NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-30364	CentSDR commit e40795 was discovered to contain a stack overflow in the "Thread1" function.	2026-04-15	7.5	NETWORK	HIGH	NVD
CVE-2024-53412	Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary shell commands and achieve remote ...	2026-04-15	8.4	LOCAL	HIGH	NVD
CVE-2026-4145	During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix that could allow a local authenticated user to...	2026-04-15	7.8	LOCAL	HIGH	NVD
CVE-2026-4135	During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix, that during installation could allow a local ...	2026-04-15	6.6	LOCAL	MEDIUM	NVD
CVE-2026-4134	During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix, that during installation could allow a local ...	2026-04-15	7.3	LOCAL	HIGH	NVD
CVE-2026-25219	The `access_key` and `connection_string` connection properties were not marked as sensitive names in secrets masker. This means that user with read pe...	2026-04-15	6.5	NETWORK	MEDIUM	NVD
CVE-2026-1636	A potential DLL hijacking vulnerability was reported in Lenovo Service Bridge that, under certain conditions, could allow a local authenticated user t...	2026-04-15	6.7	LOCAL	MEDIUM	NVD
CVE-2026-0827	During an internal security assessment, a potential vulnerability was discovered in Lenovo Diagnostics and the HardwareScanAddin used in Lenovo Vantag...	2026-04-15	7.1	LOCAL	HIGH	NVD
CVE-2026-3590	Mattermost versions 10.11.x <= 10.11.12, 11.5.x <= 11.5.0, 11.4.x <= 11.4.2, 11.3.x <= 11.3.2 fail to enforce atomic single-use consumption of guest m...	2026-04-15	6.5	NETWORK	MEDIUM	NVD
CVE-2026-1852	The Product Pricing Table by WooBeWoo plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. Th...	2026-04-15	6.1	NETWORK	MEDIUM	NVD
CVE-2026-40786	Missing Authorization vulnerability in Long Watch Studio MyRewards woorewards allows Exploiting Incorrectly Configured Access Control Security Levels....	2026-04-15	N/A	None	None	NVD
CVE-2026-40784	Authorization Bypass Through User-Controlled Key vulnerability in Mahmudul Hasan Arif FluentBoards fluent-boards allows Exploiting Incorrectly Configu...	2026-04-15	8.1	NETWORK	HIGH	NVD
CVE-2026-40778	Missing Authorization vulnerability in Majestic Support Majestic Support majestic-support allows Exploiting Incorrectly Configured Access Control Secu...	2026-04-15	N/A	None	None	NVD
CVE-2026-40764	Cross-Site Request Forgery (CSRF) vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Cross Site Request Forgery.This issue affec...	2026-04-15	8.1	NETWORK	HIGH	NVD
CVE-2026-40763	Missing Authorization vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Exploiting Incorrectly Configured Access Control ...	2026-04-15	N/A	None	None	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.