NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-25219	The `access_key` and `connection_string` connection properties were not marked as sensitive names in secrets masker. This means that user with read pe...	2026-04-15	N/A	None	None	NVD
CVE-2026-1636	A potential DLL hijacking vulnerability was reported in Lenovo Service Bridge that, under certain conditions, could allow a local authenticated user t...	2026-04-15	6.7	LOCAL	MEDIUM	NVD
CVE-2026-0827	During an internal security assessment, a potential vulnerability was discovered in Lenovo Diagnostics and the HardwareScanAddin used in Lenovo Vantag...	2026-04-15	7.1	LOCAL	HIGH	NVD
CVE-2026-3590	Mattermost versions 10.11.x <= 10.11.12, 11.5.x <= 11.5.0, 11.4.x <= 11.4.2, 11.3.x <= 11.3.2 fail to enforce atomic single-use consumption of guest m...	2026-04-15	6.5	NETWORK	MEDIUM	NVD
CVE-2026-1852	The Product Pricing Table by WooBeWoo plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. Th...	2026-04-15	6.1	NETWORK	MEDIUM	NVD
CVE-2026-40786	Missing Authorization vulnerability in Long Watch Studio MyRewards woorewards allows Exploiting Incorrectly Configured Access Control Security Levels....	2026-04-15	N/A	None	None	NVD
CVE-2026-40784	Authorization Bypass Through User-Controlled Key vulnerability in Mahmudul Hasan Arif FluentBoards fluent-boards allows Exploiting Incorrectly Configu...	2026-04-15	8.1	NETWORK	HIGH	NVD
CVE-2026-40778	Missing Authorization vulnerability in Majestic Support Majestic Support majestic-support allows Exploiting Incorrectly Configured Access Control Secu...	2026-04-15	N/A	None	None	NVD
CVE-2026-40764	Cross-Site Request Forgery (CSRF) vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Cross Site Request Forgery.This issue affec...	2026-04-15	8.1	NETWORK	HIGH	NVD
CVE-2026-40763	Missing Authorization vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Exploiting Incorrectly Configured Access Control ...	2026-04-15	N/A	None	None	NVD
CVE-2026-40745	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bdthemes Element Pack Elementor Addons bdthemes-...	2026-04-15	7.6	NETWORK	HIGH	NVD
CVE-2026-40744	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Beaver Builder Beaver Builder beaver-builder-lit...	2026-04-15	N/A	None	None	NVD
CVE-2026-40742	Missing Authorization vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Exploiting Incorrectly Configured Access Control Securi...	2026-04-15	5.3	NETWORK	MEDIUM	NVD
CVE-2026-40740	Missing Authorization vulnerability in Themeum Tutor LMS tutor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affe...	2026-04-15	N/A	None	None	NVD
CVE-2026-40737	Authorization Bypass Through User-Controlled Key vulnerability in VillaTheme COMPE compe-woo-compare-products allows Exploiting Incorrectly Configured...	2026-04-15	5.3	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.