Busca de CVEs
361.645 resultadosCVE-2025-64637MEDIUMWordPress Auros Core plugin <= 5.3.1 - Content Injection vulnerabilityEPSS 0.2%CVE-2025-64636MEDIUMWordPress Donation Thermometer plugin <= 2.2.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-63079MEDIUMWordPress Live Copy Paste for Elementor plugin <= 1.5.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-63078MEDIUMWordPress Restaurant Menu by MotoPress plugin <= 2.4.11 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-63041MEDIUMWordPress Forget About Shortcode Buttons plugin <= 2.1.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-45257HIGHArbitrary file overwrite via the KTLS receive pathEPSS 0.2%CVE-2026-4339MEDIUMSSRF via unvalidated attachment URLs in Mattermost Agents plugin MCP serverEPSS 0.1%CVE-2026-9699MEDIUMMattermost Agents plugin logs unsanitized OpenAI API keys on authentication errorsEPSS 0.3%CVE-2026-57527HIGHZAP ViewState Add-on Insecure Deserialization via JSFViewState.decode()EPSS 0.5%CVE-2026-45256MEDIUMMissing permission check in thr_kill2(2)EPSS 0.1%CVE-2026-3472LOWMarkdown image rendering bypass in AI bot tool result posts in MattermostEPSS 0.2%CVE-2026-56773HIGHTeable - Missing Authorization in v2 REST APIEPSS 0.4%CVE-2026-13426MEDIUMClient4 fails to validate path parametersEPSS 0.2%CVE-2026-57940LOWHTMLy 3.1.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the RSS feed import functionality. The function get_feed() in sysEPSS 0.2%CVE-2026-53914MEDIUMIn JetBrains Kotlin before 2.4.20 code execution was possible via unsafe deserialization in the build cache metadataEPSS 0.2%CVE-2026-57926LOWIn JetBrains YouTrack before 2026.2.16593 the websandbox bridge was vulnerable to a prototype pollution attackEPSS 0.2%CVE-2026-57925MEDIUMIn JetBrains YouTrack before 2026.2.16593 improper access control allowed reading saved queries and tagsEPSS 0.2%CVE-2026-57924MEDIUMIn JetBrains YouTrack before 2026.2.16593 default role configuration exposed excessive user profile detailsEPSS 0.2%CVE-2026-57923MEDIUMIn JetBrains YouTrack before 2026.2.16593 improper authorisation in the app configurations endpoint allowed modifying project settingsEPSS 0.2%CVE-2026-57922LOWIn JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possibleEPSS 0.1%