NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-35401	Saleor is an e-commerce platform. From 2.0.0 to before 3.23.0a3, 3.22.47, 3.21.54, and 3.20.118, a malicious actor can include many GraphQL mutations ...	2026-04-08	7.5	NETWORK	HIGH	NVD
CVE-2026-35400	LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging r...	2026-04-08	3.5	NETWORK	LOW	NVD
CVE-2026-35169	LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging r...	2026-04-08	8.7	NETWORK	HIGH	NVD
CVE-2026-35165	LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging r...	2026-04-08	6.3	NETWORK	MEDIUM	NVD
CVE-2026-34985	LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging r...	2026-04-08	6.3	NETWORK	MEDIUM	NVD
CVE-2026-34837	Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1, he REST endpoint POST /api/v1/ai_assistance/text_tools/:id contain...	2026-04-08	5.3	NETWORK	MEDIUM	NVD
CVE-2026-34782	Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the REST endpoint POST /api/v1/ai_assistance/text_tools/...	2026-04-08	5.3	NETWORK	MEDIUM	NVD
CVE-2026-34724	Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1, a server-side template injection vulnerability which leads to RCE...	2026-04-08	8.7	NETWORK	HIGH	NVD
CVE-2026-34723	Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, unauthenticated remote attackers were able to access the...	2026-04-08	7.5	NETWORK	HIGH	NVD
CVE-2026-34722	Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the used endpoint for ticket creation was missing author...	2026-04-08	6.9	NETWORK	MEDIUM	NVD
CVE-2026-34721	Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the OAuth callback endpoints for Microsoft, Google, and ...	2026-04-08	5.9	NETWORK	MEDIUM	NVD
CVE-2026-34720	Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the SSO mechanism in Zammad was not verifying the header...	2026-04-08	2.3	NETWORK	LOW	NVD
CVE-2026-34719	Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the webhook model was missing a proper validation for lo...	2026-04-08	4.3	NETWORK	MEDIUM	NVD
CVE-2026-34718	Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the HTML sanitizer for ticket articles was missing prope...	2026-04-08	5.3	NETWORK	MEDIUM	NVD
CVE-2026-34392	LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging r...	2026-04-08	7.5	NETWORK	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.