U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
Icon for New NVD Communications and Status Updates Page
New Communications Page
The NVD now supports CVSS version 4.0!
CVSS v4.0 Support
The letters N V D typed out in binary
2.0 APIs

The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, product names, and impact metrics.

For information on how to cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity

  • CVE-2026-32141 - flatted is a circular JSON parser. Prior to 3.4.0, flatted's parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the r... read CVE-2026-32141
    Published: March 12, 2026; 2:16:25 PM -0400

  • CVE-2026-32230 - Uptime Kuma is an open source, self-hosted monitoring tool. From 2.0.0 to 2.1.3 , the GET /api/badge/:id/ping/:duration? endpoint in server/routers/api-router.js does not verify that the requested monitor belongs to a public group. All other badge... read CVE-2026-32230
    Published: March 12, 2026; 3:16:16 PM -0400

  • CVE-2026-32232 - ZeptoClaw is a personal AI assistant. Prior to 0.7.6, there is a Dangling Symlink Component Bypass, TOCTOU Between Validation and Use, and Hardlink Alias Bypass. This vulnerability is fixed in 0.7.6.
    Published: March 12, 2026; 3:16:17 PM -0400

    V3.1: 9.8 CRITICAL

  • CVE-2026-32235 - Backstage is an open framework for building developer portals. Prior to 0.27.1, the experimental OIDC provider in @backstage/plugin-auth-backend is vulnerable to a redirect URI allowlist bypass. Instances that have enabled experimental Dynamic Cli... read CVE-2026-32235
    Published: March 12, 2026; 3:16:17 PM -0400

    V3.1: 4.7 MEDIUM

  • CVE-2026-32237 - Backstage is an open framework for building developer portals. Prior to 3.1.5, authenticated users with permission to execute scaffolder dry-runs can gain access to server-configured environment secrets through the dry-run API response. Secrets ar... read CVE-2026-32237
    Published: March 12, 2026; 3:16:19 PM -0400

    V3.1: 6.5 MEDIUM

  • CVE-2026-32245 - Tinyauth is an authentication and authorization server. Prior to 5.0.3, the OIDC token endpoint does not verify that the client exchanging an authorization code is the same client the code was issued to. A malicious OIDC client operator can exchan... read CVE-2026-32245
    Published: March 12, 2026; 3:16:19 PM -0400

    V3.1: 6.5 MEDIUM

  • CVE-2026-32246 - Tinyauth is an authentication and authorization server. Prior to 5.0.3, the OIDC authorization endpoint allows users with a TOTP-pending session (password verified, TOTP not yet completed) to obtain authorization codes. An attacker who knows a use... read CVE-2026-32246
    Published: March 12, 2026; 3:16:19 PM -0400

    V3.1: 7.1 HIGH

  • CVE-2026-29777 - Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.10, A tenant with write access to an HTTPRoute resource can inject backtick-delimited rule tokens into Traefik's router rule language via unsanitized header or query parameter match ... read CVE-2026-29777
    Published: March 11, 2026; 12:16:40 PM -0400

    V3.1: 6.5 MEDIUM

  • CVE-2025-67034 - An issue was discovered in Lantronix EDS5000 2.1.0.0R3. An authenticated attacker can inject OS commands into the "name" parameter when deleting SSL credentials through the management interface. Injected commands are executed with root privileges.
    Published: March 11, 2026; 1:16:50 PM -0400

  • CVE-2025-67035 - An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The SSH Client and SSH Server pages are affected by multiple OS injection vulnerabilities due to missing sanitization of input parameters. An attacker can inject arbitrary commands in delete ... read CVE-2025-67035
    Published: March 11, 2026; 1:16:51 PM -0400

  • CVE-2025-67036 - An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The Log Info page allows users to see log files by specifying their names. Due to a missing sanitization in the file name parameter, an authenticated attacker can inject arbitrary OS commands... read CVE-2025-67036
    Published: March 11, 2026; 1:16:51 PM -0400

  • CVE-2025-67037 - An issue was discovered in Lantronix EDS5000 2.1.0.0R3. An authenticated attacker can inject OS commands into the "tunnel" parameter when killing a tunnel connection. Injected commands are executed with root privileges.
    Published: March 11, 2026; 1:16:51 PM -0400

  • CVE-2025-67038 - An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell command to write logs when user's authantication fails. The username is directly concatenated with the command without any sanitization. This allow attack... read CVE-2025-67038
    Published: March 11, 2026; 1:16:52 PM -0400

  • CVE-2025-67039 - An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The authentication on management pages can be bypassed by appending a specific suffix to the URL and by sending an Authorization header that uses "admin" as the username.
    Published: March 11, 2026; 1:16:52 PM -0400

  • CVE-2025-67041 - An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The host parameter of the TFTP client in the Filesystem Browser page is not properly sanitized. This can be exploited to escape from the original command and execute an arbitrary one with r... read CVE-2025-67041
    Published: March 11, 2026; 1:16:52 PM -0400

  • CVE-2025-70082 - An issue in Lantronix EDS3000PS v.3.1.0.0R2 allows an attacker to execute arbitrary code and obtain sensitive information via the ltrx_evo component
    Published: March 11, 2026; 1:16:53 PM -0400

  • CVE-2026-3022 - Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/hospitalization/generate-hospitalization-summary'. This vulnerability could allow an authenticated user to alter a POS... read CVE-2026-3022
    Published: March 16, 2026; 10:19:45 AM -0400

    V3.1: 6.5 MEDIUM

  • CVE-2026-3023 - Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/pets/print-tags'. This vulnerability could allow an authenticated user to alter a POST request to the affected endpoin... read CVE-2026-3023
    Published: March 16, 2026; 10:19:45 AM -0400

    V3.1: 8.8 HIGH

  • CVE-2026-3024 - Stored Cross-Site Scripting (XSS) vulnerability in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/configuracion/agenda/modelo-formulario-evento'. A user with permission to create personalized accounts could exploit this ... read CVE-2026-3024
    Published: March 16, 2026; 10:19:45 AM -0400

    V3.1: 5.4 MEDIUM

  • CVE-2026-4180 - A vulnerability was identified in D-Link DIR-816 1.10CNB05. The impacted element is an unknown function of the file redirect.asp of the component goahead. The manipulation of the argument token_id leads to improper access controls. The attack may ... read CVE-2026-4180
    Published: March 16, 2026; 10:19:58 AM -0400

    V3.1: 9.8 CRITICAL

Created September 20, 2022 , Updated August 27, 2024