Busca de CVEs

362.985 resultados
CVE-2026-53427LOWCross-site scripting in MDEx via unescaped highlight_lines_class code-fence attributeEPSS 0.4%CVE-2026-13757MEDIUMP11-kit: stack exhaustion via unbounded recursion in rpc attribute parsingEPSS 0.1%CVE-2026-58000HIGHluci-proto-openvpn - Command Injection via cl_meta Parameter in generateKeyEPSS 1.4%CVE-2026-57999HIGHluci-app-tailscale-community - Command Injection via tailscale.do_login RPCEPSS 1.2%CVE-2026-11720CRITICALPath Traversal in googleapis/mcp-toolbox HTTP Tool URL BuilderEPSS 0.4%CVE-2026-57960HIGHHi.Events 1.9.0 - Unauthenticated Attendee PII Exposure via Check-in List short_idEPSS 0.3%CVE-2026-57959HIGHHi.Events 1.9.0 - Promo Code Max-Usage Bypass via Asynchronous Job Race ConditionEPSS 0.2%CVE-2026-57958MEDIUMMixpost 2.6.0 - Reflected XSS via OAuth Callback Error ParameterEPSS 0.2%CVE-2026-57957LOWPapermark 0.22.0 - CORS Misconfiguration in Viewer Upload EndpointEPSS 0.3%CVE-2026-57956MEDIUMSigNoz 0.130.1 - Cross-Organization Insecure Direct Object Reference in Alert RulesEPSS 0.2%CVE-2026-57955HIGHSigNoz 0.130.1 - SQL Injection in Alert History Endpoints via Rule ID ParameterEPSS 0.2%CVE-2026-57954MEDIUMElide 7.1.17 - Permission Bypass in Sort Expression ValidationEPSS 0.2%CVE-2026-57953MEDIUMMythic < 3.4.0.60 - Unauthorized Automation Workflow Modification via eventing_import_automatic_webhook EndpointEPSS 0.2%CVE-2026-57952MEDIUMMythic < 3.4.0.60 - Unauthorized C2 Profile Configuration Access via Unverified Payload UUIDEPSS 0.2%CVE-2026-57951HIGHMythic < 3.4.0.60 - Broken Permission Filter in payload_build_step TableEPSS 0.2%CVE-2026-57950HIGHruoyi-vue-pro - Incorrect Permission Namespace in ErpSaleOrderControllerEPSS 0.3%CVE-2026-57949HIGHruoyi-vue-pro - Missing Authorization in CRM Follow-up Record GET EndpointEPSS 0.2%CVE-2026-57948HIGHPinpoint - Insecure Session Cookie Attributes in pinpointJwtEPSS 0.1%CVE-2026-57947MEDIUMPinpoint - Server-Side Request Forgery via Alarm Webhook RegistrationEPSS 0.2%CVE-2026-57946MEDIUMInvidious - Private Playlist Disclosure via Unauthenticated RSS Feed EndpointEPSS 0.3%