Fallos del tipo CWE-306
1720 resultadosCVE-2026-28458HIGHOpenClaw 2026.1.20 < 2026.2.1 - Missing Authentication in Browser Relay /cdp WebSocket EndpointEPSS 0.3%CVE-2025-61756HIGHVulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (comEPSS 0.3%CVE-2026-1410MEDIUMBeetel 777VR1 UART missing authenticationEPSS 0.3%CVE-2020-26192HIGHDell EMC PowerScale OneFS versions 8.2.0 - 9.1.0 contain a privilege escalation vulnerability. A non-admin user with either ISI_PRIV_LOGIN_CEPSS 0.3%CVE-2026-46920HIGHVulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM (component: Siebel Cloud Manager). Supported versions that EPSS 0.3%CVE-2026-5029HIGHRCE in Code Runner MCP ServerEPSS 0.3%CVE-2026-29606MEDIUMOpenClaw < 2026.2.14 - Webhook Signature Verification Bypass via ngrok Loopback CompatibilityEPSS 0.3%CVE-2026-0942MEDIUMRede Itaú for WooCommerce — Payment PIX, Credit Card and Debit <= 5.1.5 - Missing Authorization to Unauthenticated Rede Order Logs DeletionEPSS 0.3%CVE-2026-50136HIGHBudibase: Unauthenticated S3 signed upload URL generation allows arbitrary writes with stored datasource credentialsEPSS 0.3%CVE-2026-33543CRITICALFOSSBilling: Authentication bypass allows unauthenticated administrator creationEPSS 0.3%CVE-2026-53469CRITICALMigration-planner: unprotected delete endpoint wipes all tenant dataEPSS 0.3%CVE-2024-26519CRITICALAn issue in Casa Systems NTC-221 version 2.0.99.0 and before allows a remote attacker to execute arbitrary code via a crafted payload to theEPSS 0.3%CVE-2018-25437HIGHWordPress CherryFramework Themes 3.1.4 Backup File DownloadEPSS 0.3%CVE-2025-11771MEDIUMCryptocurrency (Token), Launchpad (Presale), ICO & IDO, Airdrop by TokenICO <= 2.4.7 - Missing Authentication to Unauthenticated Presale UpdateEPSS 0.3%CVE-2026-25885CRITICALPolarLearn allows Unauthenticated WebSocket access allows subscribing to and posting in arbitrary group chatsEPSS 0.3%CVE-2025-60856MEDIUMReolink Video Doorbell WiFi DB_566128M5MP_W allows root shell access through an unsecured UART/serial console. An attacker with physical accEPSS 0.3%CVE-2025-12049CRITICALMissing Authentication for Critical Function vulnerability in Sharp Display Solutions Media Player MP-01 All Verisons allows a attacker may EPSS 0.3%CVE-2026-0492HIGHPrivilege escalation vulnerability in SAP HANA databaseEPSS 0.3%CVE-2025-13779HIGHConfiguration Data SpillEPSS 0.3%CVE-2024-36457MEDIUMSymantec Privileged Access Manager Authentication Bypass vulnerabilityEPSS 0.3%