NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-40734	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zahlan Categories Images categories-images allow...	2026-04-15	N/A	None	None	NVD
CVE-2026-40730	Missing Authorization vulnerability in ThemeGrill ThemeGrill Demo Importer themegrill-demo-importer allows Exploiting Incorrectly Configured Access Co...	2026-04-15	N/A	None	None	NVD
CVE-2026-40729	Missing Authorization vulnerability in bPlugins 3D viewer – Embed 3D Models 3d-viewer allows Exploiting Incorrectly Configured Access Control Security...	2026-04-15	N/A	None	None	NVD
CVE-2026-40728	Missing Authorization vulnerability in BlockArt Magazine Blocks magazine-blocks allows Exploiting Incorrectly Configured Access Control Security Level...	2026-04-15	4.3	NETWORK	MEDIUM	NVD
CVE-2026-33805	@fastify/reply-from v12.6.1 and earlier and @fastify/http-proxy v11.4.3 and earlier process the client's Connection header after the proxy has added i...	2026-04-15	9.0	NETWORK	CRITICAL	NVD
CVE-2026-30778	The SkyWalking OAP /debugging/config/dump endpoint may leak sensitive configuration information of MySQL/PostgreSQL. This issue affects Apache SkyWal...	2026-04-15	N/A	None	None	NVD
CVE-2026-28741	Mattermost versions 10.11.x <= 10.11.12, 11.5.x <= 11.5.0, 11.4.x <= 11.4.2, 11.3.x <= 11.3.2 fail to validate CSRF tokens on an authentication endpoi...	2026-04-15	6.8	NETWORK	MEDIUM	NVD
CVE-2026-27769	Mattermost versions 10.11.x <= 10.11.12 fail to validate whether users were correctly owned by the correct Connected Workspace which allows a maliciou...	2026-04-15	2.7	NETWORK	LOW	NVD
CVE-2026-5598	Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules). Non-constant time comparisons risk privat...	2026-04-15	10.0	NETWORK	CRITICAL	NVD
CVE-2026-5588	: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all (pkix modules). PKIX draf...	2026-04-15	6.3	NETWORK	MEDIUM	NVD
CVE-2026-3505	Allocation of resources without limits or throttling vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all (pg modules).This issue aff...	2026-04-15	8.7	NETWORK	HIGH	NVD
CVE-2026-33808	Impact@fastify/express v4.0.4 and earlier fails to normalize URLs before passing them to Express middleware when Fastify router normalization options ...	2026-04-15	9.1	NETWORK	CRITICAL	NVD
CVE-2026-33807	@fastify/express v4.0.4 and earlier contains a path handling bug in the onRegister function that causes middleware paths to be doubled when inherited ...	2026-04-15	9.1	NETWORK	CRITICAL	NVD
CVE-2026-0636	Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov ...	2026-04-15	5.5	NETWORK	MEDIUM	NVD
CVE-2025-14813	Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (core modules). This vulnerab...	2026-04-15	9.3	LOCAL	CRITICAL	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.