NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-54298	Astro is a web framework. Prior to 6.4.6, the spreadAttributes function in Astro's server-side rendering pipeline iterates over object keys and passes...	2026-06-22	4.2	NETWORK	MEDIUM	NVD
CVE-2026-54293	NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Lang...	2026-06-22	7.5	NETWORK	HIGH	NVD
CVE-2026-53663	React Router is a router for React. From 7.12.0 until 7.15.1, certain CSRF checks in React Router v7 Framework Mode were insufficient and run on POST ...	2026-06-22	3.1	NETWORK	LOW	NVD
CVE-2026-50146	Astro is a web framework. Prior to 6.3.3, when a component uses a client:* directive, Astro inserts named slot content into a data-astro-template attr...	2026-06-22	7.1	NETWORK	HIGH	NVD
CVE-2026-11834	A command injection vulnerability has been identified in the DHCP option processing logic in multiple TP-Link router models, due to insufficient valid...	2026-06-22	8.7	ADJACENT	HIGH	NVD
CVE-2026-56109	The Advanced Linux Sound Architecture (ALSA) library before 1.2.16.1 contains a double-free vulnerability in parse_def() in src/conf.c that allows att...	2026-06-22	6.8	LOCAL	MEDIUM	NVD
CVE-2026-55602	http-proxy-middleware is node.js http-proxy middleware. From 0.16.0 until 2.0.10, 3.0.6, and 4.1.0, http-proxy-middleware documents router proxy-table...	2026-06-22	8.6	NETWORK	HIGH	NVD
CVE-2026-54285	opentelemetry-js is the OpenTelemetry JavaScript Client. Prior to 2.8.0, W3CBaggagePropagator.extract() in @opentelemetry/core does not enforce size l...	2026-06-22	5.3	NETWORK	MEDIUM	NVD
CVE-2026-54283	Starlette is a lightweight ASGI framework/toolkit. From 0.4.1 until 1.3.1, request.form() accepts max_fields and max_part_size to bound resource consu...	2026-06-22	7.5	NETWORK	HIGH	NVD
CVE-2026-54282	Starlette is a lightweight ASGI framework/toolkit. Prior to 1.3.0, the HTTP request path is not validated before being used to reconstruct request.url...	2026-06-22	3.7	NETWORK	LOW	NVD
CVE-2026-54280	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, payload resources are not closed correctly when a cli...	2026-06-22	7.5	NETWORK	HIGH	NVD
CVE-2026-54279	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, host-only cookies that are saved with CookieJar.save(...	2026-06-22	7.5	NETWORK	HIGH	NVD
CVE-2026-54278	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, during cleanup it is possible for a compressed reques...	2026-06-22	7.5	NETWORK	HIGH	NVD
CVE-2026-54277	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, it is possible to bypass the max_line_size check in p...	2026-06-22	6.6	NETWORK	MEDIUM	NVD
CVE-2026-54276	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, DigestAuthMiddleware can send an authentication respo...	2026-06-22	6.3	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.