Busca de CVEs

364.830 resultados
CVE-2026-39893CRITICALCacti: Pre-authentication SQL injection via rfilter RLIKE clause in graph_view.phpEPSS 0.4%CVE-2026-2050HIGHGIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution VulnerabilityEPSS 0.6%CVE-2026-49979MEDIUMAppsmith: SSRF via `POST /api/v1/admin/send-test-email` — JavaMail Bypasses WebClient IP FilterEPSS 0.2%CVE-2026-55454CRITICALAppsmith: Caddy admin API exposed without authenticationEPSS 0.3%CVE-2026-9779HIGHATEN Unizon doCryptoHugeFileToFile Improper Verification of Cryptographic Signature Remote Code Execution VulnerabilityEPSS 0.4%CVE-2026-9778HIGHATEN Unizon ImportDeviceList Directory Traversal Remote Code Execution VulnerabilityEPSS 1.5%CVE-2026-9777HIGHATEN Unizon restoreDB Directory Traversal Remote Code Execution VulnerabilityEPSS 1.5%CVE-2026-9776HIGHATEN Unizon writeFileToHttpServletResponse Directory Traversal Information Disclosure VulnerabilityEPSS 1.6%CVE-2026-9775MEDIUMATEN Unizon uploadSSL Directory Traversal Arbitrary File Deletion VulnerabilityEPSS 1.2%CVE-2026-9774MEDIUMATEN Unizon updateLicense Directory Traversal Arbitrary File Deletion VulnerabilityEPSS 1.2%CVE-2026-55455MEDIUMAppsmith: SSRF in REST API / GraphQL datasource plugins via insufficient host denylistEPSS 0.2%CVE-2026-10043HIGHMosaicML Composer Deserialization of Untrusted Data Remote Code Execution VulnerabilityEPSS 0.3%CVE-2026-9773HIGHUnraid Web Server ToggleState Command Injection Remote Code Execution VulnerabilityEPSS 1.1%CVE-2026-9772HIGHUnraid Web Server FileUpload Command Injection Remote Code Execution VulnerabilityEPSS 1.1%CVE-2026-50189HIGHAppsmith: RCE via Supervisord XML-RPC Admin Interface Exposed via /supervisor Caddy RouteEPSS 0.3%CVE-2026-10642MEDIUMUnbounded TX busy-loop DoS in Zephyr PL011 UART driver under CTS hardware flow controlEPSS 0.2%CVE-2026-53765MEDIUMchrome-devtools-mcp: daemon.pid write follows symlinks in /tmp fallback runtime directoryEPSS 0.1%CVE-2026-53766MEDIUMchrome-devtools-mcp: validatePath() does not canonicalize symlinks before enforcing rootsEPSS 0.1%CVE-2026-52794HIGHSentry: Inefficient Regular Expression Complexity in sentryEPSS 0.3%CVE-2026-55570CRITICALSiYuan: Stored XSS results to Electron RCE in SiYuan marketplace via unescaped `data-obj` attribute (Bypass for CVE-2026-45375's patch)EPSS 0.3%