking via Missing Consent & CSRF — Account Impersonation in BudibaseEPSS 0.2%CVE-2026-54352CRITICALBudibase: Arbitrary file read by workspace-builder via PWA-zip symlink uploadEPSS 0.5%CVE-2026-46604HIGHPanic decoding image with out-of-bounds strip offset in x/image/tiff in golang.org/x/imageEPSS 0.3%CVE-2026-48770MEDIUMNotepad++ WM_COPYDATA COPYDATA_FULL_CMDLINE local DoS crashEPSS 0.3%CVE-2026-48778HIGHNotepad++: Arbitrary Code Execution via config.xml commandLineInterpreterEPSS 1.3%CVE-2026-52885HIGHNotepad++ TOCTOU: HMAC Checks Disk, Executes from MemoryEPSS 0.1%CVE-2026-46710HIGHNotepad++: Privilege Escalation in the Installer via Uncontrolled Executable Search PathEPSS 0.1%CVE-2026-48800HIGHNotepad++: Arbitrary Code Execution via shortcuts.xml UserCommand InjectionEPSS 0.4%CVE-2026-52884HIGHNotepad++: CVE-2026-48800 BypassEPSS 0.2%CVE-2026-55188HIGHRustFS: ListRemoteTargetHandler authorization bypass leaks replication target credentialsEPSS 0.2%CVE-2026-49991HIGHRustFS Snowball Auto-Extract: Path Traversal allows cross-bucket object injectionEPSS 0.3%CVE-2026-55189HIGHRustFS: FTP frontend skips IAM authorization on object readsEPSS 0.2%CVE-2026-55838MEDIUMRustFS: Missing admin authorization on /rustfs/admin/v3/metrics allows any authenticated user to read server metricsEPSS 0.2%CVE-2026-32833HIGHCudy LT300 3.0 OS Command Injection via NTP ConfigurationEPSS 1.3%CVE-2026-44733MEDIUMOpenProject: Business Logic Error on OpenProject through PATCH request to /api/v3/users/me permits to bypass password requirementsEPSS 0.2%CVE-2026-44731MEDIUMOpenProject: Improper Access Control on OpenProject through /projects/[projectName]/meetings via "invited_user_id" in GET parameter "filters" leads to user names disclosureEPSS 0.2%