NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-2293	A NestJS application using @nestjs/platform-fastify can allow bypass of authentication/authorization middleware when Fastify path-normalization option...	2026-02-27	8.2	NETWORK	HIGH	NVD
CVE-2026-25147	OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, in `portal/portal_pay...	2026-02-27	7.1	NETWORK	HIGH	NVD
CVE-2026-24488	OpenEMR is a free and open source electronic health records and medical practice management application. In versions up to and including 8.0.0, an arb...	2026-02-27	6.5	NETWORK	MEDIUM	NVD
CVE-2025-69437	PublicCMS v5.202506.d and earlier is vulnerable to stored XSS. Uploaded PDFs can contain JavaScript payloads and bypass PDF security checks in the bac...	2026-02-27	8.7	NETWORK	HIGH	NVD
CVE-2026-3304	Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a De...	2026-02-27	8.7	NETWORK	HIGH	NVD
CVE-2026-3277	The OpenID Connect (OIDC) authentication configuration in PowerShell Universal before 2026.1.3 stores the OIDC client secret in cleartext in the .un...	2026-02-27	N/A	None	None	NVD
CVE-2026-2750	Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centreon Open Tickets modules).This issue affect...	2026-02-27	9.1	NETWORK	CRITICAL	NVD
CVE-2026-2749	Vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centroen Open Ticket modules).This issue affects Centreon Open Tickets on ...	2026-02-27	9.9	NETWORK	CRITICAL	NVD
CVE-2026-2359	Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a De...	2026-02-27	8.7	NETWORK	HIGH	NVD
CVE-2026-3327	Authenticated Iframe Injection in Dato CMS Web Previews plugin. This vulnerability permits a malicious authenticated user to circumvent the restrictio...	2026-02-27	4.8	NETWORK	MEDIUM	NVD
CVE-2026-3223	Arbitrary file write & potential privilege escalation exploiting zip slip vulnerability in Google Web Designer.	2026-02-27	8.4	LOCAL	HIGH	NVD
CVE-2026-2751	Blind SQL Injection via unsanitized array keys in Service Dependencies deletion. Vulnerability in Centreon Centreon Web on Central Server on Linux (Se...	2026-02-27	8.3	NETWORK	HIGH	NVD
CVE-2025-15498	Pro3W CMS if vulnerable to SQL injection attacks. Improper neutralization of input provided into a login form allows an unauthenticated attacker to by...	2026-02-27	9.3	NETWORK	CRITICAL	NVD
CVE-2025-10990	A flaw was found in REXML. A remote attacker could exploit inefficient regular expression (regex) parsing when processing hex numeric character refere...	2026-02-27	7.5	NETWORK	HIGH	NVD
CVE-2025-11950	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in KNOWHY Advanced Technology Trading Ltd. C...	2026-02-27	6.3	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.