Vulnerabilidades explotables hoy
10,310en la vista actual
Score único combinando CVSS, membresía KEV y EPSS. Cada CVE con su ficha propia — timeline desde publicación hasta explotación activa.
En catálogo KEV1,647
Nuevos KEV · 24H0
Exploit Today ≥ 701,582
Distribución · última ventana
- Crítico1,327
- Alto4,319
- Medio3,685
- Bajo289
Ventana
Severidad
Filtros
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2026-576717.1 ALT8.9%
——3Unauthenticated Cross Site Scripting (XSS) in perfmatters <= 2.6.4 versions.16dCVE-2026-574267.1 ALT8.9%
——3Unauthenticated Cross Site Scripting (XSS) in Modula - PRO <= 2.10.8 versions.16dCVE-2026-573627.1 ALT8.9%
——3Unauthenticated Cross Site Scripting (XSS) in ChatBot <= 8.3.2 versions.15dCVE-2026-573617.1 ALT8.9%
——3Unauthenticated Cross Site Scripting (XSS) in Survey Maker <= 5.2.2.5 versions.15dCVE-2026-573607.1 ALT8.9%
——3Unauthenticated Cross Site Scripting (XSS) in eCommerce Product Catalog <= 3.5.4 versions.16dCVE-2026-573597.1 ALT8.9%
——3Unauthenticated Cross Site Scripting (XSS) in ReviewX <= 2.3.10 versions.16dCVE-2026-573577.1 ALT8.9%
——3Unauthenticated Cross Site Scripting (XSS) in Search Atlas SEO <= 2.6.6 versions.16dCVE-2026-573567.1 ALT8.9%
——3Unauthenticated Cross Site Scripting (XSS) in MC Woocommerce Wishlist <= 1.9.19 versions.15dCVE-2026-573517.1 ALT8.9%
——3Unauthenticated Cross Site Scripting (XSS) in HandL UTM Grabber <= 2.9.2 versions.16dCVE-2026-573507.1 ALT8.9%
——3Unauthenticated Cross Site Scripting (XSS) in WP Debugging <= 2.12.2 versions.15dCVE-2026-573457.1 ALT8.9%
——3Unauthenticated Cross Site Scripting (XSS) in Internal Links Manager <= 3.0.3 versions.16dCVE-2026-573447.1 ALT8.9%
——3Unauthenticated Cross Site Scripting (XSS) in Classified Listing <= 5.4.2 versions.16dCVE-2026-573437.1 ALT8.9%
——3Unauthenticated Cross Site Scripting (XSS) in Real Estate 7 <= 3.5.9 versions.15dCVE-2026-274307.1 ALT8.9%
——3Unauthenticated Cross Site Scripting (XSS) in TheFox <= 3.9.76 versions.16dCVE-2026-274267.1 ALT8.9%
——3Unauthenticated Cross Site Scripting (XSS) in Automotive Car Dealership Business <= 13.3.3 versions.16dCVE-2026-585937.5 ALT8.9%
——3NodeBB does not bind the claimed author of an inbound ActivityPub object to the authenticated remote actor. The inbound middleware verifies the HTTP-signature actor and checks the origin of object.id, but never validates that attributedTo corresponds to the sender. In the object mock, attributedTo is used directly as a uid, and actors.assert silently ignores numeric identifiers (filtering them out without re-deriving the uid), so a federated remote actor can set attributedTo to a bare numeric value such as 1 and have the resulting post or private message created with that local uid as author, including the administrator account. This lets a remote attacker forge posts and direct messages attributed to arbitrary local users. Requires the ActivityPub/federation feature to be enabled.11dCVE-2026-418375.3 MED8.9%
——3Spring Data REST's Querydsl integration accepts arbitrary persistent property paths as request-parameter filter keys and does not consider Jackson customizations before handing them to Querydsl.
Affected versions:
Spring Data REST 3.7.0 through 3.7.19; 4.3.0 through 4.3.16; 4.4.0 through 4.4.14; 4.5.0 through 4.5.11; 5.0.0 through 5.0.5.8hCVE-2025-39978—8.9%
——3In the Linux kernel, the following vulnerability has been resolved:
octeontx2-pf: Fix potential use after free in otx2_tc_add_flow()
This code calls kfree_rcu(new_node, rcu) and then dereferences "new_node"
and then dereferences it on the next line. Two lines later, we take
a mutex so I don't think this is an RCU safe region. Re-order it to do
the dereferences before queuing up the free.4dCVE-2025-218025.5 MED8.9%
——3In the Linux kernel, the following vulnerability has been resolved:
net: hns3: fix oops when unload drivers paralleling
When unload hclge driver, it tries to disable sriov first for each
ae_dev node from hnae3_ae_dev_list. If user unloads hns3 driver at
the time, because it removes all the ae_dev nodes, and it may cause
oops.
But we can't simply use hnae3_common_lock for this. Because in the
process flow of pci_disable_sriov(), it will trigger the remove flow
of VF, which will also take hnae3_common_lock.
To fixes it, introduce a new mutex to protect the unload process.4dCVE-2024-377748.0 ALT8.9%
——3A Cross-Site Request Forgery (CSRF) in Sunbird DCIM dcTrack v9.1.2 allows authenticated attackers to escalate their privileges by forcing an Administrator user to perform sensitive requests in some admin screens.13dCVE-2026-561785.5 MED8.9%
——3Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.3dCVE-2026-445125.5 MED8.9%
——3Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. From 1.9.0 before 1.22.0, onnx.version_converter.convert_version() can dereference a null pointer in Upsample_6_7::adapt_upsample_6_7() in onnx/version_converter/adapters/upsample_6_7.h when processing an untrusted model with an Upsample node that has zero inputs, causing an unrecoverable denial of service. This issue is fixed in version 1.22.0.4dCVE-2019-256958.4 ALT8.9%
——3R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting malicious input into the GUI Preferences language field. Attackers can craft a payload with a 292-byte offset and JMP ESP instruction to execute commands like calc.exe when the payload is pasted into the Language for menus and messages field.3dCVE-2026-262199.1 CRÍ8.9%
——3newbee-mall stores and verifies user passwords using an unsalted MD5 hashing algorithm. The implementation does not incorporate per-user salts or computational cost controls, enabling attackers who obtain password hashes through database exposure, backup leakage, or other compromise vectors to rapidly recover plaintext credentials via offline attacks.4dCVE-2026-544705.3 MED8.9%
——3Dell Unisphere for PowerMax, version(s) 10.3.0.5 and prior contain(s) an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.1dCVE-2026-478317.5 ALT8.9%
——3Use of a cryptographically weak random number generator in the GenerateRandomPassword function in bosh-windows-stemcell-builder allows a remote attacker to brute-force the resulting SSH login via TCP/22.
Affected versions: bosh-windows-stemcell-builder versions prior to v2019.98.8dCVE-2024-12484.8 MED8.9%
——3The silent Just-In-Time (JIT) provisioning feature in federated authentication implementations fails to properly segregate user roles during account creation when a federated user shares a username with a local user. This allows the provisioning process to overwrite existing roles of local users with roles assigned to the federated user.
Exploitation requires a federated identity provider (IDP) with silent JIT provisioning enabled and an attacker's knowledge of a local user's username. When these conditions are met, a malicious individual can leverage the JIT provisioning process to modify the roles of local users. The overwritten roles are limited to those defined within the federated IDP, typically granting minimal access rights unless explicitly configured otherwise by the federated IDP administrator.8dCVE-2026-144104.3 MED8.9%
——3Inappropriate implementation in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)15dCVE-2026-133234.1 MED8.9%
——3In Open VSX Registry before 1.0.2, the /vscode/unpkg/ endpoint serves user-supplied HTML files with Content-Type: text/html and without a Content-Security-Policy or Content-Disposition: attachment response header. An unauthenticated attacker can register a publisher account, upload a VSIX containing a crafted HTML payload, and induce an authenticated user to visit the resulting URL. The browser renders the file inline in the open-vsx.org origin context, enabling session token exfiltration, persistent Personal Access Token (PAT) generation, and unauthorized publication of malicious extension versions. Because Open VSX extensions are distributed to VS Code, VSCodium, Cursor, Windsurf, and compatible editors, a compromised extension update constitutes a supply chain attack against all downstream users.11dCVE-2026-141344.3 MED8.9%
——3Inappropriate implementation in Autofill in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)12dCVE-2026-141264.3 MED8.9%
——3Incorrect security UI in UI in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)12dCVE-2026-140894.3 MED8.9%
——3Insufficient validation of untrusted input in PopupBlocker in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)16dCVE-2026-140724.3 MED8.9%
——3Inappropriate implementation in SplitView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)16dCVE-2026-140424.3 MED8.9%
——3Inappropriate implementation in Isolated Web Apps in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)16dCVE-2026-140204.3 MED8.9%
——3Insufficient validation of untrusted input in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)16dCVE-2026-140134.3 MED8.9%
——3Inappropriate implementation in SVG in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)16dCVE-2026-139944.3 MED8.9%
——3Inappropriate implementation in Credential Management in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)11dCVE-2026-139874.3 MED8.9%
——3Incorrect security UI in Mobile in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)12dCVE-2026-152954.4 MED8.8%
——3The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 7.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.4dCVE-2025-562935.4 MED8.8%
——3code-projects Human Resource Integrated System 1.0 is vulnerable to Cross Site Scripting (XSS) in the Add Child Information section in the Childs Name field.13d