CVE Security

Cross Site Scripting vulnerability in Advantech WebAccess/SCADA 8.0-2015.08.16 allows a remote attacker to obtain sensitive information via the decryp...

Applications


                                    CVE-2026-36226

Lire l'article

high 8.7

29/05/2026

Vulnérabilité high détectée - CVE-2026-28445

Typebot is a chatbot builder tool. In versions 3.15.2 and prior, the RatingButton component in the embed package renders the user-controlled customIco...

Applications


                                    CVE-2026-28445

Lire l'article

medium 5.4

29/05/2026

Vulnérabilité medium détectée - CVE-2026-28735

Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to validate the OAuth token scope on the callback w...

Applications


                                    CVE-2026-28735

Lire l'article

critical 9.8

29/05/2026

Vulnérabilité critical détectée - CVE-2026-32253

Sunshine is a self-hosted game stream host for Moonlight. In versions prior to 2026.516.143833, the client-certificate authentication can be bypassed ...

Applications


                                    CVE-2026-32253

Lire l'article

low 2.6

29/05/2026

Vulnérabilité low détectée - CVE-2026-9248

Authorization bypass in the entry duplication feature in Devolutions Server allows an authenticated user with write access to any vault to copy docume...

Applications


                                    CVE-2026-9248

Lire l'article

low 3.1

29/05/2026

Vulnérabilité low détectée - CVE-2026-9249

Unverified password change in Devolutions Server allows an attacker to change a user's password without providing the previous one via a crafted passw...

Applications


                                    CVE-2026-9249

Lire l'article

medium 5.4

29/05/2026

Vulnérabilité medium détectée - CVE-2026-9251

Missing authorization in the entry status management feature in Devolutions Server allows a non-administrator authenticated user to bypass the adminis...

Applications


                                    CVE-2026-9251

Lire l'article

low 2.4

29/05/2026

Vulnérabilité low détectée - CVE-2026-9247

Insufficient logging in the entry export feature in Devolutions Server allows an authenticated user with export permissions to export a sealed entry w...

Applications


                                    CVE-2026-9247

Lire l'article

high 7.1

29/05/2026

Vulnérabilité high détectée - CVE-2026-7325

Improper authorization in the Active Directory browsing feature in Devolutions Server allows a low-privileged authenticated user to obtain authenticat...

Applications


                                    CVE-2026-7325

Lire l'article

low 2.7

29/05/2026

Vulnérabilité low détectée - CVE-2026-8477

Improper enforcement of the sealed-entry workflow in the entry sensitive-data retrieval feature in Devolutions Server allows an authenticated user wit...

Applications


                                    CVE-2026-8477

Lire l'article

high 7.6

29/05/2026

Vulnérabilité high détectée - CVE-2026-9047

Improper handling of factor key state in the multi-factor authentication management feature in Devolutions Server allows an attacker with knowledge of...

Applications


                                    CVE-2026-9047

Lire l'article

medium 4.3

29/05/2026

Vulnérabilité medium détectée - CVE-2026-9223

Missing authorization in the vault import feature in Devolutions Server 2026.1.16.0 and earlier allows a low-privileged authenticated user to creat...

Applications


                                    CVE-2026-9223

Lire l'article

11 12 13 14 15