CVE-2026-34904
7.5HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Analytify Simple Social Media Share Buttons allows Cross Site Request Forgery.This issue affects Simple Social Media Share Buttons: from n/a through ...
4/7/2026CWE-352
Base de Datos de Seguridad
BASE DE DATOS DE
VULNERABILIDADES
Base de datos completa de CVEs, exploits de Exploit-DB y el catálogo KEV de CISA. Actualizada diariamente con las últimas vulnerabilidades.
CVEs
4K+
Exploits
2K+
KEV
69
Diario
EN VIVO
Críticas y Explotadas
CRITICAL
CVE-2026-0740
The Ninja Forms - File Uploads plugin for WordPress is vulnerable to arbitrary file uploads due to m...
CRITICAL
CVE-2026-35022
Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection vulnerability in auth...
CRITICAL
CVE-2026-25371
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
CRITICAL
CVE-2018-25254
NICO-FTP 3.0.1.19 contains a structured exception handler buffer overflow vulnerability that allows ...
CRITICAL
CVE-2016-20052
Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attacke...
CVEs Recientes
CVE-2026-34903
5.4MEDIUM
Missing Authorization vulnerability in OceanWP Ocean Extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ocean Extra: from n/a through 2.5.3.
4/7/2026CWE-862
CVE-2026-34899
5.3MEDIUM
Missing Authorization vulnerability in Eniture technology LTL Freight Quotes – Worldwide Express Edition allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LTL ...
4/7/2026CWE-862
CVE-2026-34896
7.5HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Analytify Under Construction, Coming Soon & Maintenance Mode allows Cross Site Request Forgery.This issue affects Under Construction, Coming Soon & M...
4/7/2026CWE-352
CVE-2026-34197
NONE
Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ. Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bri...
4/7/2026CWE-20, CWE-94
CVE-2026-33227
NONE
Improper validation and restriction of a classpath path name vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All. In two instances (when creating a Stomp consumer and...
4/7/2026CWE-22
Exploits Recientes
EDB-52465
webappsmultiple
WordPress Quiz Maker 6.7.0.56 - SQL Injection
CVE-2025-10042
Rahul Sreenivasan12/25/2025
EDB-52463
webappsmultiple
FreeBSD rtsold 15.x - Remote Code Execution via DNSSL
CVE-2025-14558
Lukas Johannes Möller12/25/2025
EDB-52464
webappsmultiple
Chained Quiz 1.3.5 - Unauthenticated Insecure Direct Object Reference via Cookie
CVE-2025-10493
0xsabre12/25/2025
EDB-52462
webappsmultiple
Summar Employee Portal 3.98.0 - Authenticated SQL Injection
CVE-2025-40677
Peter Gabaldon12/16/2025
EDB-52461
webappsmultiple
esm-dev 136 - Path Traversal
CVE-2025-59342
Byte Reaper12/16/2025
EDB-52460
webappsphp
Pluck 4.7.7-dev2 - PHP Code Execution
CVE-2018-11736
CodeSecLab12/8/2025
Catálogo CISA KEV
| ID CVE | Proveedor | Producto | Fecha añadida | Ransomware |
|---|---|---|---|---|
| CVE-2026-35616 | Fortinet | FortiClient EMS | 2026-04-06 | - |
| CVE-2026-3502 | TrueConf | Client | 2026-04-02 | - |
| CVE-2026-5281 | Dawn | 2026-04-01 | - | |
| CVE-2026-3055 | Citrix | NetScaler | 2026-03-30 | - |
| CVE-2025-53521 | F5 | BIG-IP | 2026-03-27 | - |
Fuentes de Datos
Esta base de datos se proporciona únicamente con fines educativos y de investigación de seguridad autorizada.