Busca de CVEs

362.775 resultados
CVE-2026-56318MEDIUMCapgo - Information Disclosure via /private/validate_password_compliance EndpointEPSS CVE-2026-56300HIGHCapgo - Unauthenticated API Key Validity and Permission Oracle via RPC FunctionsEPSS CVE-2026-56286HIGHCapgo - Account Deletion Without Password ConfirmationEPSS CVE-2026-56278CRITICALFlowise - Session Hijacking via Weak Default Express Session SecretEPSS CVE-2026-56277MEDIUMFlowise - Hardcoded CORS Wildcard in TTS EndpointEPSS CVE-2026-56264CRITICALCrawl4AI - Arbitrary JavaScript Execution via /execute_js EndpointEPSS CVE-2026-56249HIGHCapgo - Unauthorized Channel Overwrite and Ownership Takeover via POST /channel Name CollisionEPSS CVE-2026-56247HIGHCapgo - Privilege Escalation via Cross-Scope RBAC Role AssignmentEPSS CVE-2026-56233HIGHCapgo - SSRF and Privilege Escalation via Path Traversal in Builder Upload ProxyEPSS CVE-2026-56230HIGHCapgo - Broken Object Level Authorization via x-limited-key-id HeaderEPSS CVE-2026-56224MEDIUMCapgo - Login CSRF and Session Fixation via URL Query ParametersEPSS CVE-2026-56219HIGHCapgo - Unauthenticated RBAC Bindings and Email Disclosure via get_org_user_access_rbac NULL-auth BypassEPSS CVE-2025-71381MEDIUMHono - Vary Header Injection in CORS MiddlewareEPSS CVE-2025-71374HIGHpicklescan - Arbitrary Code Execution via Undetected profile.Profile.runEPSS CVE-2025-71371HIGHpicklescan - Remote Code Execution via code.InteractiveInterpreter Detection BypassEPSS CVE-2025-71368HIGHpicklescan - Arbitrary Code Execution via Undetected doctest.debug_scriptEPSS CVE-2025-71363HIGHpicklescan - Arbitrary Code Execution via Undetected cProfile.run in Pickle DeserializationEPSS CVE-2025-71355HIGHPicklescan - Arbitrary Code Execution via Unsafe Numpy Function Detection BypassEPSS CVE-2025-71352HIGHpicklescan - Remote Code Execution via Undetected trace.Trace.runctx in Pickle FilesEPSS CVE-2025-71350HIGHpicklescan - Undetected Remote Code Execution via torch.utils.collect_env.runEPSS