NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-39367	WWBN AVideo is an open source video platform. In versions 26.0 and prior, AVideo's EPG (Electronic Program Guide) feature parses XML from user-control...	2026-04-07	5.4	NETWORK	MEDIUM	NVD
CVE-2026-39366	WWBN AVideo is an open source video platform. In versions 26.0 and prior, the PayPal IPN v1 handler at plugin/PayPalYPT/ipn.php lacks transaction dedu...	2026-04-07	6.5	NETWORK	MEDIUM	NVD
CVE-2026-39365	Vite is a frontend tooling framework for JavaScript. From 6.0.0 to before 6.4.2, 7.3.2, and 8.0.5, the dev server’s handling of .map requests for opti...	2026-04-07	6.3	NETWORK	MEDIUM	NVD
CVE-2026-39364	Vite is a frontend tooling framework for JavaScript. From 7.1.0 to before 7.3.2 and 8.0.5, on the Vite dev server, files that should be blocked by ser...	2026-04-07	8.2	NETWORK	HIGH	NVD
CVE-2026-39363	Vite is a frontend tooling framework for JavaScript. From 6.0.0 to before 6.4.2, 7.3.2, and 8.0.5, if it is possible to connect to the Vite dev server...	2026-04-07	8.2	NETWORK	HIGH	NVD
CVE-2026-39361	OpenObserve is a cloud-native observability platform. In 0.70.3 and earlier, the validate_enrichment_url function in src/handler/http/request/enrichme...	2026-04-07	7.7	NETWORK	HIGH	NVD
CVE-2026-39356	Drizzle is a modern TypeScript ORM. Prior to 0.45.2 and 1.0.0-beta.20, Drizzle ORM improperly escaped quoted SQL identifiers in its dialect-specific e...	2026-04-07	7.5	NETWORK	HIGH	NVD
CVE-2026-39322	PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, POST /api/v1/auth/sign-in creates a valid session for banned ac...	2026-04-07	8.8	NETWORK	HIGH	NVD
CVE-2026-32864	There is a memory corruption vulnerability due to an out-of-bounds read in mgcore_SH_25_3!aligned_free() in NI LabVIEW. This vulnerability may result...	2026-04-07	7.8	LOCAL	HIGH	NVD
CVE-2026-32863	There is a memory corruption vulnerability due to an out-of-bounds read in sentry_transaction_context_set_operation() in NI LabVIEW. This vulnerabili...	2026-04-07	7.8	LOCAL	HIGH	NVD
CVE-2026-32862	There is a memory corruption vulnerability due to an out-of-bounds write in ResFileFactory::InitResourceMgr() in NI LabVIEW. This vulnerability may r...	2026-04-07	7.8	LOCAL	HIGH	NVD
CVE-2026-32861	There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted LVCLASS file in NI LabVIEW. This vulnerability may ...	2026-04-07	7.8	LOCAL	HIGH	NVD
CVE-2026-32860	There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted LVLIB file in NI LabVIEW. This vulnerability may re...	2026-04-07	7.8	LOCAL	HIGH	NVD
CVE-2025-69515	An issue in JXL 9 Inch Car Android Double Din Player Android v12.0 allows attackers to force the infotainment system into accepting falsified GPS sign...	2026-04-07	9.1	NETWORK	CRITICAL	NVD
CVE-2025-56015	In GenieACS 1.2.13, an unauthenticated access vulnerability exists in the NBI API endpoint.	2026-04-07	7.5	NETWORK	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.