Busca de CVEs
361.802 resultadosCVE-2026-45257HIGHArbitrary file overwrite via the KTLS receive pathEPSS 0.2%CVE-2026-4339MEDIUMSSRF via unvalidated attachment URLs in Mattermost Agents plugin MCP serverEPSS 0.1%CVE-2026-9699MEDIUMMattermost Agents plugin logs unsanitized OpenAI API keys on authentication errorsEPSS 0.3%CVE-2026-57527HIGHZAP ViewState Add-on Insecure Deserialization via JSFViewState.decode()EPSS 0.5%CVE-2026-45256MEDIUMMissing permission check in thr_kill2(2)EPSS 0.1%CVE-2026-3472LOWMarkdown image rendering bypass in AI bot tool result posts in MattermostEPSS 0.2%CVE-2026-56773HIGHTeable - Missing Authorization in v2 REST APIEPSS 0.4%CVE-2026-13426MEDIUMClient4 fails to validate path parametersEPSS 0.2%CVE-2026-57940LOWHTMLy 3.1.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the RSS feed import functionality. The function get_feed() in sysEPSS 0.2%CVE-2026-53914MEDIUMIn JetBrains Kotlin before 2.4.20 code execution was possible via unsafe deserialization in the build cache metadataEPSS 0.2%CVE-2026-57926LOWIn JetBrains YouTrack before 2026.2.16593 the websandbox bridge was vulnerable to a prototype pollution attackEPSS 0.2%CVE-2026-57925MEDIUMIn JetBrains YouTrack before 2026.2.16593 improper access control allowed reading saved queries and tagsEPSS 0.2%CVE-2026-57924MEDIUMIn JetBrains YouTrack before 2026.2.16593 default role configuration exposed excessive user profile detailsEPSS 0.2%CVE-2026-57923MEDIUMIn JetBrains YouTrack before 2026.2.16593 improper authorisation in the app configurations endpoint allowed modifying project settingsEPSS 0.2%CVE-2026-57922LOWIn JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possibleEPSS 0.1%CVE-2026-57921MEDIUMIn JetBrains YouTrack before 2026.2.16593 improper access control allowed reading users' private data via the comment templates endpointEPSS 0.2%CVE-2026-40711HIGHDell Dell Container Storage Modules, version(s) csi-powerstore v2.16.0, csi-unity v2.16.0, csi-powerflex v2.16.0, csi-powermax v2.16.0, contEPSS 1.0%CVE-2026-57920HIGHPeplink InControl 2 through 2.14.2 before 2026-06-03 allows use of a semicolon to bypass access-control rules for certain /rest/o/{orgId} enEPSS 0.2%CVE-2025-64152CRITICALApache IoTDB: Path Traversal VulnerabilityEPSS 0.4%CVE-2025-55017CRITICALApache IoTDB: Path Traversal VulnerabilityEPSS 0.4%