CVE.report
CVE.report is the most up-to-date database of common vulnerabilities and exposures. Information is pulled in from several sources and processed in to a mobile friendly, easy to use page. Use the site to quickly check for vulnerabilities in products such as operating systems, applications, hardware, networks, databases, browsers, e-mail clients and more.
CVEs provide a unique and common naming scheme for publicly known cyber security vulnerabilities in order to quickly identify and share these vulnerabilities. You can use the search below to look for vulnerabilities based on product, vendor, or common tags
The form you will see after following this link allows you to fill out the various variables in the CVSS scoring system and receive the corresponding score. The description of each of the variables is also included for additional information.
cve.report now provides a free read-only JSON API for CVE details. Each record combines the CVE Program JSON record, NVD enrichment, KEV, and EPSS when available.
Recent CVEs
| CVE | Description | Updated |
|---|---|---|
| CVE-2026-12217 json | A security vulnerability has been detected in DVDFab Virtual Drive 2.0.0.5. Impacted is an unknown function in the library dv... | Mon, 15 Jun 2026 00:29:14 |
| CVE-2026-12216 json | A weakness has been identified in svaarala duktape up to 2.99.99. This issue affects some unknown processing of the file duk_... | Mon, 15 Jun 2026 00:29:14 |
| CVE-2026-12214 json | A security flaw has been discovered in Qihoo 360 Total Security 6.0. This vulnerability affects the function RpcStringBinding... | Mon, 15 Jun 2026 00:29:14 |
| CVE-2026-12213 json | A vulnerability was found in hcengineering Huly Platform up to 0.7.0. Affected by this vulnerability is the function getAccou... | Mon, 15 Jun 2026 00:29:14 |
| CVE-2026-12212 json | A vulnerability has been found in hcengineering Huly Platform up to 0.7.0. Affected is the function getMailboxSecret of the f... | Mon, 15 Jun 2026 00:29:14 |
| CVE-2026-12211 json | A flaw has been found in Intelbras iNVU 7016 FT 3.004.00IB000.0.T Build 2025-09-26. This impacts an unknown function of the f... | Sun, 14 Jun 2026 23:29:12 |
| CVE-2026-12210 json | A vulnerability was detected in universal-tool-calling-protocol python-utcp 1.1.0. This affects an unknown function of the co... | Sun, 14 Jun 2026 23:29:12 |
| CVE-2026-12209 json | A security vulnerability has been detected in RubyLouvre avalon up to 2.2.10. The impacted element is an unknown function of ... | Sun, 14 Jun 2026 23:29:12 |
| CVE-2026-12208 json | A weakness has been identified in jsonata-js jsonata up to 2.2.0. The affected element is the function createFrame of the fil... | Sun, 14 Jun 2026 23:29:12 |
| CVE-2026-4887 json | A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote ... | Sun, 14 Jun 2026 23:29:12 |
| CVE-2026-4775 json | A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putco... | Sun, 14 Jun 2026 23:29:12 |
| CVE-2025-5372 json | A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function respon... | Sun, 14 Jun 2026 23:29:12 |
| CVE-2026-50009 json | Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, Nett... | Sun, 14 Jun 2026 22:44:11 |
| CVE-2026-48748 json | Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, a me... | Sun, 14 Jun 2026 22:44:11 |
| CVE-2026-44892 json | Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, the ... | Sun, 14 Jun 2026 22:44:11 |
| CVE-2026-44894 json | Netty is a network application framework for development of protocol servers and clients. NoQuicTokenHandler is the tokenHand... | Sun, 14 Jun 2026 22:29:11 |
| CVE-2026-12207 json | A security flaw has been discovered in medkey-org medkey up to fc09b7ba9441ff590b72d428d5380834216b09ed. Impacted is the func... | Sun, 14 Jun 2026 22:29:11 |
| CVE-2026-12206 json | A vulnerability was identified in Grit42 Grit up to 0.11.0. This issue affects the function Grit::Assays::DataTableEntity of ... | Sun, 14 Jun 2026 22:29:11 |
| CVE-2026-12204 json | A vulnerability was determined in ShopXO up to 6.7.1. This vulnerability affects the function OrderClose/OrderSuccess/PayLogO... | Sun, 14 Jun 2026 22:29:11 |
| CVE-2026-12203 json | A vulnerability was found in HKUDS AI-Trader up to 74caf996f78dcc0c657df8365c8544678a16e215. This affects an unknown part of ... | Sun, 14 Jun 2026 22:29:11 |
| CVE-2026-12202 json | A vulnerability has been found in Intelliants Subrion CMS up to 4.0.3. Affected by this issue is some unknown functionality o... | Sun, 14 Jun 2026 22:29:11 |
| CVE-2026-45673 json | Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and... | Sun, 14 Jun 2026 22:14:10 |
| CVE-2026-8694 json | Improper access control in Devolutions PowerShell Universal 2026.1.7 and earlier allows an unauthenticated remote attacker to... | Sun, 14 Jun 2026 22:14:10 |
| CVE-2026-12201 json | A flaw has been found in IObit Malware Fighter up to 13.2.0. Affected by this vulnerability is an unknown functionality of th... | Sun, 14 Jun 2026 21:29:09 |
| CVE-2026-12200 json | A security vulnerability has been detected in Ritlabs TinyWeb Server up to 1.94 on Win32. This impacts an unknown function in... | Sun, 14 Jun 2026 21:29:09 |
| CVE-2026-12198 json | A weakness has been identified in Microweber up to 2.0.20. This affects the function userfiles_path of the file /api_nosessio... | Sun, 14 Jun 2026 20:29:07 |
| CVE-2026-12197 json | A security flaw has been discovered in Ruijie EG105G-P 2.340. The impacted element is the function nslookup of the file /cgi-... | Sun, 14 Jun 2026 20:29:07 |
| CVE-2026-12193 json | A vulnerability was identified in VS Revo RevoUninstaller 2.5.x/2.6.x. The affected element is the function IOCtl_Handler in ... | Sun, 14 Jun 2026 20:29:07 |
| CVE-2026-12192 json | A vulnerability was determined in GALAYOU Y4 1.0.0. Impacted is an unknown function of the component Web Server. This manipul... | Sun, 14 Jun 2026 20:29:07 |
| CVE-2026-11527 json | Config::IniFiles versions before 3.001000 for Perl allow OS command injection and file overwrite via a 2-arg open() of the -f... | Sun, 14 Jun 2026 20:29:07 |
| CVE-2026-11526 json | GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _m... | Sun, 14 Jun 2026 20:29:07 |
| CVE-2026-12191 json | A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file se... | Sun, 14 Jun 2026 19:29:06 |
| CVE-2026-12190 json | A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the ... | Sun, 14 Jun 2026 19:29:06 |
| CVE-2026-12189 json | A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.t... | Sun, 14 Jun 2026 19:29:05 |
| CVE-2026-12188 json | A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file mo... | Sun, 14 Jun 2026 19:29:05 |
| CVE-2026-12187 json | A security vulnerability has been detected in GL.iNet GL-MT3000 up to 4.4.5. Affected by this vulnerability is an unknown fun... | Sun, 14 Jun 2026 19:29:05 |
| CVE-2026-12186 json | A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5. Affected is the function replace_country in the library /usr... | Sun, 14 Jun 2026 17:27:14 |
| CVE-2026-54413 json | driftregion iso14229 through 0.9.0 contains an integer underflow and downstream out-of-bounds read in the Handle_0x27_Securit... | Sun, 14 Jun 2026 14:24:14 |
| CVE-2026-54412 json | LiamBindle MQTT-C through version 1.1.6 contains a heap-based out-of-bounds read and integer underflow in the mqtt_unpack_pub... | Sun, 14 Jun 2026 14:24:14 |
| CVE-2026-54411 json | Linux-PAM through 1.7.2 contains an observable timing discrepancy (CWE-208) in the pam_userdb module's plaintext-password com... | Sun, 14 Jun 2026 14:24:14 |
| CVE-2026-54410 json | nanoMODBUS through v1.23.0 contains an off-by-one buffer overflow in the recv_msg_header() function of the Modbus/TCP server ... | Sun, 14 Jun 2026 14:24:14 |
| CVE-2026-9641 json | Crypt::PBKDF2 versions before 0.261630 for Perl have a weak default algorithm and number of iterations. The default algorith... | Sun, 14 Jun 2026 11:20:14 |
| CVE-2026-5598 json | Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules). This vulnerabil... | Sun, 14 Jun 2026 06:29:14 |
| CVE-2025-15546 json | The Iptanus File Upload WordPress plugin before 5.1.7 does not implement proper file handling when the duplicatepolicy settin... | Sun, 14 Jun 2026 04:28:42 |
| CVE-2026-52907 json | In the Linux kernel, the following vulnerability has been resolved: media: rockchip: rkcif: fix off by one bugs Change thes... | Sun, 14 Jun 2026 02:27:23 |
| CVE-2026-52906 json | In the Linux kernel, the following vulnerability has been resolved: 9p: fix access mode flags being ORed instead of replaced... | Sun, 14 Jun 2026 02:27:23 |
| CVE-2026-46332 json | In the Linux kernel, the following vulnerability has been resolved: greybus: gb-beagleplay: bound bootloader receive bufferi... | Sun, 14 Jun 2026 02:27:23 |
| CVE-2026-46330 json | In the Linux kernel, the following vulnerability has been resolved: Revert "net/smc: Introduce TCP ULP support" This revert... | Sun, 14 Jun 2026 02:27:23 |
| CVE-2026-46328 json | In the Linux kernel, the following vulnerability has been resolved: apparmor: fix rlimit for posix cpu timers Posix cpu tim... | Sun, 14 Jun 2026 02:27:23 |
| CVE-2026-46327 json | In the Linux kernel, the following vulnerability has been resolved: dm: fix unlocked test for dm_suspended_md The function ... | Sun, 14 Jun 2026 02:27:23 |
| CVE-2026-46326 json | In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix spi_transfer struct init... | Sun, 14 Jun 2026 02:27:23 |
| CVE-2026-46325 json | In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix iova-to-va conversion for MR page sizes !=... | Sun, 14 Jun 2026 02:27:23 |
| CVE-2026-46324 json | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use list_del_rcu for netlink hooks... | Sun, 14 Jun 2026 02:27:23 |
| CVE-2026-46323 json | In the Linux kernel, the following vulnerability has been resolved: net: gro: don't merge zcopy skbs skb_gro_receive() can ... | Sun, 14 Jun 2026 02:27:23 |
| CVE-2026-46322 json | In the Linux kernel, the following vulnerability has been resolved: tun: free page on build_skb failure in tun_xdp_one() Wh... | Sun, 14 Jun 2026 02:27:23 |
| CVE-2026-46321 json | In the Linux kernel, the following vulnerability has been resolved: tun: free page on short-frame rejection in tun_xdp_one()... | Sun, 14 Jun 2026 02:27:23 |
| CVE-2026-46320 json | In the Linux kernel, the following vulnerability has been resolved: tap: free page on error paths in tap_get_user_xdp() tap... | Sun, 14 Jun 2026 02:27:23 |
| CVE-2026-46319 json | In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: Only release RCU read lock after ct_f... | Sun, 14 Jun 2026 02:27:23 |
| CVE-2026-46317 json | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nested_mmus array behind mmu_lock ... | Sun, 14 Jun 2026 02:27:23 |
| CVE-2026-46316 json | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache referen... | Sun, 14 Jun 2026 02:27:23 |
| CVE-2026-46311 json | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: fix access to stale wptr mapping Use ... | Sun, 14 Jun 2026 02:27:23 |
| CVE-2026-46307 json | In the Linux kernel, the following vulnerability has been resolved: wifi: ath5k: do not access array OOB Vincent reports: >... | Sun, 14 Jun 2026 02:27:23 |
| CVE-2026-46306 json | In the Linux kernel, the following vulnerability has been resolved: flow_dissector: do not dissect PPPoE PFC frames RFC 251... | Sun, 14 Jun 2026 02:27:23 |
| CVE-2026-46304 json | In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid recursive nvmet-wq flush in nvmet_ctrl_free... | Sun, 14 Jun 2026 02:27:23 |
| CVE-2026-46303 json | In the Linux kernel, the following vulnerability has been resolved: isofs: validate Rock Ridge CE continuation extent agains... | Sun, 14 Jun 2026 02:27:23 |
| CVE-2026-46299 json | In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix held lock freed on hfsplus_fill_super() hf... | Sun, 14 Jun 2026 02:27:23 |
| CVE-2026-46289 json | In the Linux kernel, the following vulnerability has been resolved: lib/scatterlist: fix length calculations in extract_kvec... | Sun, 14 Jun 2026 02:27:22 |
| CVE-2026-46288 json | In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix use-after-free in of_unittest_changese... | Sun, 14 Jun 2026 02:27:22 |
| CVE-2026-46280 json | In the Linux kernel, the following vulnerability has been resolved: lib: test_hmm: evict device pages on file close to avoid... | Sun, 14 Jun 2026 02:27:22 |
| CVE-2026-46277 json | In the Linux kernel, the following vulnerability has been resolved: mm/zone_device: do not touch device folio after calling ... | Sun, 14 Jun 2026 02:27:22 |
| CVE-2026-46275 json | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_uart: fix UAFs and race conditions in clo... | Sun, 14 Jun 2026 02:27:22 |
| CVE-2026-46274 json | In the Linux kernel, the following vulnerability has been resolved: io-wq: check that the predecessor is hashed in io_wq_rem... | Sun, 14 Jun 2026 02:27:22 |
| CVE-2026-54421 json | In OpenStack Ironic through 35.0.1, when applying a PATCH to update fields in volume properties the user is authorized for, I... | Sun, 14 Jun 2026 00:24:51 |
| CVE-2026-54420 json | LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by ... | Sun, 14 Jun 2026 00:24:51 |
| CVE-2026-12176 json | A vulnerability has been found in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. The impacted ... | Sat, 13 Jun 2026 20:23:29 |
| CVE-2025-55659 json | A NULL pointer dereference in the ctts_box_write function (isomedia/box_code_base.c) of GPAC MP4Box v2.4 allows attackers to ... | Sat, 13 Jun 2026 20:23:29 |
| CVE-2025-55657 json | A NULL pointer dereference in the gf_odf_vvc_cfg_write_bs function (odf/descriptors.c) of GPAC MP4Box v2.4 allows attackers t... | Sat, 13 Jun 2026 20:23:29 |
| CVE-2025-55651 json | A NULL pointer dereference in the gf_isom_get_user_data_count function (isomedia/isom_read.c) of GPAC MP4Box v2.4 allows atta... | Sat, 13 Jun 2026 20:23:29 |
| CVE-2025-52293 json | A segmentation violaton in the gf_hevc_read_sps_bs_internal function (media_tools/av_parsers.c) of GPAC MP4Box v2.4 allows at... | Sat, 13 Jun 2026 20:23:29 |
| CVE-2025-52292 json | A stack buffer overflow in the filein_process function (in_file.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of ... | Sat, 13 Jun 2026 20:23:29 |
| CVE-2026-12175 json | A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the fi... | Sat, 13 Jun 2026 19:23:27 |
| CVE-2026-12174 json | A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /... | Sat, 13 Jun 2026 17:23:24 |
| CVE-2026-12183 json | Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication... | Sat, 13 Jun 2026 14:19:40 |
| CVE-2026-6428 json | SQL Injection in reports/catalogue_out.pl in Koha Community Koha through 22.11.37, 23.x, 24.x before 24.11.16, 25.05.x before... | Sat, 13 Jun 2026 13:18:36 |
| CVE-2026-53982 json | Cap-go Console < 12.28.2 contains a denial-of-service vulnerability in its account deletion flow that allows an attacker to b... | Sat, 13 Jun 2026 09:18:12 |
| CVE-2026-5513 json | The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scrip... | Sat, 13 Jun 2026 08:18:10 |
| CVE-2026-11624 json | The Model Context Protocol has a security warning advising servers to validate the "Origin" header on all incoming connection... | Sat, 13 Jun 2026 06:18:07 |
| CVE-2026-1291 json | The Meow Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on... | Sat, 13 Jun 2026 06:18:07 |
| CVE-2026-9629 json | The Canvas plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag' parameter in all versions up to, a... | Sat, 13 Jun 2026 04:18:04 |
| CVE-2026-3297 json | The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Stored Cross-Site Scripti... | Sat, 13 Jun 2026 04:18:04 |
| CVE-2026-2470 json | The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Incorrect Authorization i... | Sat, 13 Jun 2026 04:18:04 |
| CVE-2026-9134 json | The FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'custom_attribute_key' shortcode par... | Sat, 13 Jun 2026 03:17:07 |
| CVE-2026-9109 json | The GPTranslate – Multilingual AI Translation for WordPress: Automatically Translate Websites plugin for WordPress is vulne... | Sat, 13 Jun 2026 03:17:07 |
| CVE-2026-9062 json | The Store Locator WordPress plugin before 1.6.9 does not validate a parameter before using it in a file path, allowing high-p... | Sat, 13 Jun 2026 03:17:07 |
| CVE-2026-9061 json | The Store Locator WordPress plugin before 1.6.9 does not sanitize and escape store logo metadata before storing it and output... | Sat, 13 Jun 2026 03:17:07 |
| CVE-2026-11769 json | We have released version 5.24.0 of the Grafana Operator. This patch includes a CRITICAL severity security fix for a path trav... | Sat, 13 Jun 2026 02:30:15 |
| CVE-2026-49396 json | Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 1.0.0 to before ... | Sat, 13 Jun 2026 00:27:11 |
| CVE-2026-47260 json | Koel is a free, open-source music streaming solution. Prior to version 9.3.5, Koel validates the podcast feed URL via the Saf... | Sat, 13 Jun 2026 00:27:11 |
| CVE-2026-47223 json | NanaZip is the 7-Zip derivative intended for the modern Windows experience. From version 3.0.1000.0 to before version 6.0.169... | Sat, 13 Jun 2026 00:27:11 |
| CVE-2026-47200 json | Nuxt is an open-source web development framework for Vue.js. In Nuxt versions 3.11.0 to before 3.21.6 and 4.0.0-alpha.1 to be... | Sat, 13 Jun 2026 00:27:11 |