NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID Description Published Base Score Attack Vector Severity Actions
CVE-2026-54232 vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.1, the vLLM Dockerfile is vulnerable to a dependency confusion... 2026-06-22 8.8 NETWORK HIGH NVD
CVE-2026-53923 vLLM is an inference and serving engine for large language models (LLMs). From 0.5.5 until 0.23.1rc0, integer truncation of tensor dimensions in vLLM'... 2026-06-22 7.5 NETWORK HIGH NVD
CVE-2026-48746 vLLM is an inference and serving engine for large language models (LLMs). From 0.3.0 until 0.22.0, a vulnerability in ASGI web servers and starlette's... 2026-06-22 9.1 NETWORK CRITICAL NVD
CVE-2026-47155 vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.0, vLLM's revision pinning controls do not consistently apply ... 2026-06-22 6.5 NETWORK MEDIUM NVD
CVE-2026-41523 vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.0, an assert-based security check in vLLM's activation functio... 2026-06-22 7.5 NETWORK HIGH NVD
CVE-2026-56698 Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 fail to validate script-capable URLs in the navigateTo open option, allowing client-side script... 2026-06-22 6.1 NETWORK MEDIUM NVD
CVE-2026-56697 Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 accept protocol-relative paths such as //evil.com in the reloadNuxtApp function; these pass the... 2026-06-22 6.1 NETWORK MEDIUM NVD
CVE-2026-56357 n8n before 1.123.15 and 2.5.0 contains a webhook forgery vulnerability in the GitHub Webhook Trigger node that fails to implement HMAC-SHA256 signatur... 2026-06-22 4.0 NETWORK MEDIUM NVD
CVE-2026-56348 n8n before 2.20.0 contains a credential exfiltration vulnerability in the POST /rest/dynamic-node-parameters/options endpoint that allows authenticate... 2026-06-22 9.1 NETWORK CRITICAL NVD
CVE-2026-56326 Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 contain a server-side open redirect vulnerability in navigateTo that fails to properly validate... 2026-06-22 6.1 NETWORK MEDIUM NVD
CVE-2026-56268 Flowise before 3.1.2 contains an information disclosure vulnerability in the /api/v1/chatflows/apikey/:apikey endpoint. When the keyonly query paramet... 2026-06-22 7.7 NETWORK HIGH NVD
CVE-2026-56266 Crawl4AI before 0.8.7 contains a server-side request forgery vulnerability in the /crawl, /crawl/stream, /md, and /llm endpoints that fetch arbitrary ... 2026-06-22 8.6 NETWORK HIGH NVD
CVE-2026-54911 UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Prior to 5.13.0, ujson.dumps() (or ujson.dump() or ujson... 2026-06-22 6.5 NETWORK MEDIUM NVD
CVE-2026-48517 MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, MessagePack-CSharp's typeless deserialization includes MessagePackS... 2026-06-22 7.5 NETWORK HIGH NVD
CVE-2026-48516 MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, InterfaceLookupFormatter<TKey,TElement> constructs an internal Dict... 2026-06-22 7.5 NETWORK HIGH NVD