NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-69893	A side-channel vulnerability exists in the implementation of BIP-39 mnemonic processing, as observed in Trezor One v1.13.0 to v1.14.0, Trezor T v1.13....	2026-04-14	4.6	PHYSICAL	MEDIUM	NVD
CVE-2025-61260	A vulnerability was identified in OpenAI Codex CLI v0.23.0 and before that enables code execution through malicious MCP (Model Context Protocol) confi...	2026-04-14	9.8	NETWORK	CRITICAL	NVD
CVE-2026-31049	An issue in Hostbill v.2025-11-24 and 2025-12-01 allows a remote attacker to execute arbitrary code and escalate privileges via the CSV registration f...	2026-04-14	9.8	NETWORK	CRITICAL	NVD
CVE-2025-8095	The OECH1 prefix encoding is intended to obfuscate values across the OpenEdge platform. It has been identified as cryptographically weak and unsuitab...	2026-04-14	9.1	NETWORK	CRITICAL	NVD
CVE-2025-7389	A vulnerability in the AdminServer component of OpenEdge on all supported platforms grants its authenticated users OS-level access to the server throu...	2026-04-14	8.2	NETWORK	HIGH	NVD
CVE-2026-2450	.NET misconfiguration: use of impersonation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread...	2026-04-14	7.4	NETWORK	HIGH	NVD
CVE-2026-2449	Improper neutralization of argument delimiters in a command ('argument injection') vulnerability in upKeeper Solutions upKeeper Instant Privilege Acce...	2026-04-14	9.0	NETWORK	CRITICAL	NVD
CVE-2026-2332	In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used, similar to the "funky chunks" techniques outl...	2026-04-14	7.4	NETWORK	HIGH	NVD
CVE-2026-24069	Kiuwan SAST improperly authorizes SSO logins for locally disabled mapped user accounts, allowing disabled users to continue accessing the application....	2026-04-14	5.4	NETWORK	MEDIUM	NVD
CVE-2025-13822	MCPHub in versions below 0.11.0 is vulnerable to authentication bypass. Some endpoints are not protected by authentication middleware, allowing an una...	2026-04-14	5.3	ADJACENT	MEDIUM	NVD
CVE-2026-4109	The Eventin – Events Calendar, Event Booking, Ticket & Registration (AI Powered) plugin for WordPress is vulnerable to unauthorized access of data due...	2026-04-14	4.3	NETWORK	MEDIUM	NVD
CVE-2026-33929	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache PDFBox Examples. This issue affects the Extra...	2026-04-14	4.3	NETWORK	MEDIUM	NVD
CVE-2026-33892	A vulnerability has been identified in Industrial Edge Management Pro V1 (All versions >= V1.7.6 < V1.15.17), Industrial Edge Management Pro V2 (All v...	2026-04-14	7.1	NETWORK	HIGH	NVD
CVE-2026-31924	Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX. tencent-cloud-cls log export uses plaintext HTTP This issue affects A...	2026-04-14	5.3	NETWORK	MEDIUM	NVD
CVE-2026-31923	Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX. This can occur due to `ssl_verify` in openid-connect plugin configura...	2026-04-14	7.5	NETWORK	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.