NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID Description Published Base Score Attack Vector Severity Actions
CVE-2026-40422 Use of uninitialized resource in Windows File Explorer allows an authorized attacker to disclose information locally. 2026-07-14 5.5 LOCAL MEDIUM NVD
CVE-2026-40400 Relative path traversal in Windows PowerShell allows an authorized attacker to execute code over a network. 2026-07-14 8.0 NETWORK HIGH NVD
CVE-2026-40378 Memory allocation with excessive size value in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny serv... 2026-07-14 7.5 NETWORK HIGH NVD
CVE-2026-36214 osTicket versions from 1.10 up to 1.17.7 and from 1.18.0 up to 1.18.3 are vulnerable to a stored XSS due to a vulnerable Bootstrap Tooltip component a... 2026-07-14 N/A None None NVD
CVE-2026-34349 Exposure of sensitive information to an unauthorized actor in Windows Media allows an authorized attacker to disclose information locally. 2026-07-14 5.5 LOCAL MEDIUM NVD
CVE-2026-34348 Protection mechanism failure in Windows Event Logging Service allows an authorized attacker to disclose information over a network. 2026-07-14 6.5 NETWORK MEDIUM NVD
CVE-2026-34346 Cleartext transmission of sensitive information in Windows Ancillary Function Driver for WinSock allows an authorized attacker to disclose information... 2026-07-14 5.5 LOCAL MEDIUM NVD
CVE-2026-34328 Exposure of sensitive information to an unauthorized actor in Windows Audio Service allows an authorized attacker to disclose information locally. 2026-07-14 5.5 LOCAL MEDIUM NVD
CVE-2026-33842 Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. 2026-07-14 5.5 LOCAL MEDIUM NVD
CVE-2026-15429 A privilege escalation vulnerability exists in the HTTP authentication component in Archer VX1800v v1. Improper handling of user-controlled input may ... 2026-07-14 5.1 ADJACENT MEDIUM NVD
CVE-2026-15428 An OS command injection vulnerability exists in Archer VX800v v1 due to insufficient input sanitization of the domain name parameter. An adjacent atta... 2026-07-14 8.5 ADJACENT HIGH NVD
CVE-2026-15427 An OS command injection vulnerability exists in the TR-069 / CWMP management interface of Archer VX1800v v1 due to insufficient input validation and s... 2026-07-14 8.6 NETWORK HIGH NVD
CVE-2026-14646 Nexus Repository 3 did not apply its existing Server-Side Request Forgery (SSRF) protections to HTTP redirect targets returned by proxy repository ups... 2026-07-14 4.9 NETWORK MEDIUM NVD
CVE-2026-14645 Nexus Repository 3 does not validate the destination of the "Webhook: Global" capability's configured URL before making an outbound HTTP request, allo... 2026-07-14 5.1 NETWORK MEDIUM NVD
CVE-2026-9636 A security issue exists within CompactLogix® 5380, ControlLogix® 5580, and EN4 communication modules related to CIP Security certificate revocation ha... 2026-07-14 8.2 NETWORK HIGH NVD