NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-11165	A sandbox escape vulnerability exists in dotCMS’s Velocity scripting engine (VTools) that allows authenticated users with scripting privileges to bypa...	2026-02-24	9.4	NETWORK	CRITICAL	NVD
CVE-2024-1524	When the "Silent Just-In-Time Provisioning" feature is enabled for a federated identity provider (IDP) there is a risk that a local user store user's...	2026-02-24	7.7	NETWORK	HIGH	NVD
CVE-2026-1229	The CombinedMult function in the CIRCL ecc/p384 package (secp384r1 curve) produces an incorrect value for specific inputs. The issue is fixed by using...	2026-02-24	2.9	NETWORK	LOW	NVD
CVE-2025-40541	An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native...	2026-02-24	9.1	NETWORK	CRITICAL	NVD
CVE-2025-40540	A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileg...	2026-02-24	9.1	NETWORK	CRITICAL	NVD
CVE-2025-40539	A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileg...	2026-02-24	9.1	NETWORK	CRITICAL	NVD
CVE-2025-40538	A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and exe...	2026-02-24	9.1	NETWORK	CRITICAL	NVD
CVE-2026-24314	Under certain conditions SAP S/4HANA (Manage Payment Media) allows an authenticated attacker to access information which would otherwise be restricted...	2026-02-24	4.3	NETWORK	MEDIUM	NVD
CVE-2025-15589	A vulnerability was determined in MuYuCMS 2.7. Affected is the function delete_dir_file of the file application/admin/controller/Template.php of the c...	2026-02-24	3.8	NETWORK	LOW	NVD
CVE-2025-15386	The Responsive Lightbox & Gallery WordPress plugin before 2.6.1 is vulnerable to an Unauthenticated Stored-XSS attack due to flawed regex replacement ...	2026-02-24	8.8	NETWORK	HIGH	NVD
CVE-2026-3070	A vulnerability was detected in SourceCodester Modern Image Gallery App 1.0. Affected by this vulnerability is an unknown functionality of the file up...	2026-02-24	4.3	NETWORK	MEDIUM	NVD
CVE-2026-3069	A security vulnerability has been detected in itsourcecode Document Management System 1.0. Affected is an unknown function of the file /edtlbls.php. T...	2026-02-24	7.3	NETWORK	HIGH	NVD
CVE-2026-3068	A weakness has been identified in itsourcecode Document Management System 1.0. This impacts an unknown function of the file /deluser.php. Executing a ...	2026-02-24	7.3	NETWORK	HIGH	NVD
CVE-2026-3067	A vulnerability has been found in HummerRisk up to 1.5.0. This issue affects the function extractTarGZ/extractZip of the file hummer-common/hummer-com...	2026-02-24	6.3	NETWORK	MEDIUM	NVD
CVE-2026-3066	A flaw has been found in HummerRisk up to 1.5.0. This vulnerability affects the function fixedCommand of the file hummer-common/hummer-common-core/src...	2026-02-24	6.3	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.