NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID Description Published Base Score Attack Vector Severity Actions
CVE-2026-40711 Dell Dell Container Storage Modules, version(s) csi-powerstore v2.16.0, csi-unity v2.16.0, csi-powerflex v2.16.0, csi-powermax v2.16.0, contain(s) an ... 2026-06-26 8.0 NETWORK HIGH NVD
CVE-2026-57918 libnfs through 6.0.2 before 935b8db has an xid integer underflow in READ_IOVEC in rpc_read_from_socket in lib/socket.c during a connection to a crafte... 2026-06-26 7.1 NETWORK HIGH NVD
CVE-2026-57473 A vulnerability exists in the netclient and factory services of Reolink Home Hub (versions prior to v3.3.0.456_26031911) due to the possibility of bru... 2026-06-26 5.8 ADJACENT MEDIUM NVD
CVE-2026-13325 A flaw was found in KubeVirt's migration proxy. When spec.configuration.migrations.disableTLS is set to true on the KubeVirt custom resource, the targ... 2026-06-26 8.5 NETWORK HIGH NVD
CVE-2025-7958 A Code Injection vulnerability existed in Trellix Network Security CM and NX. A locally authenticated admin user can execute arbitrary code using the ... 2026-06-26 7.1 ADJACENT HIGH NVD
CVE-2026-49486 The Apache Airflow FTP provider's `FTPSHook.get_conn()` created an `ftplib.FTP_TLS` connection but never called `prot_p()`, so although the control ch... 2026-06-26 7.5 NETWORK HIGH NVD
CVE-2026-2053 The WSO2 API Manager's message flow component, when processing WS-Addressing headers, does not sufficiently validate or restrict user-controlled input... 2026-06-26 8.3 NETWORK HIGH NVD
CVE-2026-8661 Server-Side Cross-Site Scripting and Server-Side Request Forgery vulnerability in the markdown_to_pdf action of Rapid7 InsightConnect Markdown Plugin ... 2026-06-26 4.8 NETWORK MEDIUM NVD
CVE-2026-50745 A missing sanitisation vulnerability exists with user input in the stats-video.php script. The way URLs to this script were constructed did not follow... 2026-06-26 6.1 NETWORK MEDIUM NVD
CVE-2026-50744 A bypass to the admin‑only restriction of the XML‑RPC API in Revive Adserver 6.0.7. The API response for the ox.login method returned a session ID coo... 2026-06-26 N/A None None NVD
CVE-2026-50742 A stored XSS vulnerabilities exists in the `maintenance-acl-check.php` and `maintenance-banners-check.php` tools of Revive Adserver 6.0.7. The issue w... 2026-06-26 5.4 NETWORK MEDIUM NVD
CVE-2026-50741 Bypass to the fix for CVE-2026-34916. Variants of such vectors have been also reported by phucrio and offsetmd. The fix can be bypassed either by send... 2026-06-26 N/A None None NVD
CVE-2026-50740 A missing sanitisation vulnerability of user input in the zone-include.php script exists in Revive Adserver 6.0.7 and earlier. A low‑privileged user c... 2026-06-26 5.4 NETWORK MEDIUM NVD
CVE-2026-50739 A bypass for CVE‑2026‑34913 exists with proper ownership validation that had not been applied to the reverse operation of linking campaigns and tracke... 2026-06-26 N/A None None NVD
CVE-2026-48936 A flaw in Node.js Permission API can cause a local server to be started (via a Unix domain socket), even without the `--allow-net` permission. This... 2026-06-26 N/A None None NVD