NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-26227	VideoLAN VLC for Android prior to version 3.7.0 contains an authentication bypass in the Remote Access Server feature due to missing or insufficient r...	2026-02-26	3.7	NETWORK	LOW	NVD
CVE-2026-23750	Golioth Pouch version 0.1.0, prior to commit 1b2219a1, contains a heap-based buffer overflow in BLE GATT server certificate handling. server_cert_writ...	2026-02-26	8.1	ADJACENT_NETWORK	HIGH	NVD
CVE-2026-23749	Golioth Firmware SDK version 0.19.1 prior to 0.22.0, fixed in commit 0e788217, contain an out-of-bounds read due to improper null termination of a blo...	2026-02-26	2.9	LOCAL	LOW	NVD
CVE-2026-23748	Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit d7f55b38, contain an out-of-bounds read in LightDB State string parsing. When pro...	2026-02-26	3.7	NETWORK	LOW	NVD
CVE-2026-23747	Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit 48f521b, contain a stack-based buffer overflow in Payload Utils. The golioth_payl...	2026-02-26	3.7	NETWORK	LOW	NVD
CVE-2025-50857	ZenTaoPMS v18.11 through v21.6.beta is vulnerable to Directory Traversal in /module/ai/control.php. This allows attackers to execute arbitrary code vi...	2026-02-26	9.8	NETWORK	CRITICAL	NVD
CVE-2026-28296	A flaw was found in the FTP GVfs backend. A remote attacker could exploit this input validation vulnerability by supplying specially crafted file path...	2026-02-26	4.3	NETWORK	MEDIUM	NVD
CVE-2026-28295	A flaw was found in the FTP GVfs backend. A malicious FTP server can exploit this vulnerability by providing an arbitrary IP address and port in its p...	2026-02-26	4.3	NETWORK	MEDIUM	NVD
CVE-2026-26265	Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, an IDOR vulnerability in the directory items end...	2026-02-26	7.5	NETWORK	HIGH	NVD
CVE-2026-26228	VideoLAN VLC for Android prior to version 3.7.0 contains a path traversal vulnerability in the Remote Access Server routing for the authenticated endp...	2026-02-26	4.9	NETWORK	MEDIUM	NVD
CVE-2026-26207	Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, `discourse-policy` plugin allows any authenticat...	2026-02-26	5.4	NETWORK	MEDIUM	NVD
CVE-2026-26078	Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, when the `patreon_webhook_secret` site setting i...	2026-02-26	7.5	NETWORK	HIGH	NVD
CVE-2025-71057	Improper session management in D-Link Wireless N 300 ADSL2+ Modem Router DSL-124 ME_1.00 allows attackers to execute a session hijacking attack via sp...	2026-02-26	8.2	NETWORK	HIGH	NVD
CVE-2025-56605	A reflected Cross-Site Scripting (XSS) vulnerability exists in the register.php backend script of PuneethReddyHC Event Management System 1.0. The mobi...	2026-02-26	5.4	NETWORK	MEDIUM	NVD
CVE-2026-3071	Deserialization of untrusted data in the LanguageModel class of Flair from versions 0.4.1 to latest are vulnerable to arbitrary code execution when lo...	2026-02-26	8.4	LOCAL	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.