NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID Description Published Base Score Attack Vector Severity Actions
CVE-2026-9651 CWE-732 Incorrect Permission Assignment for Critical Resource vulnerability that could cause unauthorized disclosure of password hashes and potential ... 2026-06-25 6.7 LOCAL MEDIUM NVD
CVE-2026-9650 CWE-522 Insufficiently Protected Credentials vulnerability that could cause unauthorized access and exposure of sensitive information when unauthentic... 2026-06-25 8.7 NETWORK HIGH NVD
CVE-2026-57456 Vim is an open source, command line text editor. Prior to 9.2.0699, Vim's Python omni-completion (runtime/autoload/python3complete.vim and the legacy ... 2026-06-25 7.8 LOCAL HIGH NVD
CVE-2026-57455 Vim is an open source, command line text editor. Prior to 9.2.0698, the single-byte branch of spell_soundfold_sofo() in src/spell.c translates a word ... 2026-06-25 7.8 LOCAL HIGH NVD
CVE-2026-57454 Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose off... 2026-06-25 6.1 LOCAL MEDIUM NVD
CVE-2026-57453 Vim is an open source, command line text editor. From 9.1.1784 until 9.2.0678, when the bundled zip plugin autoload/zip.vim falls back to PowerShell t... 2026-06-25 6.5 LOCAL MEDIUM NVD
CVE-2026-57452 Vim is an open source, command line text editor. Prior to 9.2.0671, when Vim opens a file encrypted with the VimCrypt~04! or VimCrypt~05! method (xcha... 2026-06-25 5.5 LOCAL MEDIUM NVD
CVE-2026-57451 Vim is an open source, command line text editor. Prior to 9.2.0670, get_text_props() in src/textprop.c reads a uint16 property count stored inline aft... 2026-06-25 5.3 LOCAL MEDIUM NVD
CVE-2026-57438 Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, XInclude substitution performed by Nokogiri::XML::... 2026-06-25 6.6 LOCAL MEDIUM NVD
CVE-2026-55895 Vim is an open source, command line text editor. Prior to 9.2.0663, a Vimscript code injection vulnerability exists in s:NetrwLocalRmFile() in the net... 2026-06-25 7.8 LOCAL HIGH NVD
CVE-2026-55892 Vim is an open source, command line text editor. Prior to 9.2.0662, the dump_prefixes() function in src/spell.c walks a spell-file prefix trie iterati... 2026-06-25 5.5 LOCAL MEDIUM NVD
CVE-2026-55693 Vim is an open source, command line text editor. Prior to 9.2.0653, the tree_count_words() function in src/spellfile.c fills in the word-count fields ... 2026-06-25 7.8 LOCAL HIGH NVD
CVE-2026-54036 LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the GET /api/auth/2fa/enable endpoint can be called by... 2026-06-25 5.3 NETWORK MEDIUM NVD
CVE-2026-4522 Missing authentication for critical function vulnerability in HYPR Passwordless on Windows allows Credentials Interception. This issue affects HYPR P... 2026-06-25 6.7 LOCAL MEDIUM NVD
CVE-2026-48946 The K2 frontend article-attachment upload path accepts files whose extension is `.php`, and Apache's standard mod_php matches `\.php$` and executes th... 2026-06-25 6.3 NETWORK MEDIUM NVD