Falhas do tipo CWE-346
385 resultadosCVE-2025-68467LOWDark Reader gives users the ability to request style sheets from local web serversEPSS 0.1%CVE-2026-54030HIGHLibreChat: Missing Resource Parameter Validation in MCP OAuth FlowEPSS 0.1%CVE-2026-46685MEDIUMRustFS: Reflective CORS with credentials on S3 listener; unauthenticated license metadata endpoint on consoleEPSS 0.1%CVE-2026-9989MEDIUMInappropriate implementation in Media in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to bypass same origin policy via a EPSS 0.1%CVE-2026-2457MEDIUMWebSocket Message Spoofing via Permalink Embed ManipulationEPSS 0.1%CVE-2021-26737MEDIUMPrivilege Escalation Using PID Reuse in ZCC macOSEPSS 0.1%CVE-2026-27004MEDIUMOpenClaw session tool visibility hardening and Telegram webhook secret fallbackEPSS 0.1%CVE-2023-25188MEDIUMAn issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP (as a BTS administrator) removes security hardeniEPSS 0.1%CVE-2026-41886HIGHlocize Client SDK: Cross-origin DOM XSS & Handler Hijack Through Missing e.origin Validation in InContext EditorEPSS 0.1%CVE-2026-34720LOWZammad has an origin validation error in SSO mechanismEPSS 0.1%CVE-2024-31127HIGHMacOS Zscaler Client Connector Local Privilege EscalationEPSS 0.1%CVE-2026-7439MEDIUMAgentFlow Local Web API Content-Type Validation BypassEPSS 0.1%CVE-2024-5905LOWCortex XDR Agent: Local Windows User Can Disrupt Functionality of the AgentEPSS 0.1%CVE-2025-1787MEDIUMLocal admin could to leak information from the Genetec Update Service configuration web page. An authenticated, admin privileged, Windows usEPSS 0.1%CVE-2025-13593MEDIUMOrigin validation error vulnerability in Synology ActiveProtect Agent before 1.1.0-0439 allows local users to write arbitrary files with resEPSS 0.1%CVE-2025-66593MEDIUMAn origin validation error vulnerability in Synology Assistant before 7.0.6-50085 allows local users to write arbitrary files with restricteEPSS 0.1%CVE-2025-66592MEDIUMAn origin validation error vulnerability in Synology Active Backup for Business Agent before 3.1.0-4967 allows local users to write arbitrarEPSS 0.1%CVE-2025-67825MEDIUMAn issue was discovered in Nitro PDF Pro for Windows before 14.42.0.34. In certain cases, it displays signer information from a non-verifiedEPSS 0.1%CVE-2025-8074MEDIUMOrigin validation error vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.3-13973 allows local users to write arbitrary EPSS 0.1%CVE-2026-22077MEDIUMSensitive Information Disclosure Vulnerability Caused by Trusted Domain Bypass in OPPO WalletEPSS 0.1%