Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2026-23891
Decidim is a participatory democracy framework. In versions below 0.30.5 and 0.31.0.rc1 through 0.31.0, a stored code execution vulnerability in the user name field allows a low-privileged attacker to execute arbitrary code in the context of any user who passively visits a comment page, resulting in high confidentiality and integrity impact across security boundaries. This issue has been fixed in versions 0.30.5 and 0.31.1.
CVSS Score
9.3
EPSS Score
0.0
Published
2026-04-13
CVE-2026-34186
Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via custom fields. This issue affects Pandora FMS: from 777 through 800
CVSS Score
8.7
EPSS Score
0.0
Published
2026-04-13
CVE-2026-34188
Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command Injection via Event Response execution. This issue affects Pandora FMS: from 777 through 800
CVSS Score
7.5
EPSS Score
0.001
Published
2026-04-13
CVE-2026-30812
Improper Neutralization of Input During Web Page Generation vulnerability allows Stored Cross-Site Scripting via event comments. This issue affects Pandora FMS: from 777 through 800
CVSS Score
2.1
EPSS Score
0.0
Published
2026-04-13
CVE-2026-30813
Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via module search. This issue affects Pandora FMS: from 777 through 800
CVSS Score
8.7
EPSS Score
0.0
Published
2026-04-13
CVE-2026-30804
Unrestricted Upload of File with Dangerous Type vulnerability allows Remote Code Execution via file upload. This issue affects Pandora FMS: from 777 through 800
CVSS Score
8.6
EPSS Score
0.003
Published
2026-04-13
CVE-2026-30806
Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command Injection via Network Report. This issue affects Pandora FMS: from 777 through 800
CVSS Score
8.7
EPSS Score
0.001
Published
2026-04-13
CVE-2026-30809
Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command Injection via WebServerModuleDebug. This issue affects Pandora FMS: from 777 through 800
CVSS Score
8.7
EPSS Score
0.001
Published
2026-04-13
CVE-2026-30811
Missing Authorization vulnerability allows Exposure of Sensitive Information via configuration endpoint. This issue affects Pandora FMS: from 777 through 800
CVSS Score
8.4
EPSS Score
0.0
Published
2026-04-13
CVE-2025-66769
A NULL pointer dereference in Nitro PDF Pro for Windows v14.41.1.4 allows attackers to cause a Denial of Service (DoS) via a crafted XFA packet.
CVSS Score
7.5
EPSS Score
0.0
Published
2026-04-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved