Busca de CVEs
361.536 resultadosCVE-2026-56876HIGHextract-zip unvalidated symlink path traversalEPSS 0.3%CVE-2026-54341HIGHDragonfly: RESTORE operations may crash the serverEPSS 0.4%CVE-2026-47206LOWDragonfly: RESP Protocol Injection via Lua redis.error_reply() in EvalSerializerEPSS 0.3%CVE-2026-48529MEDIUMGitHub MCP Server: Lockdown mode singleton in HTTP server causes cross-user GraphQL client confusionEPSS 0.2%CVE-2026-55686MEDIUMPodman: WORKDIR symlink traversal vulnerabilityEPSS 0.3%CVE-2026-57231HIGHPodman: Malformed Image can trick podman run into leaking host environment variables into the containerEPSS 0.3%CVE-2026-54636CRITICALDokku: OS Command Injection via app.json managed CronEPSS 0.3%CVE-2026-28385MEDIUMSSRF via image import from URL allows internal network probing by authenticated usersEPSS 0.2%CVE-2026-45405CRITICALDokku: Arbitrary File Write via Tar Symlink Traversal in git:from-archive and certs:addEPSS 0.3%CVE-2026-45406CRITICALDokku: Host RCE via Maliciously Named OpenResty Include Files Injected Through evalEPSS 0.3%CVE-2026-45407MEDIUMDokku: Git Credentials in .netrc Stored World-Readable Due to Premature touchEPSS 0.1%CVE-2026-45408CRITICALDokku: OS Command Injection via App Name in Git Pre-Receive HookEPSS 0.2%CVE-2026-55677HIGHEcho: Encoded slash (%2F) bypasses route-level protection and exposes static filesEPSS 0.4%CVE-2025-32394MEDIUMAutoGPT: There is a DoS vulnerability in AITextSummarizerBlockEPSS 0.2%CVE-2026-11779MEDIUMPayloadCMS 3.84.1 - Authenticated account lockout bypass through default unlock accessEPSS 0.2%CVE-2025-32423MEDIUMAutoGPT: There is a DoS vulnerability in ExtractTextInformationBlockEPSS 0.2%CVE-2026-56663HIGHAutoGPT: SSRF-to-RCE Chain in `SendWebRequestBlock` via IP validation bypass and internal `pg-meta` accessEPSS 0.2%CVE-2026-56823MEDIUMAutoGPT: IDOR in Webhook Ping Endpoint Allows Enumeration and Cross-User Ping TriggeringEPSS 0.1%CVE-2026-13434MEDIUMVirt-controller-rhel9: kubevirt: kubevirt: multus default-network annotation injection via unvalidated tenant networkname when externalnetresourceinjection is enabledEPSS 0.2%CVE-2026-57518HIGHPagekit CMS 1.0.18 Privilege Escalation via UserApiControllerEPSS 0.5%