NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-27308	ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application deni...	2026-04-14	2.4	ADJACENT_NETWORK	LOW	NVD
CVE-2026-27307	ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application deni...	2026-04-14	2.4	ADJACENT_NETWORK	LOW	NVD
CVE-2026-27306	ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code executi...	2026-04-14	8.4	ADJACENT_NETWORK	HIGH	NVD
CVE-2026-27305	ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vuln...	2026-04-14	8.6	NETWORK	HIGH	NVD
CVE-2026-27304	ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code executi...	2026-04-14	9.3	ADJACENT_NETWORK	CRITICAL	NVD
CVE-2026-27282	ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature byp...	2026-04-14	7.5	NETWORK	HIGH	NVD
CVE-2025-15565	The Nexi XPay plugin for WordPress is vulnerable to unauthorized modification of data due to missing authorization checks on the redirect function in ...	2026-04-14	5.3	NETWORK	MEDIUM	NVD
CVE-2026-34161	Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, a Stored Cross-Site Scripting (XSS) vulnerability exists in...	2026-04-14	5.1	NETWORK	MEDIUM	NVD
CVE-2026-34160	Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, the PENS (Package Exchange Notification Services) plugin en...	2026-04-14	8.6	NETWORK	HIGH	NVD
CVE-2026-33715	Chamilo LMS is an open-source learning management system. In version 2.0-RC.2, the file public/main/inc/ajax/install.ajax.php is accessible without au...	2026-04-14	7.2	NETWORK	HIGH	NVD
CVE-2026-33714	Chamilo is an open-source learning management system (LMS). Version 2.0.0-RC.2 contains a SQL Injection vulnerability in the statistics AJAX endpoint,...	2026-04-14	7.1	NETWORK	HIGH	NVD
CVE-2026-27287	InCopy versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read...	2026-04-14	7.8	LOCAL	HIGH	NVD
CVE-2026-25133	October is a Content Management System (CMS) and web platform. Versions prior to 3.7.14 and 4.1.10 contain a stored cross-site scripting (XSS) vulnera...	2026-04-14	4.8	NETWORK	MEDIUM	NVD
CVE-2026-25125	October is a Content Management System (CMS) and web platform. Versions prior to 3.7.14 and 4.1.10 contain a server-side information disclosure vulner...	2026-04-14	4.9	NETWORK	MEDIUM	NVD
CVE-2026-24893	openITCOCKPIT is an open source monitoring tool built for different monitoring engines. openITCOCKPIT Community Edition prior to version 5.5.2 contain...	2026-04-14	8.8	NETWORK	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.