Skip to content

RadicalNotion.AI

We do not sell or share your personal information

© 2026 RadicalNotion.AI

Security Data

CWE Directory
CAPEC Directory
CNA Directory
CNA Report Cards
Data Sources

Calculators

CVSS Calculator
CVSS 4.0
CVSS 3.1
CVSS 3.0
CVSS 2.0

Platform

My Vulnerabilities
Insights
Notifications
Account
Pricing

Learn

All guides
What is a CVE?
What is CVSS?
The CISA KEV catalog
What is EPSS?

Company

About us
Blog
Book a demo

Get Started

Sign up
Log in

Legal

Privacy
Terms

Security data

Weaknesses (CWE)The MITRE CWE weakness catalog
Attack Patterns (CAPEC)MITRE CAPEC attack patterns
CNAsNumbering authorities + report cards
VendorsVulnerabilities by vendor

Tools

CVSS CalculatorScore CVSS 4.0, 3.1, 3.0 & 2.0

Resources

LearnPlain-English security guides
Data SourcesHow we source CVE data

About Us Blog Pricing Book a Demo

Log in

Home
Vendors
Labredescefetrj
Wegia

LabRedesCefetRJ WeGIA Vulnerabilities: CVEs, CISA KEV & Security Advisories

LabRedesCefetRJ

191 CVEs

LabRedesCefetRJ WeGIA Vulnerabilities

CVE security advisories and vulnerability history for WeGIA by LabRedesCefetRJ.

191

Total CVEs

Published

0

In CISA KEV

Exploited in the wild

187

Public exploits

With known exploit

7.5

Avg CVSS

2024–2026

Last updated May 27, 2026

Overview

LabRedesCefetRJ WeGIA has 191 published CVE records since 2024, of which 0 are in CISA's Known Exploited Vulnerabilities catalog and 187 have a known public exploit. The average CVSS base score across scored CVEs is 7.5.

This page aggregates every publicly disclosed vulnerability (CVE) affecting LabRedesCefetRJ WeGIA, with a severity breakdown, the affected and patched versions, the most common weakness types, and the full CVE list.

Severity and exploitation

How the CVSS severity of LabRedesCefetRJ WeGIA's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical67

High26

Medium92

Low5

1 additional CVE has no CVSS severity score.

In CISA’s Known Exploited Vulnerabilities catalog

0

None of LabRedesCefetRJ WeGIA's CVEs are currently listed in CISA's KEV catalog.

Public exploits

187

187 of LabRedesCefetRJ WeGIA's CVEs have a known public exploit available.

Affected versions and CVEs

Browse every LabRedesCefetRJ WeGIA version named in a CVE, then pick one to see only the CVEs that affect it.

Specific versions

Fixed in

f2cdf788d655e9643dc8d1474ea1b90fc91e69a317 CVEs
9f03a3e071297e781e90fda481a59b784bc742f515 CVEs
488642d0b6b0c3e1df15190d28204f01004163e914 CVEs
536ac76aa28e0ac0f07010438f919c9cd02f319f14 CVEs
650e84448985b3fb44276b6def5544bd9478ee4510 CVEs
850900af5207393d653ea43d0b15cf94142ad3a38 CVEs
97ce2496b8dea4e01ca7eb4efe20626c0691c9138 CVEs
7e0aa0c861eddcb7771f59101bbabaa28993f44b7 CVEs
59d463f509872a27671d88d6a8b67945980970766 CVEs
a91730bcc6724f7101ba4cd13fdd47a9e4ca59855 CVEs
b61623a639441087e1eb0794df69d49122ec4c71

Find a version

191 CVEs

Sort

WeGIA: Middleware whitelist bypass → open redirect via InternoControle.nextPage
CVE-2026-45335
Public exploit
CWE-601
Medium · CVSS 5.4
EPSS 0.0% (9th pct)2026-05-27
WeGIA: Use of Weak Password Hashing Algorithm (SHA-256, no salt) in html/login.php
CVE-2026-45027
Public exploit
CWE-916
Medium · CVSS 5.9
EPSS 0.0% (4th pct)2026-05-27
WeGIA: Stored XSS in html/atendido/processo_aceitacao.php
CVE-2026-45026
Public exploit
CWE-79
Medium · CVSS 6.8
EPSS 0.0% (12th pct)2026-05-11
WeGIA: Stored XSS in html/atendido/etapa_processo.php
CVE-2026-45025
Public exploit
CWE-79
Medium · CVSS 6.8
EPSS 0.0% (12th pct)2026-05-11
WeGIA: Error Handling Upload DocDependente
CVE-2026-42873
Public exploit
CWE-200
Unscored
EPSS 0.0% (10th pct)2026-05-11
WeGIA: Reflected XSS in listar_arquivos_etapa.php
CVE-2026-42872
Public exploit
CWE-79
Medium · CVSS 6.1
EPSS 0.0% (12th pct)2026-05-11
WeGIA: Cross-Site Scripting (XSS) Stored endpoint 'informacao_adicional.php' parameter 'descricao'
CVE-2026-42870
Public exploit
CWE-79
Medium · CVSS 6.4
EPSS 0.1% (20th pct)2026-05-11
WeGIA: Error Handling familiar_docfamiliar
CVE-2026-42871
Public exploit
CWE-200
Medium · CVSS 6.9
EPSS 0.1% (18th pct)2026-05-11
WeGIA has Cross-Site Scripting in Controle de Contribuição
CVE-2026-40286
Public exploit
CWE-79
High · CVSS 7.5
EPSS 0.0% (14th pct)2026-04-17
WeGIA has SQL Injection via Session Variable Override in DespachoControle.php
CVE-2026-40285
Public exploit
CWE-473
High · CVSS 8.8
EPSS 0.0% (14th pct)2026-04-17
WeGIA has stored XSS in listar_despachos.php
CVE-2026-40284
Public exploit
CWE-79
Medium · CVSS 6.8
EPSS 0.0% (13th pct)2026-04-17
WeGIA has stored XSS in intercorrencia_visualizar.php
CVE-2026-40282
Public exploit
CWE-79
Medium · CVSS 6.4
EPSS 0.1% (21th pct)2026-04-17
WeGIA has stored XSS in profile_paciente.php
CVE-2026-40283
Public exploit
Patch
CWE-79
Medium · CVSS 6.8
EPSS 0.0% (11th pct)2026-04-17
WeGIA - Open Redirect - backup redirection — Unvalidated $_GET['redirect']
CVE-2026-35475
Public exploit
Patch
CWE-601
Medium · CVSS 5.1
EPSS 0.0% (13th pct)2026-04-06
WeGIA - Open Redirect - atualizacao redirection - Unvalidated $_GET['redirect']
CVE-2026-35474
Public exploit
Patch
CWE-601
Medium · CVSS 5.1
EPSS 0.0% (13th pct)2026-04-06
WeGIA - Open Redirect - IentradaControle - listarId() - Unvalidated $_GET['nextPage']
CVE-2026-35473
Public exploit
Patch
CWE-601
Medium · CVSS 6.1
EPSS 0.0% (13th pct)2026-04-06
WeGIA has Stored XSS in backup file names
CVE-2026-35399
Public exploit
Patch
CWE-79
High · CVSS 8.5
EPSS 0.0% (5th pct)2026-04-06
WeGIA - Open Redirect - EstoqueControle - listarTodos() - Unvalidated $_GET['nextPage']
CVE-2026-35472
Public exploit
Patch
CWE-601
Medium · CVSS 5.1
EPSS 0.0% (3th pct)2026-04-06
WeGIA - Open Redirect - OrigemControle - listarTodos() & listarId_Nome() - Unvalidated $_GET['nextPage']
CVE-2026-35398
Public exploit
Patch
CWE-601
Medium · CVSS 6.1
EPSS 0.0% (3th pct)2026-04-06
WeGIA - Open Redirect - IsaidaControle - listarId() - Unvalidated $_GET['nextPage']
CVE-2026-35396
Public exploit
Patch
CWE-601
Medium · CVSS 5.1
EPSS 0.0% (3th pct)2026-04-06
WeGIA has a SQL Injection in DespachoDAO.php via id_memorando parameter
CVE-2026-35395
Public exploit
Patch
CWE-89
High · CVSS 8.8
EPSS 0.0% (2th pct)2026-04-06
WeGIA has SQL Injection in deletar_tag.php
CVE-2026-33991
Public exploit
Patch
CWE-89
High · CVSS 8.8
EPSS 0.1% (23th pct)2026-03-27
WeGIA has Reflected Cross-Site Scripting (XSS) in `listar_memorandos_ativos.php` via `sccd` parameter
CVE-2026-33136
Public exploit
Patch
CWE-79
Critical · CVSS 9.3
EPSS 0.1% (18th pct)2026-03-20
WeGIA has Reflected Cross-Site Scripting (XSS) in `novo_memorandoo.php` via `sccs` parameter
CVE-2026-33135
Public exploit
Patch
CWE-79
Critical · CVSS 9.3
EPSS 0.1% (17th pct)2026-03-20
WeGIA has Authenticated Time-Based Blind SQL Injection in `restaurar_produto.php` via `id_produto` parameter
CVE-2026-33134
Public exploit
Patch
CWE-89
Critical · CVSS 9.3
EPSS 0.0% (14th pct)2026-03-20
WeGIA has an arbitrary SQL execution vulnerability via crafted backup archive
CVE-2026-33133
Patch
CWE-89
High · CVSS 8.6
EPSS 0.1% (27th pct)2026-03-20
WeGIA has a Time-Based Blind SQL Injection in remover_produto_ocultar.php
CVE-2026-31896
Public exploit
Patch
CWE-89
Critical · CVSS 9.8
EPSS 0.0% (14th pct)2026-03-11
WeGIA has a SQL Injection via Direct Query Interpolation in restaurar_produto.php
CVE-2026-31895
Public exploit
Patch
CWE-89
High · CVSS 8.8
EPSS 0.0% (14th pct)2026-03-11
WeGIA affected by arbitrary file read via symlink in backup restore
CVE-2026-31894
Patch
CWE-59
Medium · CVSS 6.9
EPSS 0.1% (27th pct)2026-03-11
WeGIA Vulnerable to Authentication Bypass via `extract($_REQUEST)`
CVE-2026-28411
Public exploit
Patch
CWE-288
Critical · CVSS 9.8
EPSS 0.3% (56th pct)2026-02-27

Showing 30 of 191

Common weakness types

The CWE weakness categories most often found in LabRedesCefetRJ WeGIA CVEs. Follow any weakness for its full explanation.

CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')85 CVEs
CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')61 CVEs
CWE-601URL Redirection to Untrusted Site ('Open Redirect')16 CVEs
CWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')4 CVEs
CWE-770Allocation of Resources Without Limits or Throttling3 CVEs
CWE-287Improper Authentication3 CVEs
CWE-200Exposure of Sensitive Information to an Unauthorized Actor3 CVEs
CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')2 CVEs

Disclosure activity by year

How many LabRedesCefetRJ WeGIA CVEs were published each year.

2024

4

2025

145

2026

42

Other LabRedesCefetRJ products

Browse vulnerabilities for other products by LabRedesCefetRJ.

All LabRedesCefetRJ vulnerabilities

Frequently asked questions

Common questions about LabRedesCefetRJ WeGIA vulnerabilities.

How many CVEs does LabRedesCefetRJ WeGIA have?

LabRedesCefetRJ WeGIA has 191 published CVE records since 2024.

How many LabRedesCefetRJ WeGIA CVEs are in CISA KEV?

None of LabRedesCefetRJ WeGIA's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.

Are there public exploits for LabRedesCefetRJ WeGIA vulnerabilities?

Yes — 187 of LabRedesCefetRJ WeGIA's CVEs have a known public exploit.

Which versions of LabRedesCefetRJ WeGIA are affected?

83 distinct LabRedesCefetRJ WeGIA versions are named across its CVEs. Use the version filter above to see the CVEs affecting a specific version.

What are the most common weakness types in LabRedesCefetRJ WeGIA CVEs?

LabRedesCefetRJ WeGIA's CVEs most often map to these CWE weakness types: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')), CWE-601 (URL Redirection to Untrusted Site ('Open Redirect')), CWE-78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')).

How many critical LabRedesCefetRJ WeGIA vulnerabilities are there?

LabRedesCefetRJ WeGIA has 67 critical and 26 high-severity CVEs.

What is the average severity of LabRedesCefetRJ WeGIA CVEs?

The average CVSS base score across LabRedesCefetRJ WeGIA's scored CVEs is 7.5.

References

All LabRedesCefetRJ vulnerabilities
The MITRE CVE Program (opens in a new tab)
Learn: What is a CVE?
CWE directory: the weakness types these CVEs map to

Vulnerability data is sourced from the CVE Program; severity, KEV, and exploit signals are aggregated by RadicalNotion.AI.

Track LabRedesCefetRJ WeGIA vulnerabilities

Monitor new LabRedesCefetRJ WeGIA vulnerabilities as they are disclosed, with AI-written analysis and remediation guidance.

Start free See pricing

On this page

Overview
Severity and exploitation
Affected versions and CVEs
Common weakness types
Disclosure activity
Other products
FAQ
References

5 CVEs

eb31ff7e33e00fbbf8c732872f69046ec59224985 CVEs

3b84894ad1a62086a1d6fb4ff4bfa8c814e6e1734 CVEs

4b6dd776cf21c20f1f06407331b8b11c8958b4274 CVEs

642c145c6e14d61229b089c9de8a3e11168da78e4 CVEs

ada58bdb49467df92fe61e82ef676e4a12e6c0384 CVEs

b1ec5a049f7cf982d9a4353fccfb57c425886b404 CVEs

ce080cfe51b2fee92a1fdbac0332cfe6caef0e0d4 CVEs

21176917cd63e0bf7c55676a0b090a954b7187533 CVEs

592a08154cf1268ea0344031618b03899168e6a03 CVEs

60501640f3dc7159a5ef94498ea5246513ab8cf82 CVEs

6297c2436eba9a25ab42c9034cbdbc949da452692 CVEs

72a6aaffa7ef97f04ddb1bae75d9f4936d24325a2 CVEs

dad074ec92dc158d7a3097addecf1503c493ac982 CVEs

0da687b7b9ebb3bf64c43fc0ba556eb654ebd5831 CVE

330f641db43cfb0c8ea8bb6025cc0732de4d4d6b1 CVE

3998672f1b86db58eab2808a640903d73b37bd2d1 CVE

6598f44f844d15e77af4e6049d0792e8bd13b6221 CVE

9eaeeaaae3d08788b42f457d0c1dc124054ebaa71 CVE

a08f04de96d3caec85496d7a89a5b82d1960d9dd1 CVE

a54fa4b75b0d81e79ed746243a6ec819c2d2473d1 CVE

acc845c849913cb63c462dbdad37ea60edb565161 CVE

baec5c70620b05a09b130a94db8216e3bfe7e4ce1 CVE

bde1fdc2d187431afc1bfa7fee9c3ca4e83564321 CVE

c82347fdec52174f32f3d5e6cb1a06c7efdd516c1 CVE