NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-28211	The NVDA Dev & Test Toolbox is an NVDA add-on for gathering tools to help NVDA development and testing. A vulnerability exists in versions 2.0 through...	2026-02-26	7.8	LOCAL	HIGH	NVD
CVE-2026-28208	Junrar is an open source java RAR archive library. Prior to version 7.5.8, a backslash path traversal vulnerability in `LocalFolderExtractor` allows a...	2026-02-26	5.9	NETWORK	MEDIUM	NVD
CVE-2026-28207	Zen C is a systems programming language that compiles to human-readable GNU C/C11. Prior to version 0.4.2, a command injection vulnerability (CWE-78) ...	2026-02-26	6.6	LOCAL	MEDIUM	NVD
CVE-2026-27839	wger is a free, open-source workout and fitness manager. In versions up to and including 2.4, three `nutritional_values` action endpoints fetch object...	2026-02-26	4.3	NETWORK	MEDIUM	NVD
CVE-2026-27838	wger is a free, open-source workout and fitness manager. Five routine detail action endpoints check a cache before calling `self.get_object()`. In ver...	2026-02-26	3.1	NETWORK	LOW	NVD
CVE-2026-27638	Actual is a local-first personal finance tool. Prior to version 26.2.1, in multi-user mode (OpenID), the sync API endpoints (`/sync/*`) don't verify t...	2026-02-26	7.1	NETWORK	HIGH	NVD
CVE-2026-3263	A vulnerability was found in go2ismail Asp.Net-Core-Inventory-Order-Management-System up to 9.20250118. Affected by this vulnerability is an unknown f...	2026-02-26	6.3	NETWORK	MEDIUM	NVD
CVE-2026-3262	A vulnerability has been found in go2ismail Asp.Net-Core-Inventory-Order-Management-System up to 9.20250118. Affected is an unknown function of the co...	2026-02-26	6.3	NETWORK	MEDIUM	NVD
CVE-2026-3261	A flaw has been found in itsourcecode School Management System 1.0. This impacts an unknown function of the file /settings/index.php of the component ...	2026-02-26	7.3	NETWORK	HIGH	NVD
CVE-2026-28227	Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, TL4 users can publish topics into staff-only cat...	2026-02-26	1.2	NETWORK	LOW	NVD
CVE-2026-28219	Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, an improper authorization check in the topic man...	2026-02-26	1.3	NETWORK	LOW	NVD
CVE-2026-28218	Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, fail-open access control in Data Explorer plugin...	2026-02-26	5.3	NETWORK	MEDIUM	NVD
CVE-2026-27835	wger is a free, open-source workout and fitness manager. In versions up to and including 2.4, `RepetitionsConfigViewSet` and `MaxRepetitionsConfigView...	2026-02-26	4.3	NETWORK	MEDIUM	NVD
CVE-2026-27457	Weblate is a web based localization tool. Prior to version 5.16.1, the REST API's `AddonViewSet` (`weblate/api/views.py`, line 2831) uses `queryset = ...	2026-02-26	4.3	NETWORK	MEDIUM	NVD
CVE-2026-27449	Umbraco Engage is a business intelligence platform. A vulnerability has been identified in Umbraco Engage prior to versions 16.2.1 and 17.1.1 where ce...	2026-02-26	7.5	NETWORK	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.