NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-14815	Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suit...	2026-04-08	9.3	LOCAL	CRITICAL	NVD
CVE-2026-5600	A new API endpoint introduced in pretix 2025 that is supposed to return all check-in events of a specific event in fact returns all check-in events ...	2026-04-08	5.5	NETWORK	MEDIUM	NVD
CVE-2026-5302	CORS misconfiguration in CoolerControl/coolercontrold <4.0.0 allows unauthenticated remote attackers to read data and send commands to the service via...	2026-04-08	6.3	NETWORK	MEDIUM	NVD
CVE-2026-5301	Stored XSS in log viewer in CoolerControl/coolercontrol-ui <4.0.0 allows unauthenticated attackers to take over the service via malicious JavaScript i...	2026-04-08	7.6	NETWORK	HIGH	NVD
CVE-2026-5300	Unauthenticated functionality in CoolerControl/coolercontrold <4.0.0 allows unauthenticated attackers to view and modify potentially sensitive data v...	2026-04-08	5.9	LOCAL	MEDIUM	NVD
CVE-2026-28261	Dell Elastic Cloud Storage, version 3.8.1.7 and prior, and Dell ObjectScale, versions prior to 4.1.0.3 and version 4.2.0.0, contains an Insertion of S...	2026-04-08	7.8	LOCAL	HIGH	NVD
CVE-2026-27102	Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.6 and versions 9.11.0.0 through 9.13.0.1, contains an incorrect privilege assignment vulnerabil...	2026-04-08	6.6	LOCAL	MEDIUM	NVD
CVE-2026-24511	Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.6 and versions 9.11.0.0 through 9.13.0.0, contains a generation of error message containing sen...	2026-04-08	4.4	LOCAL	MEDIUM	NVD
CVE-2026-5208	Command injection in alerts in CoolerControl/coolercontrold <4.0.0 allows authenticated attackers to execute arbitrary code as root via injected bash ...	2026-04-08	8.2	LOCAL	HIGH	NVD
CVE-2026-3396	WCAPF – WooCommerce Ajax Product Filter plugin is vulnerable to time-based SQL Injection via the 'post-author' parameter in all versions up to, and in...	2026-04-08	7.5	NETWORK	HIGH	NVD
CVE-2026-3243	The Advanced Members for ACF plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the create_crop...	2026-04-08	8.8	NETWORK	HIGH	NVD
CVE-2026-2481	The Beaver Builder Page Builder – Drag and Drop Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'settings[js...	2026-04-08	6.4	NETWORK	MEDIUM	NVD
CVE-2026-28264	Dell PowerProtect Agent Service, version(s) prior to 20.1, contain(s) an Incorrect Permission Assignment for Critical Resource vulnerability. A low pr...	2026-04-08	3.3	LOCAL	LOW	NVD
CVE-2026-1865	The User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Build...	2026-04-08	6.5	NETWORK	MEDIUM	NVD
CVE-2026-1673	The BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net plugin for WordPress is vulnerable to Cross-Site Request Forg...	2026-04-08	4.3	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.