U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
Icon for New NVD Communications and Status Updates Page
New Communications Page
The NVD now supports CVSS version 4.0!
CVSS v4.0 Support
The letters N V D typed out in binary
2.0 APIs

The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, product names, and impact metrics.

For information on how to cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity

  • CVE-2026-33989 - Mobile Next is an MCP server for mobile development and automation. Prior to version 0.0.49, the `@mobilenext/mobile-mcp` server contains a Path Traversal vulnerability in the `mobile_save_screenshot` and `mobile_start_screen_recording` tools. The... read CVE-2026-33989
    Published: March 27, 2026; 6:16:22 PM -0400

    V3.1: 6.5 MEDIUM

  • CVE-2026-32846 - OpenClaw through 2026.3.23 (fixed in commit 4797bbc) contains a path traversal vulnerability in media parsing that allows attackers to read arbitrary files by bypassing path validation in the isLikelyLocalPath() and isValidMedia() functions. Attac... read CVE-2026-32846
    Published: March 26, 2026; 1:16:37 PM -0400

    V3.1: 7.5 HIGH

  • CVE-2026-29933 - A reflected cross-site scripting (XSS) vulnerability in the /index/login.html component of YZMCMS v7.4 allows attackers to execute arbitrary Javascript in the context of the user's browser via modifying the referrer value in the request header.
    Published: March 26, 2026; 11:16:35 AM -0400

  • CVE-2026-33438 - Stirling-PDF is a locally hosted web application that allows you to perform various operations on PDF files. Versions starting in 2.1.5 and prior to 2.5.2 have Denial of Service (DoS) vulnerability in the Stirling-PDF watermark functionality (`/ap... read CVE-2026-33438
    Published: March 26, 2026; 1:16:40 PM -0400

  • CVE-2026-33442 - Kysely is a type-safe TypeScript SQL query builder. In versions 0.28.12 and 0.28.13, the `sanitizeStringLiteral` method in Kysely's query compiler escapes single quotes (`'` → `''`) but does not escape backslashes. On MySQL with the default `BACKS... read CVE-2026-33442
    Published: March 26, 2026; 1:16:40 PM -0400

  • CVE-2026-33468 - Kysely is a type-safe TypeScript SQL query builder. Prior to version 0.28.14, Kysely's `DefaultQueryCompiler.sanitizeStringLiteral()` only escapes single quotes by doubling them (`'` → `''`) but does not escape backslashes. When used with the MySQ... read CVE-2026-33468
    Published: March 26, 2026; 1:16:41 PM -0400

  • CVE-2026-34071 - Stirling-PDF is a locally hosted web application that allows you to perform various operations on PDF files. In version 2.7.3, the /api/v1/convert/eml/pdf endpoint with parameter downloadHtml=true returns unsanitized HTML from the email body with ... read CVE-2026-34071
    Published: March 26, 2026; 1:16:41 PM -0400

    V3.1: 6.1 MEDIUM

  • CVE-2026-33481 - Syft is a a CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems. Syft versions before v1.42.3 would not properly cleanup temporary storage if the temporary storage was exhausted during a... read CVE-2026-33481
    Published: March 26, 2026; 2:16:29 PM -0400

  • CVE-2026-33486 - Roadiz is a polymorphic content management system based on a node system that can handle many types of services. A vulnerability in roadiz/documents prior to versions 2.7.9, 2.6.28, 2.5.44, and 2.3.42 allows an authenticated attacker to read any f... read CVE-2026-33486
    Published: March 26, 2026; 2:16:29 PM -0400

    V3.1: 6.5 MEDIUM

  • CVE-2026-32710 - MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSON_SCHEMA_VALID() function. Under certain conditions it might be possible to t... read CVE-2026-32710
    Published: March 20, 2026; 3:16:16 PM -0400

    V3.1: 9.9 CRITICAL

  • CVE-2025-61190 - A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in DSpace JSPUI 6.5 within the search/discover filtering functionality. The vulnerability exists due to improper sanitization of user-supplied input via the filter_type_1 par... read CVE-2025-61190
    Published: March 27, 2026; 11:16:45 AM -0400

  • CVE-2026-33638 - Ech0 is an open-source, self-hosted publishing platform for personal idea sharing. Prior to version 4.2.0, `GET /api/allusers` is mounted as a public endpoint and returns user records without authentication. This allows remote unauthenticated user... read CVE-2026-33638
    Published: March 26, 2026; 5:17:07 PM -0400

  • CVE-2026-30162 - Cross Site Scripting (xss) vulnerability in Timo 2.0.3 via crafted links in the title field.
    Published: March 26, 2026; 11:16:36 AM -0400

  • CVE-2026-4903 - A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. This manipulation of the argument PPPOEPassword causes stack-based buffer ... read CVE-2026-4903
    Published: March 26, 2026; 7:16:21 PM -0400

    V3.1: 8.8 HIGH

  • CVE-2026-30637 - Server-Side Request Forgery (SSRF) vulnerability exists in the AnnounContent of the /admin/read.php in OTCMS V7.66 and before. The vulnerability allows remote attackers to craft HTTP requests, without authentication, containing a URL pointing to i... read CVE-2026-30637
    Published: March 27, 2026; 11:16:53 AM -0400

  • CVE-2025-31966 - HCL Sametime is vulnerable to broken server-side validation. While the application performs client-side input checks, these are not enforced by the web server. An attacker can bypass these restrictions by sending manipulated HTTP requests directly... read CVE-2025-31966
    Published: March 17, 2026; 8:16:12 AM -0400

  • CVE-2026-21783 - HCL Traveler is affected by sensitive information disclosure.  The application generates some error messages that provide detailed information about errors and failures, such as internal paths, file names, sensitive tokens, credentials, error code... read CVE-2026-21783
    Published: March 24, 2026; 4:16:26 PM -0400

  • CVE-2026-33490 - H3 is a minimal H(TTP) framework. In versions 2.0.0-0 through 2.0.1-rc.16, the `mount()` method in h3 uses a simple `startsWith()` check to determine whether incoming requests fall under a mounted sub-application's path prefix. Because this check ... read CVE-2026-33490
    Published: March 26, 2026; 2:16:30 PM -0400

    V3.1: 5.3 MEDIUM

  • CVE-2026-4904 - A vulnerability has been found in Tenda AC5 15.03.06.47. This issue affects the function formSetCfm of the file /goform/setcfm of the component POST Request Handler. Such manipulation of the argument funcpara1 leads to stack-based buffer overflow.... read CVE-2026-4904
    Published: March 26, 2026; 8:16:24 PM -0400

    V3.1: 8.8 HIGH

  • CVE-2026-4905 - A vulnerability was found in Tenda AC5 15.03.06.47. Impacted is the function formWifiWpsOOB of the file /goform/WifiWpsOOB of the component POST Request Handler. Performing a manipulation of the argument index results in stack-based buffer overflo... read CVE-2026-4905
    Published: March 26, 2026; 8:16:24 PM -0400

    V3.1: 8.8 HIGH

Created September 20, 2022 , Updated August 27, 2024