Falhas do tipo CWE-915
105 resultadosCVE-2026-8327MEDIUMConcrete CMS below 9.5.0 and below is vulnerable to password change without reauthorization and session-hardening bypass.EPSS 0.2%CVE-2026-48943MEDIUMJoomla Extension - getk2.com - Authenticated user property mass-assignment in K2 extension for Joomla < 2.26EPSS 0.2%CVE-2026-55736MEDIUMPrivate action arguments can be set by user input in AshEPSS 0.2%CVE-2026-46517HIGHLMDeploy: Hardcoded trust_remote_code=True is an implicit unsafe remote-code load path with no user opt-outEPSS 0.1%CVE-2026-31252MEDIUMCosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e (2025-30-21) contains an insecure deserialization vulnerability (CWE-502) in EPSS 0.1%