NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-39418	MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, sandbox network protection can be bypassed by using socket.sendto() ...	2026-04-14	5.0	NETWORK	MEDIUM	NVD
CVE-2026-34264	During authorization checks in SAP Human Capital Management for SAP S/4HANA, the system returns specific messages. Due to this, an authenticated user ...	2026-04-14	6.5	NETWORK	MEDIUM	NVD
CVE-2026-34262	Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer	2026-04-14	5.0	NETWORK	MEDIUM	NVD
CVE-2026-34261	Due to a missing authorization check in SAP Business Analytics and SAP Content Management, an authenticated user could make unauthorized calls to cert...	2026-04-14	6.5	NETWORK	MEDIUM	NVD
CVE-2026-34257	Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL that, if accesse...	2026-04-14	6.1	NETWORK	MEDIUM	NVD
CVE-2026-34256	Due to a missing authorization check in SAP ERP and SAP S/4HANA (Private Cloud and On-Premise), an authenticated attacker could execute a particular A...	2026-04-14	7.1	NETWORK	HIGH	NVD
CVE-2026-40164	jq is a command-line JSON processor. Before commit 0c7d133c3c7e37c00b6d46b658a02244fdd3c784, jq used MurmurHash3 with a hardcoded, publicly visible se...	2026-04-14	7.5	NETWORK	HIGH	NVD
CVE-2026-39417	MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain an incomplete fix for CVE-2025-53928, where a Remote Code Execut...	2026-04-14	4.6	NETWORK	MEDIUM	NVD
CVE-2026-34069	nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. In versions 1.2.2 an...	2026-04-14	5.3	NETWORK	MEDIUM	NVD
CVE-2026-33948	jq is a command-line JSON processor. Commits before 6374ae0bcdfe33a18eb0ae6db28493b1f34a0a5b contain a vulnerability where CLI input parsing allows va...	2026-04-14	2.9	NETWORK	LOW	NVD
CVE-2026-27683	SAP BusinessObjects Business Intelligence application allows an authenticated attacker to inject malicious JavaScript payloads through crafted URLs. W...	2026-04-14	4.1	NETWORK	MEDIUM	NVD
CVE-2026-27681	Due to insufficient authorization checks in SAP Business Planning and Consolidation and SAP Business Warehouse, an authenticated user can execute craf...	2026-04-14	9.9	NETWORK	CRITICAL	NVD
CVE-2026-27679	Due to missing authorization checks in the SAP S/4HANA frontend OData Service (Manage Reference Structures), an attacker could update and delete child...	2026-04-14	6.5	NETWORK	MEDIUM	NVD
CVE-2026-27678	Due to missing authorization checks in the SAP S/4HANA backend OData Service (Manage Reference Structures), an attacker could update and delete child ...	2026-04-14	6.5	NETWORK	MEDIUM	NVD
CVE-2026-27677	Due to missing authorization checks in the SAP S/4HANA OData Service (Manage Reference Equipment), an attacker could update and delete child entities ...	2026-04-14	6.5	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.