NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID Description Published Base Score Attack Vector Severity Actions
CVE-2026-9292 A Stored Cross-Site Scripting security issue exists within FactoryTalk® DataMosaix™ Private Cloud. The vulnerability stems from improper neutralizatio... 2026-07-14 8.4 NETWORK HIGH NVD
CVE-2026-9128 A code execution security issue exists within Studio 5000 Logix Designer® due to an unquoted search path in the External Tools configuration. The exec... 2026-07-14 7.3 LOCAL HIGH NVD
CVE-2026-9127 A remote code execution security issue exists within Studio 5000 Logix Designer® due to incorrect authorization on a configuration file. This can allo... 2026-07-14 7.3 LOCAL HIGH NVD
CVE-2026-9108 A path traversal security issue exists within Studio 5000 Logix Designer® due to improper limitation of file paths within ACD project files. The softw... 2026-07-14 5.4 LOCAL MEDIUM NVD
CVE-2026-7494 Nexus Repository 3 is vulnerable to Server-Side Request Forgery (SSRF) via the SSL Certificate Retrieval endpoint. A user holding the nexus:ssl-trusts... 2026-07-14 5.3 NETWORK MEDIUM NVD
CVE-2026-62644 In Roundcube Webmail before 1.6.17 and 1.7.x before 1.7.2, the password plugin of the Roundcube Webmail was subject to username spoofing via session d... 2026-07-14 6.4 NETWORK MEDIUM NVD
CVE-2026-62643 In Roundcube Webmail before 1.6.17 and 1.7.x before 1.7.2, insufficient Cascading Style Sheets (CSS) sanitization in HTML e-mail messages may lead to ... 2026-07-14 7.2 NETWORK HIGH NVD
CVE-2026-62642 In Roundcube Webmail before 1.6.17 and 1.7.x before 1.7.2, an infinite loop was discovered in the TNEF decoder, which may lead to denial of service up... 2026-07-14 4.3 NETWORK MEDIUM NVD
CVE-2026-62641 In Roundcube Webmail before 1.6.17 and 1.7.x before 1.7.2, the TNEF decoder was subject to denial of service via a crafted compressed-RTF size. 2026-07-14 4.3 NETWORK MEDIUM NVD
CVE-2026-60119 Hi.Events before 1.11.0 contains a cross-site scripting vulnerability that allows authenticated attackers with event creation or edit permissions to i... 2026-07-14 5.4 NETWORK MEDIUM NVD
CVE-2026-60118 Hi.Events before 1.11.0 contains a missing server-side visibility enforcement vulnerability that allows unauthenticated attackers to purchase hidden t... 2026-07-14 5.3 NETWORK MEDIUM NVD
CVE-2026-59841 A improper restriction of communication channel to intended endpoints vulnerability in Fortinet FortiSIEMWindowsAgent 7.4.0 through 7.4.1 may allow at... 2026-07-14 7.5 ADJACENT_NETWORK HIGH NVD
CVE-2026-59840 A buffer over-read vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiProxy 7.6.0 thro... 2026-07-14 4.3 NETWORK MEDIUM NVD
CVE-2026-59839 A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiOS 7.6.0 through 7.6.6, FortiOS 7.4.0 ... 2026-07-14 5.5 PHYSICAL MEDIUM NVD
CVE-2026-59837 A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.4.0 through 7.4.1, FortiOS 7.2 all versions, FortiPAM 1.8.0 through 1.8.2, FortiPAM ... 2026-07-14 6.6 NETWORK MEDIUM NVD