NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-20081	Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected sys...	2026-04-15	6.5	NETWORK	MEDIUM	NVD
CVE-2026-20078	Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected sys...	2026-04-15	6.5	NETWORK	MEDIUM	NVD
CVE-2026-20061	A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to perform an SQL inject...	2026-04-15	4.3	NETWORK	MEDIUM	NVD
CVE-2026-20060	A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to redirect a user to ...	2026-04-15	4.7	NETWORK	MEDIUM	NVD
CVE-2026-20059	A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a reflected...	2026-04-15	6.1	NETWORK	MEDIUM	NVD
CVE-2025-63029	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WC Lovers WCFM Marketplace allows SQL Injection....	2026-04-15	7.6	NETWORK	HIGH	NVD
CVE-2025-15636	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Emarket-design YouTube Showcase allows Stored XS...	2026-04-15	6.5	NETWORK	MEDIUM	NVD
CVE-2025-15635	Cross-Site Request Forgery (CSRF) vulnerability in Zaytech Smart Online Order for Clover allows Cross Site Request Forgery.This issue affects Smart On...	2026-04-15	4.3	NETWORK	MEDIUM	NVD
CVE-2025-15610	Deserialization of untrusted data vulnerability in OpenText, Inc RightFax on Windows, 64 bit, 32 bit allows Object Injection.This issue affects RightF...	2026-04-15	9.3	NETWORK	CRITICAL	NVD
CVE-2026-5387	The vulnerability, if exploited, could allow an unauthenticated miscreant to perform operations intended only for Simulator Instructor or Simulator De...	2026-04-15	9.3	NETWORK	CRITICAL	NVD
CVE-2026-30625	Upsonic 0.71.6 contains a remote code execution vulnerability in its MCP server/task creation functionality. The application allows users to define MC...	2026-04-15	N/A	None	None	NVD
CVE-2026-30624	Agent Zero 0.9.8 contains a remote code execution vulnerability in its External MCP Servers configuration feature. The application allows users to def...	2026-04-15	N/A	None	None	NVD
CVE-2026-30617	LangChain-ChatChat 0.3.1 contains a remote code execution vulnerability in its MCP STDIO server configuration and execution handling. A remote attacke...	2026-04-15	N/A	None	None	NVD
CVE-2026-30616	Jaaz 1.0.30 contains a remote code execution vulnerability in its MCP STDIO command execution handling. A remote attacker can send crafted network req...	2026-04-15	N/A	None	None	NVD
CVE-2026-30615	A prompt injection vulnerability in Windsurf 1.9544.26 allows remote attackers to execute arbitrary commands on a victim system. When Windsurf process...	2026-04-15	N/A	None	None	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.