NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-27141	Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic	2026-02-26	7.5	NETWORK	HIGH	NVD
CVE-2026-26979	Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, TL4 users are able to close, archive and pin top...	2026-02-26	N/A	NETWORK	NONE	NVD
CVE-2026-26973	Discourse is an open source discussion platform. Versions prior to 2025.12.2, 2026.1.1, and 2026.2.0 have an IDOR (Insecure Direct Object Reference) i...	2026-02-26	4.3	NETWORK	MEDIUM	NVD
CVE-2026-23939	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in hexpm hexpm/hexpm ('Elixir.Hexpm.Store.Local' module) ...	2026-02-26	6.9	NETWORK	MEDIUM	NVD
CVE-2026-1565	The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to arbitrar...	2026-02-26	8.8	NETWORK	HIGH	NVD
CVE-2026-1241	The Pelco, Inc. Sarix Professional 3 Series Cameras are vulnerable to an authentication bypass issue in their web management interface. The flaw stems...	2026-02-26	8.7	NETWORK	HIGH	NVD
CVE-2026-26938	Improper Neutralization of Special Elements Used in a Template Engine (CWE-1336) exists in Workflows in Kibana which could allow an attacker to read a...	2026-02-26	8.6	NETWORK	HIGH	NVD
CVE-2026-26937	Uncontrolled Resource Consumption (CWE-400) in the Timelion component in Kibana can lead Denial of Service via Input Data Manipulation (CAPEC-153)	2026-02-26	6.5	NETWORK	MEDIUM	NVD
CVE-2026-22722	A malicious actor with authenticated user privileges on a Windows based Workstation host may be able to cause a null pointer dereference error. To Rem...	2026-02-26	6.1	LOCAL	MEDIUM	NVD
CVE-2026-22715	VMWare Workstation and Fusion contain a logic flaw in the management of network packets. Known attack vectors: A malicious actor with administrative...	2026-02-26	5.9	ADJACENT_NETWORK	MEDIUM	NVD
CVE-2026-26936	Inefficient Regular Expression Complexity (CWE-1333) in the AI Inference Anonymization Engine in Kibana can lead Denial of Service via Regular Express...	2026-02-26	4.9	NETWORK	MEDIUM	NVD
CVE-2026-26935	Improper Input Validation (CWE-20) in the internal Content Connectors search endpoint in Kibana can lead Denial of Service via Input Data Manipulation...	2026-02-26	6.5	NETWORK	MEDIUM	NVD
CVE-2026-26934	Improper Validation of Specified Quantity in Input (CWE-1284) in Kibana can allow an authenticated attacker with view-only privileges to cause a Denia...	2026-02-26	6.5	NETWORK	MEDIUM	NVD
CVE-2026-26932	Improper Validation of Array Index (CWE-129) in the PostgreSQL protocol parser in Packetbeat can lead Denial of Service via Input Data Manipulation (C...	2026-02-26	5.7	ADJACENT_NETWORK	MEDIUM	NVD
CVE-2026-26682	An issue in fastCMS before v.0.1.6 allows a local attacker to execute arbitrary code via the PluginController.java component	2026-02-26	7.8	LOCAL	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.