NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-27676	Due to missing authorization checks in the SAP S/4HANA OData Service (Manage Technical Object Structures), an attacker could update and delete child e...	2026-04-14	4.3	NETWORK	MEDIUM	NVD
CVE-2026-27675	SAP Landscape Transformation contains a vulnerability in an RFC-exposed function module that could allow a high privileged adversary to inject arbitra...	2026-04-14	2.0	NETWORK	LOW	NVD
CVE-2026-27674	Due to a Code Injection vulnerability in SAP NetWeaver Application Server Java (Web Dynpro Java), an unauthenticated attacker could supply crafted inp...	2026-04-14	6.1	NETWORK	MEDIUM	NVD
CVE-2026-27673	Due to a missing authorization check, SAP S/4HANA (Private Cloud and On-Premise) allows an authenticated user to delete files on the operating system ...	2026-04-14	4.9	NETWORK	MEDIUM	NVD
CVE-2026-27672	The Material Master application does not enforce authorization checks for authenticated users when executing reports, resulting in the disclosure of s...	2026-04-14	4.3	NETWORK	MEDIUM	NVD
CVE-2026-24318	Due to an Insecure session management vulnerability in SAP Business Objects Business Intelligence Platform, an unauthenticated attacker could obtain v...	2026-04-14	4.2	NETWORK	MEDIUM	NVD
CVE-2026-0512	Due to a Cross-Site Scripting (XSS) vulnerability in the SAP Supplier Relationship Management (SICF Handler in SRM Catalog), an unauthenticated attack...	2026-04-14	6.1	NETWORK	MEDIUM	NVD
CVE-2026-6203	The User Registration & Membership plugin for WordPress is vulnerable to Open Redirect in versions up to and including 5.1.4. This is due to insuffici...	2026-04-13	6.1	NETWORK	MEDIUM	NVD
CVE-2026-5086	Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks. For example, if Crypt::SecretBuffer was used to store and compa...	2026-04-13	7.5	NETWORK	HIGH	NVD
CVE-2026-39979	jq is a command-line JSON processor. In commits before 2f09060afab23fe9390cce7cb860b10416e1bf5f, the jv_parse_sized() API in libjq accepts a counted b...	2026-04-13	6.9	NETWORK	MEDIUM	NVD
CVE-2026-39956	jq is a command-line JSON processor. In commits after 69785bf77f86e2ea1b4a20ca86775916889e91c9, the _strindices builtin in jq's src/builtin.c passes i...	2026-04-13	6.1	LOCAL	MEDIUM	NVD
CVE-2026-6224	A security flaw has been discovered in nocobase plugin-workflow-javascript up to 2.0.23. This issue affects the function createSafeConsole of the file...	2026-04-13	7.3	NETWORK	HIGH	NVD
CVE-2026-6220	A vulnerability was identified in HummerRisk up to 1.5.0. This vulnerability affects the function ServerService.addServer of the file ServerService.ja...	2026-04-13	4.7	NETWORK	MEDIUM	NVD
CVE-2026-4786	Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bypassed for certain browser types the "webbrowser.o...	2026-04-13	7.0	LOCAL	HIGH	NVD
CVE-2026-40312	ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, an off by one error in the ...	2026-04-13	6.2	LOCAL	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.