NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-54232	vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.1, the vLLM Dockerfile is vulnerable to a dependency confusion...	2026-06-22	8.8	NETWORK	HIGH	NVD
CVE-2026-53923	vLLM is an inference and serving engine for large language models (LLMs). From 0.5.5 until 0.23.1rc0, integer truncation of tensor dimensions in vLLM'...	2026-06-22	7.5	NETWORK	HIGH	NVD
CVE-2026-48746	vLLM is an inference and serving engine for large language models (LLMs). From 0.3.0 until 0.22.0, a vulnerability in ASGI web servers and starlette's...	2026-06-22	9.1	NETWORK	CRITICAL	NVD
CVE-2026-47155	vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.0, vLLM's revision pinning controls do not consistently apply ...	2026-06-22	6.5	NETWORK	MEDIUM	NVD
CVE-2026-41523	vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.0, an assert-based security check in vLLM's activation functio...	2026-06-22	7.5	NETWORK	HIGH	NVD
CVE-2026-56698	Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 fail to validate script-capable URLs in the navigateTo open option, allowing client-side script...	2026-06-22	6.1	NETWORK	MEDIUM	NVD
CVE-2026-56697	Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 accept protocol-relative paths such as //evil.com in the reloadNuxtApp function; these pass the...	2026-06-22	6.1	NETWORK	MEDIUM	NVD
CVE-2026-56357	n8n before 1.123.15 and 2.5.0 contains a webhook forgery vulnerability in the GitHub Webhook Trigger node that fails to implement HMAC-SHA256 signatur...	2026-06-22	4.0	NETWORK	MEDIUM	NVD
CVE-2026-56348	n8n before 2.20.0 contains a credential exfiltration vulnerability in the POST /rest/dynamic-node-parameters/options endpoint that allows authenticate...	2026-06-22	9.1	NETWORK	CRITICAL	NVD
CVE-2026-56326	Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 contain a server-side open redirect vulnerability in navigateTo that fails to properly validate...	2026-06-22	6.1	NETWORK	MEDIUM	NVD
CVE-2026-56268	Flowise before 3.1.2 contains an information disclosure vulnerability in the /api/v1/chatflows/apikey/:apikey endpoint. When the keyonly query paramet...	2026-06-22	7.7	NETWORK	HIGH	NVD
CVE-2026-56266	Crawl4AI before 0.8.7 contains a server-side request forgery vulnerability in the /crawl, /crawl/stream, /md, and /llm endpoints that fetch arbitrary ...	2026-06-22	8.6	NETWORK	HIGH	NVD
CVE-2026-54911	UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Prior to 5.13.0, ujson.dumps() (or ujson.dump() or ujson...	2026-06-22	6.5	NETWORK	MEDIUM	NVD
CVE-2026-48517	MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, MessagePack-CSharp's typeless deserialization includes MessagePackS...	2026-06-22	7.5	NETWORK	HIGH	NVD
CVE-2026-48516	MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, InterfaceLookupFormatter<TKey,TElement> constructs an internal Dict...	2026-06-22	7.5	NETWORK	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.