NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-56263	Crawl4AI before 0.8.7 contains a stored cross-site scripting vulnerability in the monitor dashboard that renders crawl URLs and error messages via inn...	2026-06-23	6.1	NETWORK	MEDIUM	NVD
CVE-2026-56258	Crawl4AI before 0.8.8 contains an arbitrary file write vulnerability in the screenshot and PDF endpoints that allows unauthenticated attackers to writ...	2026-06-23	8.1	NETWORK	HIGH	NVD
CVE-2025-71337	Flowise before 3.0.10 (affected versions 3.0.7 and earlier) contains an unverified email change vulnerability. An authenticated user can change the ac...	2026-06-23	8.3	NETWORK	HIGH	NVD
CVE-2023-54365	Traefik before 2.10.5 and 3.0.0-beta4 is affected by a denial-of-service vulnerability in HTTP/2 request handling inherited from the Go standard libra...	2026-06-23	7.5	NETWORK	HIGH	NVD
CVE-2026-4983	Open VSX Registry does not sanitize SVG files uploaded as extension icons prior to storage, and serves them with Content-Type: image/svg+xml without s...	2026-06-23	4.1	NETWORK	MEDIUM	NVD
CVE-2026-11374	In ManageEngine ADSelfService Plus, RecoveryManager Plus, M365 Manager Plus, and ADAudit Plus, the SSO tickets generated to authenticate that session ...	2026-06-23	9.0	NETWORK	CRITICAL	NVD
CVE-2026-55655	A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible ...	2026-06-23	5.0	LOCAL	MEDIUM	NVD
CVE-2026-55654	A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI (Generic Security Service Application ...	2026-06-23	3.7	NETWORK	LOW	NVD
CVE-2026-55653	A flaw was found in OpenSSH. A malicious SSH server can exploit a double free vulnerability in the Diffie-Hellman Group Exchange (DH-GEX) client path....	2026-06-23	4.3	NETWORK	MEDIUM	NVD
CVE-2026-10658	A missing length validation in the Zephyr Bluetooth Host ISO receive path can be triggered by malformed HCI ISO data. In bt_iso_recv() (subsys/bluetoo...	2026-06-23	7.1	ADJACENT_NETWORK	HIGH	NVD
CVE-2026-10651	A malformed Bluetooth Classic SDP attribute can trigger a reachable assertion in Zephyr's SDP parser. In subsys/bluetooth/host/classic/sdp.c, bt_sdp_p...	2026-06-23	7.1	ADJACENT_NETWORK	HIGH	NVD
CVE-2026-10645	Zephyr's ext2 directory-entry parser does not fully validate on-disk directory entry structure before copying the entry name and advancing traversal s...	2026-06-23	4.9	PHYSICAL	MEDIUM	NVD
CVE-2026-54236	vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, the fix for CVE-2026-22778, which introduced a sanitize_...	2026-06-22	5.3	NETWORK	MEDIUM	NVD
CVE-2026-54235	vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, ll temperature validation gates use comparison operators...	2026-06-22	6.5	NETWORK	MEDIUM	NVD
CVE-2026-54233	vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, vLLM's /v1/audio/transcriptions endpoint limits compress...	2026-06-22	6.5	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.