NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-40027	ALEAPP (Android Logs Events And Protobuf Parser) through 3.4.0 contains a path traversal vulnerability in the NQ_Vault.py artifact parser that uses at...	2026-04-08	7.3	LOCAL	HIGH	NVD
CVE-2026-40026	The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the ISO9660 filesystem parser where the parse_susp() function trusts len...	2026-04-08	4.4	LOCAL	MEDIUM	NVD
CVE-2026-40025	The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the APFS filesystem keybag parser where the wrapped_key_parser class fol...	2026-04-08	4.4	LOCAL	MEDIUM	NVD
CVE-2026-40024	The Sleuth Kit through 4.14.0 contains a path traversal vulnerability in tsk_recover that allows an attacker to write files to arbitrary locations out...	2026-04-08	7.1	LOCAL	HIGH	NVD
CVE-2026-39901	monetr is a budgeting application focused on planning for recurring expenses. Prior to 1.12.3, a transaction integrity flaw allows an authenticated te...	2026-04-08	5.7	NETWORK	MEDIUM	NVD
CVE-2026-5805	A weakness has been identified in code-projects Easy Blog Site up to 1.0. The impacted element is an unknown function of the file /users/contact_us.ph...	2026-04-08	7.3	NETWORK	HIGH	NVD
CVE-2026-5803	A security flaw has been discovered in bigsk1 openai-realtime-ui up to 188ccde27fdf3d8fab8da81f3893468f53b2797c. The affected element is an unknown fu...	2026-04-08	6.3	NETWORK	MEDIUM	NVD
CVE-2026-5451	The Extensions for Leaflet Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'elevation-track' shortcode in all versions u...	2026-04-08	6.4	NETWORK	MEDIUM	NVD
CVE-2026-5436	The MW WP Form plugin for WordPress is vulnerable to Arbitrary File Move/Read in all versions up to and including 5.1.1. This is due to insufficient v...	2026-04-08	8.1	NETWORK	HIGH	NVD
CVE-2026-39892	cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contigu...	2026-04-08	9.8	NETWORK	CRITICAL	NVD
CVE-2026-39891	PraisonAI is a multi-agent teams system. Prior to 4.5.115, the create_agent_centric_tools() function returns tools (like acp_create_file) that process...	2026-04-08	8.8	NETWORK	HIGH	NVD
CVE-2026-39890	PraisonAI is a multi-agent teams system. Prior to 4.5.115, the AgentService.loadAgentFromFile method uses the js-yaml library to parse YAML files with...	2026-04-08	9.8	NETWORK	CRITICAL	NVD
CVE-2026-39889	PraisonAI is a multi-agent teams system. Prior to 4.5.115, the A2U (Agent-to-User) event stream server in PraisonAI exposes all agent activity without...	2026-04-08	7.5	NETWORK	HIGH	NVD
CVE-2026-39888	PraisonAI is a multi-agent teams system. Prior to 1.5.115, execute_code() in praisonaiagents.tools.python_tools defaults to sandbox_mode="sandbox", wh...	2026-04-08	9.9	NETWORK	CRITICAL	NVD
CVE-2026-39885	FrontMCP is a TypeScript-first framework for the Model Context Protocol (MCP). Prior to 2.3.0, the mcp-from-openapi library uses @apidevtools/json-sch...	2026-04-08	7.5	NETWORK	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.