Busca de CVEs
364.827 resultadosCVE-2026-13311HIGHshell-quote parse() is quadratic in token count, enabling denial of serviceEPSS 0.4%CVE-2026-0934LOWIncorrect Authorization in GitLabEPSS 0.2%CVE-2026-1606MEDIUMImproper Control of Generation of Code ('Code Injection') in GitLabEPSS 0.2%CVE-2026-2238MEDIUMMissing Authorization in GitLabEPSS 0.3%CVE-2026-3176LOWMissing Authorization in GitLabEPSS 0.2%CVE-2026-5309MEDIUMAuthorization Bypass Through User-Controlled Key in GitLabEPSS 0.2%CVE-2026-5796MEDIUMIncorrect Authorization in GitLabEPSS 0.2%CVE-2026-5952MEDIUMIncorrect Authorization in GitLabEPSS 0.2%CVE-2026-8330MEDIUMInsertion of Sensitive Information into Log File in GitLabEPSS 0.1%CVE-2026-10712HIGHImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLabEPSS 0.2%CVE-2026-11379MEDIUMIncorrect Authorization in GitLabEPSS 0.2%CVE-2026-12053HIGHInsertion of Sensitive Information into Log File in GitLabEPSS 0.3%CVE-2026-12635NONEReliance on Reverse DNS Resolution for a Security-Critical Action in GitLabEPSS 0.2%CVE-2026-2508MEDIUMGravity Forms Booking <= 2.7.1 - Authenticated (Subscriber+) Time-Based SQL Injection via 'staff_id'EPSS 0.2%CVE-2026-12077HIGHDokan Pro <= 5.0.4 - Unauthenticated SQL Injection via 'latitude' and 'longitude' ParametersEPSS 0.3%CVE-2026-12079MEDIUMDokan Pro <= 5.0.4 - Authenticated (Subscriber+) SQL Injection via 'orderby' ParameterEPSS 0.2%CVE-2026-10833MEDIUMGutenberg Essential Blocks - Page Builder for Gutenberg Blocks & Patterns <= 6.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'configurablePrefix' Block AttributeEPSS 0.2%CVE-2026-8658MEDIUMOS Command Injection in Rapid7 InsightConnect Tcpdump PluginEPSS 0.8%CVE-2026-8662LOWPath Traversal in Rapid7 InsightConnect Compression PluginEPSS 0.2%CVE-2026-8666HIGHOS Command Injection in Rapid7 InsightConnect Traceroute PluginEPSS 0.7%