Fallos del tipo CWE-862

7077 resultados
CVE-2026-48941MEDIUMJoomla Extension - getk2.org - Unauthenticated folder delete in K2 extension for Joomla < 2.26EPSS 0.2%CVE-2023-48683HIGHSensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect CEPSS 0.2%CVE-2026-6472MEDIUMPostgreSQL CREATE TYPE does not check multirange schema CREATE privilegeEPSS 0.2%CVE-2026-1745MEDIUMSourceCodester Medical Certificate Generator App cross-site request forgeryEPSS 0.2%CVE-2026-13239MEDIUMWissKI - Critical - Access bypass - SA-CONTRIB-2026-059EPSS 0.2%CVE-2026-13241MEDIUMParagraphs - Moderately critical - Access bypass - SA-CONTRIB-2026-061EPSS 0.2%CVE-2026-14800MEDIUMimhamzaazam ecommerceFlask cross-site request forgeryEPSS 0.2%CVE-2026-59523MEDIUMWordPress Simply Schedule Appointments plugin <= 1.6.11.11 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-9582MEDIUMSourceCodester CET Automated Grading System with AI Predictive Analytics cross-site request forgeryEPSS 0.2%CVE-2026-54029MEDIUMLibreChat: IDOR in Message Deletion — Incomplete Fix for CVE-2024-41703 Leaves deleteMessages() Without User FilterEPSS 0.2%CVE-2025-58981MEDIUMWordPress Accessibility Checker by Equalize Digital Plugin <= 1.31.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2023-45242MEDIUMSensitive information disclosure due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (LinuxEPSS 0.2%CVE-2026-32447MEDIUMWordPress Atarim plugin <= 4.3.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-14370MEDIUMQuote Comments <= 3.0.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings UpdateEPSS 0.2%CVE-2024-31118MEDIUMWordPress SP Project & Document Manager plugin <= 4.70 - Broken Access Control to XSS vulnerabilityEPSS 0.2%CVE-2025-12640MEDIUMFolders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager <= 3.1.5 - Missing Authorization to Authenticated (Author+) Media ReplacementEPSS 0.2%CVE-2025-12061HIGHTax Service Electronic HDM < 1.2.1 - Unauthenticated Arbitrary SQL ExecutionEPSS 0.2%CVE-2026-27676MEDIUMMissing Authorization check in SAP S/4HANA OData Service (Manage Technical Object Structures)EPSS 0.2%CVE-2026-6589MEDIUMComfyUI server.py create_origin_only_middleware cross-site request forgeryEPSS 0.2%CVE-2025-15476MEDIUMThe Bucketlister <= 0.1.5 - Missing Authorization to Authenticated (Subscriber+) Bucket List ModificationEPSS 0.2%