Busca de CVEs
365.290 resultadosCVE-2026-56302MEDIUMCapgo - Unsecured Supabase Images Bucket via Missing Row Level SecurityEPSS 0.2%CVE-2026-56272MEDIUMFlowise - Insufficient Password Salt Rounds in Bcrypt HashingEPSS 0.1%CVE-2026-56270HIGHFlowise - Unauthenticated OAuth Secrets Disclosure via /api/v1/loginmethod EndpointEPSS 0.4%CVE-2026-56269MEDIUMFlowise - Weak Default Token Hash Secret in JWT Token EncryptionEPSS 0.1%CVE-2026-56262MEDIUMCrawl4AI - Unauthenticated Access to Monitor Endpoints via Docker API ServerEPSS 0.4%CVE-2026-56257HIGHCapgo - Authorization Bypass in App Ownership Transfer via Direct PostgREST UpdateEPSS 0.2%CVE-2026-56256HIGHCapgo - Two-Factor Authentication Bypass via Organization Management APIEPSS 0.2%CVE-2026-56245HIGHSupabase Capgo - Unauthenticated Cross-Tenant Build-Time Accounting Poisoning via record_build_time RPCEPSS 0.3%CVE-2026-56244HIGHCapgo - Webhook Signing Secret Disclosure via Non-Admin API KeyEPSS 0.2%CVE-2026-56237CRITICALCapgo - Unauthenticated API Key Generation via Client-Side Parameter ManipulationEPSS 0.3%CVE-2026-56232HIGHCapgo - Subkey Scope Bypass in middlewareKey via x-limited-key-id HeaderEPSS 0.3%CVE-2026-56231HIGHCapgo - Broken Object Level Authorization in Build Job Control via jobId ParameterEPSS 0.2%CVE-2026-56223CRITICALCapgo - Account Takeover via Cross-Domain SSO Email Assertion in provision-userEPSS 0.2%CVE-2025-71361HIGHpicklescan - Remote Code Execution via Undetected idlelib.calltip.Calltip.fetch_tipEPSS 0.3%CVE-2025-71354HIGHpicklescan - Remote Code Execution via idlelib.debugobj.ObjectTreeItem.SetTextEPSS 0.3%CVE-2025-71332HIGHFlowise - SQL Injection in importChatflows API via chatflow.id ParameterEPSS 0.3%CVE-2026-13140LOWStored Cross-Site Scripting in Canarytokens.orgEPSS 0.2%CVE-2026-13150MEDIUMSSRF in Pentestify PDF generation endpoint via Host headerEPSS 0.3%CVE-2026-52944—ksmbd: fix FSCTL permission bypass by adding a permission check for FSCTL_SET_SPARSEEPSS 0.1%CVE-2026-11968MEDIUMImproper Neutralization of Argument Delimiters in a Command ('Argument Injection') in TortoiseGitEPSS 0.1%