Busca de CVEs
359.920 resultadosCVE-2026-54311MEDIUMn8n: Merge Node SQL Mode Prototype PollutionEPSS —CVE-2026-54310MEDIUMn8n: SQL Injection in Postgres v1/TimesclaeDB NodesEPSS —CVE-2026-56696MEDIUMOpenHarness - Prompt Injection via /issue and /pr_comments Slash CommandsEPSS —CVE-2026-54309HIGHn8n: n8n MCP Browser HTTP Transport Exposes Unauthenticated Browser-Control SessionsEPSS —CVE-2026-56695HIGHOpenHarness - Cross-Session Disclosure via /resume and /summary CommandsEPSS —CVE-2026-56694MEDIUMNanoClaw < 2.1.0 - Privilege Escalation via Forged Channel Approval CallbackEPSS —CVE-2026-56693MEDIUMNanoClaw < 2.1.17 - Privilege Escalation via Unauthorized create_agent System ActionEPSS —CVE-2026-56692MEDIUMNanoClaw < 2.1.17 - Arbitrary File Read via Symlink Following in forwardAttachedFilesEPSS —CVE-2026-56402HIGHNanoClaw < 2.1.17 - Privilege Escalation via Unverified Approval Response HandlerEPSS —CVE-2026-54314MEDIUMn8n: Denial of Service via ZIP decompression in webhook workflowEPSS —CVE-2026-54312HIGHn8n: Microsoft SQL Node Prototype PollutionEPSS —CVE-2026-54303MEDIUMn8n: Reflected XSS via Facebook, WhatsApp, and Microsoft Teams Trigger Webhook Verification EndpointsEPSS —CVE-2026-54313MEDIUMn8n: NoSQL Injection in MongoDB Node Find And Replace OperationEPSS —CVE-2025-15619LOWHCL Connections is vulnerable to broken access controlEPSS —CVE-2026-55766MEDIUMguzzlehttp/psr7: CRLF Injection in HTTP Start-Line SerializationEPSS —CVE-2026-55767MEDIUMGuzzle: Dot-Only Cookie Domains Match All Hosts in guzzlehttp/guzzleEPSS —CVE-2026-55568MEDIUMGuzzle: Silent HTTPS-Proxy Downgrade to CleartextEPSS —CVE-2025-62180HIGHPega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain additional data via crafted URLs.EPSS —CVE-2026-27604CRITICALFOSSBilling: Improper API Role Validation (system) Enables Unauthenticated Access to Privileged Admin FunctionsEPSS —CVE-2026-28496CRITICALFOSSBilling: Server-side template injection in Twig template rendering enables information disclosure and RCEEPSS —