NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID Description Published Base Score Attack Vector Severity Actions
CVE-2026-8023 Zephyr's HTTP server (subsys/net/lib/http) provides a static-filesystem resource type (HTTP_RESOURCE_TYPE_STATIC_FS, available when CONFIG_FILE_SYSTEM... 2026-06-29 7.5 NETWORK HIGH NVD
CVE-2026-7656 The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6_nbr.c (handle_ra_input, handle_ns_input, handle_na_input) used an incorrect boolean express... 2026-06-29 8.1 ADJACENT_NETWORK HIGH NVD
CVE-2026-10648 mcumgr_serial_process_frag() in subsys/mgmt/mcumgr/transport/src/serial_util.c calls net_buf_reset() on the result of smp_packet_alloc() before checki... 2026-06-29 6.2 LOCAL MEDIUM NVD
CVE-2026-57997 Strapi users-permissions plugin fails to restrict JWT algorithms when plugin::users-permissions.jwt.algorithm is not explicitly configured, allowing a... 2026-06-29 4.8 NETWORK MEDIUM NVD
CVE-2026-10647 The USB CDC-NCM device class (subsys/usb/device_next/class/usbd_cdc_ncm.c) ignores the return value of usbd_ep_enqueue() in its ethernet transmit call... 2026-06-29 5.3 ADJACENT_NETWORK MEDIUM NVD
CVE-2026-55957 Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed at... 2026-06-29 7.3 NETWORK HIGH NVD
CVE-2026-55956 Improper Authorization vulnerability in Apache Tomcat leads to security constraints specified for the default servlet ignoring any method or method om... 2026-06-29 6.5 NETWORK MEDIUM NVD
CVE-2026-55955 Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue... 2026-06-29 6.5 NETWORK MEDIUM NVD
CVE-2026-55276 Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not incl... 2026-06-29 9.1 NETWORK CRITICAL NVD
CVE-2026-53434 Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache... 2026-06-29 9.1 NETWORK CRITICAL NVD
CVE-2026-53404 Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, ... 2026-06-29 7.3 NETWORK HIGH NVD
CVE-2026-50229 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in the number guess example for Apache Tomcat. This issue... 2026-06-29 6.1 NETWORK MEDIUM NVD
CVE-2026-43746 A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe ... 2026-06-29 6.5 NETWORK MEDIUM NVD
CVE-2026-43745 An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS T... 2026-06-29 6.5 NETWORK MEDIUM NVD
CVE-2026-43743 A race condition was addressed with improved state handling. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. An app may be ab... 2026-06-29 4.7 LOCAL MEDIUM NVD