NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-4949	The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vuln...	2026-04-15	4.3	NETWORK	MEDIUM	NVD
CVE-2026-40316	OWASP BLT is a QA testing and vulnerability disclosure platform that encompasses websites, apps, git repositories, and more. Versions prior to 2.1.1 c...	2026-04-15	8.8	NETWORK	HIGH	NVD
CVE-2026-40192	Pillow is a Python imaging library. Versions 10.3.0 through 12.1.1 did not limit the amount of GZIP-compressed data read when decoding a FITS image, m...	2026-04-15	8.7	NETWORK	HIGH	NVD
CVE-2026-40179	Prometheus is an open-source monitoring system and time series database. Versions 3.0 through 3.5.1 and 3.6.0 through 3.11.1 have stored cross-site sc...	2026-04-15	5.3	NETWORK	MEDIUM	NVD
CVE-2026-39350	Istio is an open platform to connect, manage, and secure microservices. In versions 1.25.0 through 1.27.8, 1.28.0 through 1.28.5, 1.29.0, and 1.29.1, ...	2026-04-15	5.4	NETWORK	MEDIUM	NVD
CVE-2026-6388	A flaw was found in ArgoCD Image Updater. This vulnerability allows an attacker, with permissions to create or modify an ImageUpdater resource in a mu...	2026-04-15	9.1	NETWORK	CRITICAL	NVD
CVE-2026-40500	ProcessWire CMS version 3.0.255 and prior contain a server-side request forgery vulnerability in the admin panel's 'Add Module From URL' feature that ...	2026-04-15	6.8	NETWORK	MEDIUM	NVD
CVE-2026-1711	Pega Platform versions 8.1.0 through 25.1.1 are affected by a Stored Cross-Site Scripting vulnerability in a user interface component. Requires a high...	2026-04-15	4.8	NETWORK	MEDIUM	NVD
CVE-2026-1564	Pega Platform versions 8.1.0 through 25.1.1 are affected by an HTML Injection vulnerability in a user interface component. Requires a high privileged ...	2026-04-15	5.1	NETWORK	MEDIUM	NVD
CVE-2026-40261	Composer is a dependency manager for PHP. Versions 1.0 through 2.2.26 and 2.3 through 2.9.5 contain a command injection vulnerability in the Perforce:...	2026-04-15	8.8	NETWORK	HIGH	NVD
CVE-2026-40186	ApostropheCMS is an open-source Node.js content management system. A regression introduced in commit 49d0bb7, included in versions 2.17.1 of the Apost...	2026-04-15	6.1	NETWORK	MEDIUM	NVD
CVE-2026-40176	Composer is a dependency manager for PHP. Versions 1.0 through 2.2.26 and 2.3 through 2.9.5 contain a command injection vulnerability in the Perforce:...	2026-04-15	7.8	LOCAL	HIGH	NVD
CVE-2026-40173	Dgraph is an open source distributed GraphQL database. Versions 25.3.1 and prior contain an unauthenticated credential disclosure vulnerability where ...	2026-04-15	9.4	NETWORK	CRITICAL	NVD
CVE-2026-22676	Barracuda RMM versions prior to 2025.2.2 contain a privilege escalation vulnerability that allows local attackers to gain SYSTEM-level privileges by e...	2026-04-15	7.8	LOCAL	HIGH	NVD
CVE-2026-6385	A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a ma...	2026-04-15	6.5	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.