CVE.report
CVE.report is the most up-to-date database of common vulnerabilities and exposures. Information is pulled in from several sources and processed in to a mobile friendly, easy to use page. Use the site to quickly check for vulnerabilities in products such as operating systems, applications, hardware, networks, databases, browsers, e-mail clients and more.
CVEs provide a unique and common naming scheme for publicly known cyber security vulnerabilities in order to quickly identify and share these vulnerabilities. You can use the search below to look for vulnerabilities based on product, vendor, or common tags
The form you will see after following this link allows you to fill out the various variables in the CVSS scoring system and receive the corresponding score. The description of each of the variables is also included for additional information.
cve.report now provides a free read-only JSON API for CVE details. Each record combines the CVE Program JSON record, NVD enrichment, KEV, and EPSS when available.
Recent CVEs
| CVE | Description | Updated |
|---|---|---|
| CVE-2026-46433 json | lldpd is an implementation of IEEE 802.1ab (LLDP). Prior to version 1.0.22, lldpd_decode() in src/daemon/lldpd.c strips 802.1... | Tue, 09 Jun 2026 19:27:19 |
| CVE-2026-46374 json | SQLFluff is a modular SQL linter and auto-formatter with support for multiple dialects and templated code. Prior to version 4... | Tue, 09 Jun 2026 19:27:19 |
| CVE-2026-46373 json | SQLFluff is a modular SQL linter and auto-formatter with support for multiple dialects and templated code. Prior to version 4... | Tue, 09 Jun 2026 19:27:19 |
| CVE-2026-44963 json | A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user. | Tue, 09 Jun 2026 19:27:19 |
| CVE-2026-10238 json | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | Tue, 09 Jun 2026 19:27:19 |
| CVE-2026-9754 json | An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuanc... | Tue, 09 Jun 2026 19:27:19 |
| CVE-2026-9753 json | The $_internalApplyOplogUpdate aggregation pipeline stage can be used to execute a document diff containing a malformed binar... | Tue, 09 Jun 2026 19:27:19 |
| CVE-2026-9752 json | An authorized user could trigger a server crash by running a query with a 2dsphere index on a field that stores a GeoJSON Geo... | Tue, 09 Jun 2026 19:27:19 |
| CVE-2026-9751 json | The ldapQueryPassword parameter, when set through the runtime setParameter command, will log the new password to the mongod.l... | Tue, 09 Jun 2026 19:27:19 |
| CVE-2026-9750 json | An authenticated user can cause a MongoDB server to crash or return incorrect results by creating documents that interfere wi... | Tue, 09 Jun 2026 19:27:19 |
| CVE-2026-9749 json | This issue can occur when running an aggregation pipeline that uses the internal $exchange stage configured with key-range pa... | Tue, 09 Jun 2026 19:27:19 |
| CVE-2026-9748 json | The $_internalConvertBucketIndexStats stage used PauseExecution as a way to signal "skip this document" when an index stats c... | Tue, 09 Jun 2026 19:27:19 |
| CVE-2026-9747 json | Adding fromRouter:true and runtimeConstants.userRoles could cause aggregations to crash mongodb server. | Tue, 09 Jun 2026 19:27:19 |
| CVE-2026-9746 json | When using $changestreams and $_requestReshardingResumeToken with the exchange option the server hits an invariant which caus... | Tue, 09 Jun 2026 19:27:19 |
| CVE-2026-9743 json | In MongoDB Server 8.0, an aggregation stage can leave its _subPipeline field null during processing of certain pipelines. If ... | Tue, 09 Jun 2026 19:27:19 |
| CVE-2026-9742 json | When OIDC authentication is enabled in configuration, clients may set specific values in the "mechanism" parameter of the "au... | Tue, 09 Jun 2026 19:27:19 |
| CVE-2026-9741 json | A bug in query analysis processing of the $vectorSearch aggregation stage for Queryable Encryption (QE) or Client-Side Field ... | Tue, 09 Jun 2026 19:27:19 |
| CVE-2026-9740 json | A vulnerability in MongoDB Server's BSON validation logic allows an unauthenticated user to crash the mongod process by sendi... | Tue, 09 Jun 2026 19:27:19 |
| CVE-2026-9735 json | MongoDB server may log authentication parameters, including credentials, to the server log during SASL authentication. When c... | Tue, 09 Jun 2026 19:27:19 |
| CVE-2026-50512 json | Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to eleva... | Tue, 09 Jun 2026 19:27:18 |
| CVE-2026-45503 json | Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to disclose information over a ... | Tue, 09 Jun 2026 19:27:18 |
| CVE-2026-45501 json | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an u... | Tue, 09 Jun 2026 19:27:18 |
| CVE-2026-47938 json | Adobe Campaign Classic (ACC) versions 7.4.3 build 9394 and earlier are affected by a Server-Side Request Forgery (SSRF) vulne... | Tue, 09 Jun 2026 18:26:15 |
| CVE-2026-47905 json | CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Uncontrolled Resource Consumptio... | Tue, 09 Jun 2026 18:26:15 |
| CVE-2026-47904 json | CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Uncontrolled Resource Consumptio... | Tue, 09 Jun 2026 18:26:15 |
| CVE-2026-47903 json | CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Improper Input Validation vulner... | Tue, 09 Jun 2026 18:26:15 |
| CVE-2026-47902 json | CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Uncontrolled Resource Consumptio... | Tue, 09 Jun 2026 18:26:15 |
| CVE-2026-36728 json | A markdown based cross-site scripting (XSS) vulnerability in the AI assistant chat function of FastapiAdmin v2.2.0 allows att... | Tue, 09 Jun 2026 18:26:15 |
| CVE-2026-36720 json | Insecure permissions in bookcars v8.3 allows authenticated attackers to escalate privileges from user to admin via modifying ... | Tue, 09 Jun 2026 18:26:15 |
| CVE-2026-34713 json | CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Uncontrolled Resource Consumptio... | Tue, 09 Jun 2026 18:26:15 |
| CVE-2026-34712 json | CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Improper Input Validation vulner... | Tue, 09 Jun 2026 18:26:15 |
| CVE-2026-34711 json | CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Integer Overflow or Wraparound v... | Tue, 09 Jun 2026 18:26:15 |
| CVE-2026-34688 json | CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Improper Input Validation vulner... | Tue, 09 Jun 2026 18:26:15 |
| CVE-2026-34680 json | CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Integer Overflow or Wraparound v... | Tue, 09 Jun 2026 18:26:15 |
| CVE-2026-34679 json | CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Improper Input Validation vulner... | Tue, 09 Jun 2026 18:26:15 |
| CVE-2026-34657 json | CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Improper Limitation of a Pathnam... | Tue, 09 Jun 2026 18:26:15 |
| CVE-2026-34417 json | OSCAL-GUI contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary ... | Tue, 09 Jun 2026 18:26:15 |
| CVE-2026-30141 json | An issue was discovered in bitbank2 AnimatedGIF v2.2.0. A buffer overflow in the DecodeLZW function allows remote attackers t... | Tue, 09 Jun 2026 18:26:15 |
| CVE-2026-25860 json | OpenClinic GA 5.351.19 contains a reflected cross-site scripting vulnerability in the DICOM image upload handler that allows ... | Tue, 09 Jun 2026 18:26:15 |
| CVE-2026-20245 json | A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, former... | Tue, 09 Jun 2026 18:26:15 |
| CVE-2025-55658 json | GPAC MP4Box v2.4 was discovered to contain a floating point exception in the gf_opus_parse_packet_header function (media_tool... | Tue, 09 Jun 2026 18:26:15 |
| CVE-2026-34678 json | CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Uncontrolled Resource Consumptio... | Tue, 09 Jun 2026 18:26:14 |
| CVE-2026-34677 json | CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Uncontrolled Resource Consumptio... | Tue, 09 Jun 2026 18:26:14 |
| CVE-2026-34673 json | CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Uncontrolled Resource Consumptio... | Tue, 09 Jun 2026 18:26:14 |
| CVE-2026-34672 json | CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Integer Underflow (Wrap or Wrapa... | Tue, 09 Jun 2026 18:26:14 |
| CVE-2026-34671 json | CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Integer Overflow or Wraparound v... | Tue, 09 Jun 2026 18:26:14 |
| CVE-2026-34670 json | CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Improper Input Validation vulner... | Tue, 09 Jun 2026 18:26:14 |
| CVE-2026-34669 json | CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Improper Input Validation vulner... | Tue, 09 Jun 2026 18:26:14 |
| CVE-2026-34668 json | CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Improper Input Validation vulner... | Tue, 09 Jun 2026 18:26:14 |
| CVE-2026-34667 json | CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Integer Underflow (Wrap or Wrapa... | Tue, 09 Jun 2026 18:26:14 |
| CVE-2026-34666 json | CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Improper Input Validation vulner... | Tue, 09 Jun 2026 18:26:14 |
| CVE-2026-34665 json | CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Uncontrolled Resource Consumptio... | Tue, 09 Jun 2026 18:26:14 |
| CVE-2026-48303 json | Adobe Campaign Classic (ACC) versions 7.4.3 build 9394 and earlier are affected by an Incorrect Authorization vulnerability t... | Tue, 09 Jun 2026 17:25:30 |
| CVE-2026-48292 json | Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arb... | Tue, 09 Jun 2026 17:25:29 |
| CVE-2026-48291 json | Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arb... | Tue, 09 Jun 2026 17:25:29 |
| CVE-2026-47961 json | Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an out-of-bounds read vulnerability that could... | Tue, 09 Jun 2026 17:25:29 |
| CVE-2026-47960 json | ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XX... | Tue, 09 Jun 2026 17:25:29 |
| CVE-2026-47959 json | Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Stack-based Buffer Overflow vulnerability th... | Tue, 09 Jun 2026 17:25:29 |
| CVE-2026-47955 json | Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could resu... | Tue, 09 Jun 2026 17:25:29 |
| CVE-2026-47952 json | Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Heap-based Buffer Overflow vulnerability tha... | Tue, 09 Jun 2026 17:25:29 |
| CVE-2026-47937 json | Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an Uncontrolled Search Path Element vulnerabil... | Tue, 09 Jun 2026 17:25:29 |
| CVE-2026-47933 json | ColdFusion versions 2023.19, 2025.8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could ... | Tue, 09 Jun 2026 17:25:29 |
| CVE-2026-47932 json | ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Director... | Tue, 09 Jun 2026 17:25:29 |
| CVE-2026-47931 json | ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result ... | Tue, 09 Jun 2026 17:25:29 |
| CVE-2026-47930 json | ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result ... | Tue, 09 Jun 2026 17:25:29 |
| CVE-2026-47929 json | ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Incorrect Authorization vulnerability that could result in... | Tue, 09 Jun 2026 17:25:29 |
| CVE-2026-47928 json | ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result ... | Tue, 09 Jun 2026 17:25:29 |
| CVE-2026-47926 json | Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an out-of-bounds read vulnerability that could... | Tue, 09 Jun 2026 17:25:29 |
| CVE-2026-47925 json | Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an Integer Overflow or Wraparound vulnerabilit... | Tue, 09 Jun 2026 17:25:29 |
| CVE-2026-47924 json | Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could lead... | Tue, 09 Jun 2026 17:25:29 |
| CVE-2026-47923 json | Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an out-of-bounds read vulnerability that could... | Tue, 09 Jun 2026 17:25:29 |
| CVE-2026-47921 json | Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could resu... | Tue, 09 Jun 2026 17:25:29 |
| CVE-2026-47920 json | Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could resu... | Tue, 09 Jun 2026 17:25:29 |
| CVE-2026-47919 json | Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could resu... | Tue, 09 Jun 2026 17:25:28 |
| CVE-2026-47918 json | Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could resu... | Tue, 09 Jun 2026 17:25:28 |
| CVE-2026-47917 json | Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could resu... | Tue, 09 Jun 2026 17:25:28 |
| CVE-2026-47916 json | Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could resu... | Tue, 09 Jun 2026 17:25:28 |
| CVE-2026-47915 json | Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could resu... | Tue, 09 Jun 2026 17:25:28 |
| CVE-2026-47914 json | Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could resu... | Tue, 09 Jun 2026 17:25:28 |
| CVE-2026-47913 json | Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could resu... | Tue, 09 Jun 2026 17:25:28 |
| CVE-2026-47912 json | Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could resu... | Tue, 09 Jun 2026 17:25:28 |
| CVE-2026-47911 json | Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an out-of-bounds write vulnerability that coul... | Tue, 09 Jun 2026 17:25:28 |
| CVE-2026-39170 json | SemCms 5.0 is vulnerable to Cross Site Request Forgery (CSRF) via crafted POST request to /admin/semcms_user.php. | Tue, 09 Jun 2026 17:25:28 |
| CVE-2026-39169 json | SEMCMS 5.0 is vulnerable to unauthorized access in SEMCMS_copy.php. | Tue, 09 Jun 2026 17:25:28 |
| CVE-2026-36822 json | Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to contain a buffer overflow in the macAddr parameter... | Tue, 09 Jun 2026 17:25:28 |
| CVE-2026-36821 json | Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to contain a buffer overflow in the picCropName param... | Tue, 09 Jun 2026 17:25:28 |
| CVE-2026-36820 json | Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to contain a buffer overflow in the webAuthWhiteUserI... | Tue, 09 Jun 2026 17:25:28 |
| CVE-2026-34416 json | OSCAL-GUI contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary ... | Tue, 09 Jun 2026 17:25:28 |
| CVE-2026-25557 json | Evoluted PHP Directory Listing Script through 4.0.5 contains a reflected cross-site scripting vulnerability in index.php wher... | Tue, 09 Jun 2026 17:25:28 |
| CVE-2026-11799 json | UXSS in Focus for iOS / Klar Webkit navigation. This vulnerability was fixed in Focus for iOS 151.3.1 and Klar for iOS 151.3.... | Tue, 09 Jun 2026 17:25:28 |
| CVE-2026-8863 json | Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileg... | Tue, 09 Jun 2026 17:25:28 |
| CVE-2025-71319 json | image-size 1.1.0 before 1.2.1 and 2.0.0 before 2.0.2 contain a denial of service vulnerability in the findBox function when p... | Tue, 09 Jun 2026 17:25:28 |
| CVE-2026-42770 json | Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the peer key is not properly checked fo... | Tue, 09 Jun 2026 17:25:27 |
| CVE-2026-42769 json | Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Managemen... | Tue, 09 Jun 2026 17:25:27 |
| CVE-2026-42768 json | Issue summary: The CMS_decrypt and PKCS7_decrypt functions are vulnerable to Bleichenbacher-style attack when an attacker is ... | Tue, 09 Jun 2026 17:25:27 |
| CVE-2026-42767 json | Issue summary: An attacker-controlled CMP (Certificate Management Protocol) server could trigger a NULL pointer dereference i... | Tue, 09 Jun 2026 17:25:27 |
| CVE-2026-42766 json | Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryptio... | Tue, 09 Jun 2026 17:25:27 |
| CVE-2026-42765 json | Issue summary: When a partial-chain certificate verification is enabled together with OCSP response checking for the whole ch... | Tue, 09 Jun 2026 17:25:27 |
| CVE-2026-42764 json | Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QU... | Tue, 09 Jun 2026 17:25:27 |
| CVE-2026-36819 json | Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to contain a buffer overflow in the bindMACAddr param... | Tue, 09 Jun 2026 17:25:27 |