U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
Icon for NVD Communications and Status Updates Page
Communications Page
The NVD now supports CVSS version 4.0!
CVSS v4.0 Support
The letters N V D typed out in binary
2.0 APIs

The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, product names, and impact metrics.

For information on how to cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity

  • CVE-2026-5941 - Parsing logic flaws cause non-signature data to be misidentified as valid signatures when processing malformed form field hierarchies, leading to invalid memory writes and program crashes during internal data structure construction.
    Published: April 27, 2026; 8:16:24 AM -0400

    V3.1: 7.1 HIGH

  • CVE-2026-5447 - Heap buffer overflow in CertFromX509 via AuthorityKeyIdentifier size confusion. A heap buffer overflow occurs when converting an X.509 certificate internally due to incorrect size handling of the AuthorityKeyIdentifier extension.
    Published: April 09, 2026; 5:16:13 PM -0400

    V3.1: 7.5 HIGH

  • CVE-2026-5263 - URI nameConstraints from constrained intermediate CAs are parsed but not enforced during certificate chain verification in wolfcrypt/src/asn.c. A compromised or malicious sub-CA could issue leaf certificates with URI SAN entries that violate the n... read CVE-2026-5263
    Published: April 09, 2026; 6:16:36 PM -0400

    V3.1: 6.5 MEDIUM

  • CVE-2026-5942 - Flaws in page lifecycle management allow document structure changes to desynchronize internal component states, causing subsequent operations to access invalidated objects and crash the program.
    Published: April 27, 2026; 8:16:24 AM -0400

  • CVE-2026-5264 - Heap buffer overflow in DTLS 1.3 ACK message processing. A remote attacker can send a crafted DTLS 1.3 ACK message that triggers a heap buffer overflow.
    Published: April 09, 2026; 6:16:36 PM -0400

    V3.1: 9.8 CRITICAL

  • CVE-2026-5943 - Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not properly maintained, leading to a crash when access... read CVE-2026-5943
    Published: April 27, 2026; 8:16:24 AM -0400

  • CVE-2026-7233 - A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fz_subset_cff_for_gids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only... read CVE-2026-7233
    Published: April 28, 2026; 3:16:04 AM -0400

    V3.1: 6.1 MEDIUM

  • CVE-2026-41332 - OpenClaw before 2026.3.28 contains an environment variable sanitization vulnerability where GIT_TEMPLATE_DIR and AWS_CONFIG_FILE are not blocked in the host-env blocklist. Attackers can exploit approved exec requests to redirect git or AWS CLI beh... read CVE-2026-41332
    Published: April 23, 2026; 6:16:38 PM -0400

    V3.1: 5.3 MEDIUM

  • CVE-2026-4958 - A vulnerability has been found in OpenBMB XAgent 1.0.0. This affects the function ReplayServer.on_connect/ReplayServer.send_data of the file XAgentServer/application/websockets/replayer.py of the component WebSocket Endpoint. Such manipulation of ... read CVE-2026-4958
    Published: March 27, 2026; 12:16:24 PM -0400

    V3.1: 6.5 MEDIUM

  • CVE-2026-41339 - OpenClaw before 2026.4.2 exposes configPath and stateDir metadata in Gateway connect success snapshots to non-admin authenticated clients. Non-admin clients can recover host-specific filesystem paths and deployment details, enabling host fingerpri... read CVE-2026-41339
    Published: April 23, 2026; 6:16:40 PM -0400

    V3.1: 4.3 MEDIUM

  • CVE-2026-4957 - A flaw has been found in OpenBMB XAgent 1.0.0. The impacted element is the function FunctionHandler.handle_tool_call of the file XAgent/function_handler.py of the component API Key Handler. This manipulation of the argument api_key causes sensitiv... read CVE-2026-4957
    Published: March 27, 2026; 11:17:03 AM -0400

    V3.1: 2.7 LOW

  • CVE-2026-31612 - In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate EaNameLength in smb2_get_ea() smb2_get_ea() reads ea_req->EaNameLength from the client request and passes it directly to strncmp() as the comparison length witho... read CVE-2026-31612
    Published: April 24, 2026; 11:16:40 AM -0400

  • CVE-2026-31611 - In the Linux kernel, the following vulnerability has been resolved: ksmbd: require 3 sub-authorities before reading sub_auth[2] parse_dacl() compares each ACE SID against sid_unix_NFS_mode and on match reads sid.sub_auth[2] as the file mode. If... read CVE-2026-31611
    Published: April 24, 2026; 11:16:40 AM -0400

  • CVE-2026-4959 - A vulnerability was found in OpenBMB XAgent 1.0.0. This impacts the function check_user of the file XAgentServer/application/websockets/share.py of the component ShareServer WebSocket Endpoint. Performing a manipulation of the argument interaction... read CVE-2026-4959
    Published: March 27, 2026; 12:16:25 PM -0400

    V3.1: 7.5 HIGH

  • CVE-2026-31610 - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix mechToken leak when SPNEGO decode fails after token alloc The kernel ASN.1 BER decoder calls action callbacks incrementally as it walks the input. When ksmbd_decode_... read CVE-2026-31610
    Published: April 24, 2026; 11:16:40 AM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2026-31609 - In the Linux kernel, the following vulnerability has been resolved: smb: client: avoid double-free in smbd_free_send_io() after smbd_send_batch_flush() smbd_send_batch_flush() already calls smbd_free_send_io(), so we should not call it again aft... read CVE-2026-31609
    Published: April 24, 2026; 11:16:40 AM -0400

  • CVE-2026-35379 - A logic error in the tr utility of uutils coreutils causes the program to incorrectly define the [:graph:] and [:print:] character classes. The implementation mistakenly includes the ASCII space character (0x20) in the [:graph:] class and excludes... read CVE-2026-35379
    Published: April 22, 2026; 1:16:42 PM -0400

  • CVE-2026-35380 - A logic error in the cut utility of uutils coreutils causes the program to incorrectly interpret the literal two-byte string '' (two single quotes) as an empty delimiter. The implementation mistakenly maps this string to the NUL character for both... read CVE-2026-35380
    Published: April 22, 2026; 1:16:43 PM -0400

  • CVE-2026-41341 - OpenClaw before 2026.3.31 contains a logic error in Discord component interaction routing that misclassifies group direct messages as direct messages in extensions/discord/src/monitor/agent-components-helpers.ts. Attackers can exploit this misclas... read CVE-2026-41341
    Published: April 23, 2026; 6:16:40 PM -0400

    V3.1: 5.4 MEDIUM

  • CVE-2026-41342 - OpenClaw before 2026.3.28 contains an authentication bypass vulnerability in the remote onboarding component that persists unauthenticated discovery endpoints without explicit trust confirmation. Attackers can spoof discovery endpoints to redirect... read CVE-2026-41342
    Published: April 23, 2026; 6:16:40 PM -0400

    V3.1: 8.1 HIGH

Created September 20, 2022 , Updated August 27, 2024