NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-2251	Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows unauthorized path traversal l...	2026-02-27	9.8	NETWORK	CRITICAL	NVD
CVE-2026-21658	Unauthenticated Remote Code Execution i.e Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Q...	2026-02-27	8.8	NETWORK	HIGH	NVD
CVE-2026-21657	Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insuffici...	2026-02-27	8.8	NETWORK	HIGH	NVD
CVE-2026-21656	Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insuffici...	2026-02-27	8.8	NETWORK	HIGH	NVD
CVE-2026-21654	Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Johnson Controls Frick Controls Quantum HD...	2026-02-27	8.8	NETWORK	HIGH	NVD
CVE-2026-1627	An attacker may exploit the use of outdated and weak MAC algorithms in the device’s SSH service to potentially compromise the integrity of the SSH ses...	2026-02-27	6.5	NETWORK	MEDIUM	NVD
CVE-2026-1626	An attacker may exploit the use of weak CBC-based cipher suites in the device’s SSH service to potentially observe or manipulate parts of the encrypte...	2026-02-27	6.5	NETWORK	MEDIUM	NVD
CVE-2025-12150	A flaw was found in Keycloak’s WebAuthn registration component. This vulnerability allows an attacker to bypass the configured attestation policy and ...	2026-02-27	3.1	NETWORK	LOW	NVD
CVE-2026-27776	IM-LogicDesigner module of intra-mart Accel Platform contains insecure deserialization issue. This can be exploited only when IM-LogicDesigner is depl...	2026-02-27	8.6	NETWORK	HIGH	NVD
CVE-2026-0980	A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with h...	2026-02-27	8.3	NETWORK	HIGH	NVD
CVE-2026-0871	A flaw was found in Keycloak. An administrator with `manage-users` permission can bypass the "Only administrators can view" setting for unmanaged attr...	2026-02-27	4.9	NETWORK	MEDIUM	NVD
CVE-2025-9909	A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creat...	2026-02-27	6.7	LOCAL	MEDIUM	NVD
CVE-2025-9908	A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Streams. This vulnerability allows an authenticated user...	2026-02-27	6.7	LOCAL	MEDIUM	NVD
CVE-2025-9907	A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Stream API. This vulnerability allows exposure of sensit...	2026-02-27	6.7	LOCAL	MEDIUM	NVD
CVE-2025-9572	n authorization flaw in Foreman's GraphQL API allows low-privileged users to access metadata beyond their assigned permissions. Unlike the REST API, w...	2026-02-27	5.0	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.