NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-14859	The Semtech LR11xx LoRa transceivers implement secure boot functionality using digital signatures to authenticate firmware. However, the implementatio...	2026-04-07	7.0	PHYSICAL	HIGH	NVD
CVE-2025-14858	The Semtech LR11xx LoRa transceivers running early versions of firmware contains an information disclosure vulnerability in its firmware validation fu...	2026-04-07	5.1	PHYSICAL	MEDIUM	NVD
CVE-2025-14857	An improper access control vulnerability exists in Semtech LoRa LR11xxx transceivers running early versions of firmware where the memory write command...	2026-04-07	5.4	PHYSICAL	MEDIUM	NVD
CVE-2026-5762	Allocation of resources without limits or throttling vulnerability in Wikimedia Foundation MediaWiki - ReportIncident Extension allows HTTP DoS. This ...	2026-04-07	5.3	NETWORK	MEDIUM	NVD
CVE-2026-5736	A vulnerability was identified in PowerJob 5.1.0/5.1.1/5.1.2. Impacted is an unknown function of the file powerjob-server/powerjob-server-starter/src/...	2026-04-07	7.3	NETWORK	HIGH	NVD
CVE-2026-39360	RustFS is a distributed object storage system built in Rust. Prior to alpha.90, RustFS contains a missing authorization check in the multipart copy pa...	2026-04-07	4.3	NETWORK	MEDIUM	NVD
CVE-2026-39355	Genealogy is a family tree PHP application. Prior to 5.9.1, a critical broken access control vulnerability in the genealogy application allows any aut...	2026-04-07	9.9	NETWORK	CRITICAL	NVD
CVE-2026-39354	Scoold is a Q&A and a knowledge sharing platform for teams. Prior to 1.66.2, an authenticated authorization flaw in Scoold allows any logged-in, low-p...	2026-04-07	6.5	NETWORK	MEDIUM	NVD
CVE-2026-39351	Frappe is a full-stack web application framework. Prior to 16.14.0 and 15.104.0, Frappe allows unrestricted Doctype access via API exploit.	2026-04-07	9.1	NETWORK	CRITICAL	NVD
CVE-2026-39349	OrangeHRM is a comprehensive human resource management (HRM) system. From 5.0 to 5.8, OrangeHRM Open Source encrypts certain sensitive fields with AES...	2026-04-07	2.7	NETWORK	LOW	NVD
CVE-2026-39348	OrangeHRM is a comprehensive human resource management (HRM) system. From 5.0 to 5.8, OrangeHRM Open Source omits authorization on job specification a...	2026-04-07	4.3	NETWORK	MEDIUM	NVD
CVE-2026-39347	OrangeHRM is a comprehensive human resource management (HRM) system. From 5.0 to 5.8, OrangeHRM Open Source accepts changes to self-appraisal submissi...	2026-04-07	2.7	NETWORK	LOW	NVD
CVE-2026-39346	OrangeHRM is a comprehensive human resource management (HRM) system. From 5.0 to 5.8, OrangeHRM Open Source allowed authenticated users to bypass disa...	2026-04-07	5.4	NETWORK	MEDIUM	NVD
CVE-2026-39345	OrangeHRM is a comprehensive human resource management (HRM) system. From 5.0 to 5.8, OrangeHRM Open Source fails to restrict email template file reso...	2026-04-07	4.9	NETWORK	MEDIUM	NVD
CVE-2026-22711	Improper neutralization of alternate XSS syntax vulnerability in The Wikimedia Foundation Mediawiki - Wikilove Extension allows Cross-Site Scripting (...	2026-04-07	6.9	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.