NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-6264	A critical vulnerability in the Talend JobServer and Talend Runtime allows unauthenticated remote code execution via the JMX monitoring port. The atta...	2026-04-14	9.8	NETWORK	CRITICAL	NVD
CVE-2026-6227	The BackWPup plugin for WordPress is vulnerable to Local File Inclusion via the `block_name` parameter of the `/wp-json/backwpup/v1/getblock` REST end...	2026-04-14	7.2	NETWORK	HIGH	NVD
CVE-2026-4388	The Form Maker by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Matrix field (Text Box input type) in form submissio...	2026-04-14	7.2	NETWORK	HIGH	NVD
CVE-2026-34984	External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. Versions 2.2.0 and ...	2026-04-14	7.1	NETWORK	HIGH	NVD
CVE-2026-4365	The LearnPress plugin for WordPress is vulnerable to unauthorized data deletion due to a missing capability check on the `delete_question_answer()` fu...	2026-04-14	9.1	NETWORK	CRITICAL	NVD
CVE-2026-4352	The JetEngine plugin for WordPress is vulnerable to SQL Injection via the Custom Content Type (CCT) REST API search endpoint in all versions up to, an...	2026-04-14	7.5	NETWORK	HIGH	NVD
CVE-2026-39426	MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a Stored Cross-Site Scripting (XSS) vulnerability where the fron...	2026-04-14	5.1	NETWORK	MEDIUM	NVD
CVE-2026-39425	MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a Stored Cross-Site Scripting (XSS) vulnerability that allows au...	2026-04-14	5.1	NETWORK	MEDIUM	NVD
CVE-2026-39419	MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an authenticated user can bypass sandbox result validation and spoof...	2026-04-14	3.1	NETWORK	LOW	NVD
CVE-2026-34225	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Versions 0.7.2 and below contain a Blind Server Sid...	2026-04-14	4.3	NETWORK	MEDIUM	NVD
CVE-2026-39424	MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, the chat export feature is vulnerable to Improper Neutralization of ...	2026-04-14	5.3	NETWORK	MEDIUM	NVD
CVE-2026-39423	MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain an Eval Injection vulnerability in the Markdown rendering engine...	2026-04-14	6.9	NETWORK	MEDIUM	NVD
CVE-2026-39422	MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a Stored Cross-Site Scripting (XSS) vulnerability through the ap...	2026-04-14	6.9	NETWORK	MEDIUM	NVD
CVE-2026-39421	MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a sandbox escape vulnerability in the ToolExecutor component. By...	2026-04-14	6.3	NETWORK	MEDIUM	NVD
CVE-2026-39420	MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an incomplete sandbox protection mechanism allows an authenticated u...	2026-04-14	6.3	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.