NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-2244	A vulnerability in Google Cloud Vertex AI Workbench from 7/21/2025 to 01/30/2026 allows an attacker to exfiltrate valid Google Cloud access tokens of ...	2026-02-26	8.4	NETWORK	HIGH	NVD
CVE-2026-26077	Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, several webhook endpoints (SendGrid, Mailjet, Ma...	2026-02-26	6.5	NETWORK	MEDIUM	NVD
CVE-2026-2680	Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'customerVATNumber', in 'a3factura-app.wolterskluwer.es/#/incomes/sal...	2026-02-26	4.8	NETWORK	MEDIUM	NVD
CVE-2026-2679	Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'customerName', in 'a3factura-app.wolterskluwer.es/#/incomes/salesInv...	2026-02-26	4.8	NETWORK	MEDIUM	NVD
CVE-2026-2678	Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'name', parameter 'name', in 'a3factura-app.wolterskluwer.es/#/income...	2026-02-26	4.8	NETWORK	MEDIUM	NVD
CVE-2026-2677	Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'name', in 'a3factura-app.wolterskluwer.es/#/incomes/representatives-...	2026-02-26	4.8	NETWORK	MEDIUM	NVD
CVE-2025-14343	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dokuzsoft Technology Ltd. E-Commerce Prod...	2026-02-26	7.6	NETWORK	HIGH	NVD
CVE-2026-1198	SIMPLE.ERP is vulnerable to the SQL Injection in search functionality in "Obroty na kontach" window. Lack of input validation allows an authenticated ...	2026-02-26	8.6	NETWORK	HIGH	NVD
CVE-2025-64999	Improper neutralization of input in Checkmk versions 2.4.0 before 2.4.0p22, and 2.3.0 before 2.3.0p43 allows an attacker that can manipulate a host's ...	2026-02-26	7.3	NETWORK	HIGH	NVD
CVE-2026-28138	Deserialization of Untrusted Data vulnerability in Stylemix uListing ulisting allows Object Injection.This issue affects uListing: from n/a through <=...	2026-02-26	7.2	NETWORK	HIGH	NVD
CVE-2026-28136	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VeronaLabs WP SMS wp-sms allows SQL Injection.Th...	2026-02-26	7.6	NETWORK	HIGH	NVD
CVE-2026-28132	Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in villatheme WooCommerce Photo Reviews woocommerce-photo-...	2026-02-26	5.3	NETWORK	MEDIUM	NVD
CVE-2026-28131	Insertion of Sensitive Information Into Sent Data vulnerability in WPVibes Elementor Addon Elements addon-elements-for-elementor-page-builder allows R...	2026-02-26	6.5	NETWORK	MEDIUM	NVD
CVE-2026-28083	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in UX-themes Flatsome flatsome allows Stored XSS.Th...	2026-02-26	6.5	NETWORK	MEDIUM	NVD
CVE-2026-1698	A HTTP Host header attack vulnerability affects WebClient and the WebScheduler web apps of PcVue in version 15.0.0 through 16.3.3 included, allowing a...	2026-02-26	5.3	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.