NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-24004	Fleet is open source device management software. In versions prior to 4.80.1, a vulnerability in Fleet’s Android MDM Pub/Sub handling could allow unau...	2026-02-26	1.7	NETWORK	LOW	NVD
CVE-2026-23999	Fleet is open source device management software. In versions prior to 4.80.1, Fleet generated device lock and wipe PINs using a predictable algorithm ...	2026-02-26	0.6	PHYSICAL	LOW	NVD
CVE-2026-1779	The User Registration & Membership plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.1.2. This is due to...	2026-02-26	8.1	NETWORK	HIGH	NVD
CVE-2026-2506	The EM Cost Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.3.1. This is due to the p...	2026-02-26	6.1	NETWORK	MEDIUM	NVD
CVE-2026-2499	The Custom Logo plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.2 due to ...	2026-02-26	4.4	NETWORK	MEDIUM	NVD
CVE-2026-2498	The WP Social Meta plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0.1 du...	2026-02-26	4.4	NETWORK	MEDIUM	NVD
CVE-2026-2489	The TP2WP Importer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Watched domains' textarea on the attachment importer set...	2026-02-26	4.4	NETWORK	MEDIUM	NVD
CVE-2026-2029	The Livemesh Addons for Beaver Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `[labb_pricing_item]` shortcode's `ti...	2026-02-26	6.4	NETWORK	MEDIUM	NVD
CVE-2026-27973	Audiobookshelf is a self-hosted audiobook and podcast server. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 0.12.0-bet...	2026-02-26	4.0	NETWORK	MEDIUM	NVD
CVE-2026-27970	Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Versions prior to ...	2026-02-26	6.1	NETWORK	MEDIUM	NVD
CVE-2026-27969	Vitess is a database clustering system for horizontal scaling of MySQL. Prior to versions 23.0.3 and 22.0.4, anyone with read/write access to the back...	2026-02-26	8.8	NETWORK	HIGH	NVD
CVE-2026-27968	Packistry is a self-hosted Composer repository designed to handle PHP package distribution. Prior to version 0.13.0, RepositoryAwareController::author...	2026-02-26	4.3	NETWORK	MEDIUM	NVD
CVE-2026-27966	Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.8.0, the CSV Agent node in Langflow hardcodes `allow...	2026-02-26	9.8	NETWORK	CRITICAL	NVD
CVE-2026-27965	Vitess is a database clustering system for horizontal scaling of MySQL. Prior to versions 23.0.3 and 22.0.4, anyone with read/write access to the back...	2026-02-26	8.4	NETWORK	HIGH	NVD
CVE-2026-27961	Agenta is an open-source LLMOps platform. A Server-Side Template Injection (SSTI) vulnerability exists in versions prior to 0.86.8 in Agenta's API ser...	2026-02-26	8.8	NETWORK	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.