CVE.report
CVE.report is the most up-to-date database of common vulnerabilities and exposures. Information is pulled in from several sources and processed in to a mobile friendly, easy to use page. Use the site to quickly check for vulnerabilities in products such as operating systems, applications, hardware, networks, databases, browsers, e-mail clients and more.
CVEs provide a unique and common naming scheme for publicly known cyber security vulnerabilities in order to quickly identify and share these vulnerabilities. You can use the search below to look for vulnerabilities based on product, vendor, or common tags
The form you will see after following this link allows you to fill out the various variables in the CVSS scoring system and receive the corresponding score. The description of each of the variables is also included for additional information.
cve.report now provides a free read-only JSON API for CVE details. Each record combines the CVE Program JSON record, NVD enrichment, KEV, and EPSS when available.
Recent CVEs
| CVE | Description | Updated |
|---|---|---|
| CVE-2026-8243 json | A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This affects an unknown function of th... | Sun, 10 May 2026 05:25:08 |
| CVE-2026-8242 json | A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. The impacted element is the function doActi... | Sun, 10 May 2026 05:25:08 |
| CVE-2026-8241 json | A vulnerability has been found in Industrial Application Software IAS Canias ERP 8.03. The affected element is the function i... | Sun, 10 May 2026 05:25:08 |
| CVE-2026-45181 json | Hex-Rays IDA Pro 9.2 and 9.3 before 9.3sp2 does not block Clang dependency-file generation (via argument injection), which al... | Sun, 10 May 2026 04:25:07 |
| CVE-2026-7270 json | An operator precedence bug in the kernel results in a scenario where a buffer overflow causes attacker-controlled data to ove... | Sun, 10 May 2026 04:25:07 |
| CVE-2026-45186 json | In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of service via mode... | Sun, 10 May 2026 03:25:05 |
| CVE-2026-8235 json | A vulnerability was detected in 8421bit MiniClaw 0.8.0/0.9.0. This issue affects the function resolveSkillScriptPath of the f... | Sun, 10 May 2026 03:25:05 |
| CVE-2026-8234 json | A security vulnerability has been detected in EFM ipTIME A8004T 14.18.2. This vulnerability affects the function formWifiBasi... | Sun, 10 May 2026 03:25:05 |
| CVE-2026-8233 json | A vulnerability was determined in Dotouch XproUPF 2.0.0-release-088aa7c4. Affected is an unknown function of the component UP... | Sun, 10 May 2026 02:25:03 |
| CVE-2026-8232 json | A vulnerability was found in Dotouch XproUPF 2.0.0-release-088aa7c4. This impacts the function vlib_worker_loop in the librar... | Sun, 10 May 2026 02:25:03 |
| CVE-2026-8231 json | A vulnerability has been found in CodeAstro Online Catering Ordering System 1.0. This affects an unknown function of the file... | Sun, 10 May 2026 02:25:03 |
| CVE-2026-7263 json | In PHP versions 8.4.* before 8.4.21 and 8.5.* before 8.5.6, DOMNode::C14N() method may process the XML data incorrectly, cau... | Sun, 10 May 2026 02:25:03 |
| CVE-2026-6104 json | In PHP versions 8.4.* before 8.4.21 and 8.5.* before 8.5.6, when an encoding name containing an embedded NUL byte is passed t... | Sun, 10 May 2026 02:25:03 |
| CVE-2026-8230 json | A flaw has been found in Wavlink NU516U1 240425. The impacted element is the function sys_login1 of the file /cgi-bin/login.c... | Sun, 10 May 2026 01:25:02 |
| CVE-2026-8229 json | A vulnerability was detected in Wavlink NU516U1 240425. The affected element is the function WifiBasic of the file /cgi-bin/w... | Sun, 10 May 2026 01:25:02 |
| CVE-2026-8228 json | A security vulnerability has been detected in Wavlink NU516U1 240425. Impacted is the function advance of the file /cgi-bin/w... | Sun, 10 May 2026 01:25:02 |
| CVE-2026-8227 json | A weakness has been identified in Wavlink NU516U1 240425. This issue affects the function wzdapMesh of the file /cgi-bin/adm.... | Sun, 10 May 2026 01:25:02 |
| CVE-2026-8226 json | A security flaw has been discovered in Open5GS up to 2.7.7. This vulnerability affects the function ogs_pcc_rule_install_flow... | Sun, 10 May 2026 01:25:02 |
| CVE-2026-8225 json | A vulnerability was identified in Open5GS up to 2.7.7. This affects the function pcf_npcf_smpolicycontrol_handle_delete of th... | Sun, 10 May 2026 01:25:02 |
| CVE-2026-7568 json | In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the metaphone() functi... | Sun, 10 May 2026 01:25:02 |
| CVE-2026-7262 json | In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, when a SOAP server has... | Sun, 10 May 2026 01:25:02 |
| CVE-2026-7261 json | In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, when SoapServer is con... | Sun, 10 May 2026 01:25:02 |
| CVE-2026-7259 json | In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, a mismatch between enc... | Sun, 10 May 2026 01:25:02 |
| CVE-2026-7258 json | In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, some functions, includ... | Sun, 10 May 2026 01:25:02 |
| CVE-2026-6735 json | In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, 8.5.* before 8.5.6, due to improper sanitation... | Sun, 10 May 2026 01:25:02 |
| CVE-2026-6722 json | In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the SOAP extension's o... | Sun, 10 May 2026 01:25:02 |
| CVE-2025-14179 json | In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the PDO Firebird drive... | Sun, 10 May 2026 01:25:02 |
| CVE-2026-8224 json | A vulnerability was determined in Open5GS up to 2.7.7. Affected by this issue is the function pcf_sess_set_ipv6prefix of the ... | Sat, 09 May 2026 23:22:19 |
| CVE-2026-8223 json | A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is the function pcf_sess_sbi_discover_and_se... | Sat, 09 May 2026 23:22:19 |
| CVE-2026-8222 json | A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function pcf_nbsf_management_handle_register of the fi... | Sat, 09 May 2026 23:22:19 |
| CVE-2026-8221 json | A flaw has been found in Devs Palace ERP Online up to 4.0.0. This impacts an unknown function of the file /inventory/item-sav... | Sat, 09 May 2026 23:22:19 |
| CVE-2026-8220 json | A vulnerability was detected in Devs Palace ERP Online up to 4.0.0. This affects an unknown function of the file /inventory/c... | Sat, 09 May 2026 23:22:19 |
| CVE-2026-8219 json | A security vulnerability has been detected in Devs Palace ERP Online up to 4.0.0. The impacted element is an unknown function... | Sat, 09 May 2026 22:21:26 |
| CVE-2026-8218 json | A weakness has been identified in Devs Palace ERP Online up to 4.0.0. The affected element is an unknown function of the file... | Sat, 09 May 2026 22:21:26 |
| CVE-2026-8217 json | A security flaw has been discovered in Industrial Application Software IAS Canias ERP 8.03. Impacted is the function Runtime.... | Sat, 09 May 2026 22:21:26 |
| CVE-2026-8216 json | A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This issue affects the function iasSer... | Sat, 09 May 2026 21:20:04 |
| CVE-2026-8215 json | A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This vulnerability affects the functio... | Sat, 09 May 2026 21:20:04 |
| CVE-2026-8214 json | A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the c... | Sat, 09 May 2026 21:20:04 |
| CVE-2025-54236 json | Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Impr... | Sat, 09 May 2026 21:04:51 |
| CVE-2026-45184 json | Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used. | Sat, 09 May 2026 19:17:21 |
| CVE-2026-45182 json | GrapheneOS before 2026050400 allows attackers to discover the real IP address of a VPN user as a consequence of a registerQui... | Sat, 09 May 2026 19:17:21 |
| CVE-2026-8213 json | A vulnerability has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this issue is the function GDSDfldsrch of the fil... | Sat, 09 May 2026 19:17:21 |
| CVE-2026-8212 json | A flaw has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this vulnerability is the function SWSDfldsrch of the file... | Sat, 09 May 2026 19:17:21 |
| CVE-2026-8211 json | A vulnerability was detected in codelibs Fess up to 15.5.1. Affected by this issue is the function update of the file org/cod... | Sat, 09 May 2026 19:17:21 |
| CVE-2026-8210 json | A security vulnerability has been detected in aandrew-me tgpt up to 2.11.1 on Linux/macOS. Affected by this vulnerability is ... | Sat, 09 May 2026 17:29:22 |
| CVE-2026-8196 json | A flaw has been found in JeecgBoot 3.9.1. The impacted element is an unknown function of the file jeecg-module-system/jeecg-s... | Sat, 09 May 2026 17:29:22 |
| CVE-2026-8195 json | A vulnerability was detected in JeecgBoot up to 3.9.1. The affected element is an unknown function of the file jeecg-module-s... | Sat, 09 May 2026 16:27:13 |
| CVE-2026-8194 json | A security vulnerability has been detected in osTicket up to 1.18.3. Impacted is an unknown function of the file include/clas... | Sat, 09 May 2026 16:27:13 |
| CVE-2026-42606 json | AzuraCast is a self-hosted, all-in-one web radio management suite. Prior to version 0.23.6, the ApplyXForwarded middleware un... | Sat, 09 May 2026 16:27:12 |
| CVE-2026-42605 json | AzuraCast is a self-hosted, all-in-one web radio management suite. Prior to version 0.23.6, the currentDirectory request para... | Sat, 09 May 2026 16:27:12 |
| CVE-2026-42601 json | ArchiveBox is an open source self-hosted web archiving system. In versions 0.8.6rc0 and prior, the /add/ endpoint (AddView in... | Sat, 09 May 2026 16:27:12 |
| CVE-2026-42576 json | apko allows users to build and publish OCI container images built from apk packages. Prior to version 1.2.7, DiscoverKeys in ... | Sat, 09 May 2026 16:27:12 |
| CVE-2026-42575 json | apko allows users to build and publish OCI container images built from apk packages. Prior to version 1.2.7, apko verifies th... | Sat, 09 May 2026 16:27:12 |
| CVE-2026-42574 json | apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before version 1.... | Sat, 09 May 2026 16:27:12 |
| CVE-2026-42571 json | Pelican is a platform for creating data federations. From versions 7.21.0 to before 7.21.5, 7.22.0 to before 7.22.3, 7.23.0 t... | Sat, 09 May 2026 16:27:12 |
| CVE-2026-42569 json | phpVMS is a PHP application to run and simulate an airline. Prior to version 7.0.6, a critical vulnerability in phpVMS allowe... | Sat, 09 May 2026 16:27:12 |
| CVE-2026-42562 json | Plainpad is a self hosted note taking app. Prior to version 1.1.1, Plainpad allows a low-privilege authenticated user to self... | Sat, 09 May 2026 16:27:12 |
| CVE-2026-42333 json | Quarkus OpenAPI Generator is Quarkus' extensions for generation of Rest Clients and server stubs generation. Prior to version... | Sat, 09 May 2026 16:27:12 |
| CVE-2026-42258 json | Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, ... | Sat, 09 May 2026 16:27:12 |
| CVE-2026-42257 json | Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, ... | Sat, 09 May 2026 16:27:12 |
| CVE-2026-42256 json | Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. From versions 0.4.0 to before 0.4.... | Sat, 09 May 2026 16:27:12 |
| CVE-2026-42246 json | Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, ... | Sat, 09 May 2026 16:27:12 |
| CVE-2026-42245 json | Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, ... | Sat, 09 May 2026 16:27:12 |
| CVE-2026-41893 json | Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.25.0, the HTTP login endpoin... | Sat, 09 May 2026 16:27:12 |
| CVE-2026-8193 json | A weakness has been identified in Akaunting 3.1.21. This issue affects some unknown processing of the file config/dompdf.php ... | Sat, 09 May 2026 15:26:15 |
| CVE-2026-8192 json | A security flaw has been discovered in Wavlink NU516U1 M16U1_V240425. This vulnerability affects the function wzdap of the fi... | Sat, 09 May 2026 15:26:15 |
| CVE-2026-8191 json | A vulnerability was identified in Wavlink NU516U1 M16U1_V240425. This affects the function wifi_region of the file /cgi-bin/a... | Sat, 09 May 2026 15:26:15 |
| CVE-2026-8190 json | A vulnerability was determined in Wavlink NU516U1 M16U1_V240425. Affected by this issue is the function wan of the file /cgi-... | Sat, 09 May 2026 14:24:44 |
| CVE-2026-8189 json | A vulnerability was found in Wavlink NU516U1 M16U1_V240425. Affected by this vulnerability is the function wzdrepeater of the... | Sat, 09 May 2026 13:24:50 |
| CVE-2026-8188 json | A vulnerability has been found in Wavlink NU516U1 M16U1_V240425. Affected is the function change_wifi_password of the file /c... | Sat, 09 May 2026 12:24:41 |
| CVE-2026-42793 json | Allocation of Resources Without Limits or Throttling vulnerability in absinthe-graphql absinthe allows unauthenticated denial... | Sat, 09 May 2026 09:24:36 |
| CVE-2026-8198 json | The Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity plugin for WordPress is vulnerable to Authen... | Sat, 09 May 2026 09:24:36 |
| CVE-2026-8186 json | A vulnerability was detected in Open5GS up to 2.7.7. This affects the function ogs_sbi_client_send_via_scp_or_sepp in the lib... | Sat, 09 May 2026 08:24:08 |
| CVE-2026-34757 json | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raste... | Sat, 09 May 2026 07:23:14 |
| CVE-2026-8187 json | A flaw has been found in Open5GS up to 2.7.7. This impacts the function _gtpv1_u_recv_cb of the file src/upf/gtp-path.c of th... | Sat, 09 May 2026 07:23:14 |
| CVE-2026-8185 json | A security vulnerability has been detected in UGREEN CM933 1.1.59.4319. The impacted element is an unknown function of the co... | Sat, 09 May 2026 07:23:14 |
| CVE-2026-32683 json | Some EZVIZ products utilize older versions of cloud feature modules with legacy API interfaces, which pose a data transmissio... | Sat, 09 May 2026 05:21:42 |
| CVE-2026-3828 json | Some Hikvision switch products (discontinued since December 2023) are vulnerable to authenticated remote command execution du... | Sat, 09 May 2026 05:21:42 |
| CVE-2026-1749 json | There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user t... | Sat, 09 May 2026 05:21:42 |
| CVE-2026-25199 json | Instances deployed via the Proxmox extension allow unauthorized access to instances belonging to other tenants. This issu... | Sat, 09 May 2026 03:19:41 |
| CVE-2025-66467 json | Missing MinIO policy cleanup on bucket deletion via Apache CloudStack allows users to retain access to buckets which they pre... | Sat, 09 May 2026 03:19:41 |
| CVE-2025-66172 json | The CloudStack Backup plugin has an improper access logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-a... | Sat, 09 May 2026 03:19:41 |
| CVE-2025-66171 json | The CloudStack Backup plugin has an improper access logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-a... | Sat, 09 May 2026 03:19:40 |
| CVE-2025-66170 json | The CloudStack Backup plugin has an improper authorization logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated... | Sat, 09 May 2026 03:19:40 |
| CVE-2026-43473 json | In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Add NULL checks when resetting request and... | Sat, 09 May 2026 02:19:24 |
| CVE-2026-43321 json | In the Linux kernel, the following vulnerability has been resolved: bpf: Properly mark live registers for indirect jumps Fo... | Sat, 09 May 2026 02:19:24 |
| CVE-2026-42560 json | auth provides authentication via oauth2, direct and email. From versions 1.18.0 to before 1.25.2 and 2.0.0 to before 2.1.2, t... | Sat, 09 May 2026 02:19:24 |
| CVE-2026-42311 json | Pillow is a Python imaging library. From version 10.3.0 to before version 12.2.0, processing a malicious PSD file could lead ... | Sat, 09 May 2026 02:19:24 |
| CVE-2026-42310 json | Pillow is a Python imaging library. From version 4.2.0 to before version 12.2.0, an attacker can supply a malicious PDF that ... | Sat, 09 May 2026 02:19:24 |
| CVE-2026-42309 json | Pillow is a Python imaging library. From version 11.2.1 to before version 12.2.0, passing nested lists as coordinates to APIs... | Sat, 09 May 2026 02:19:24 |
| CVE-2026-42308 json | Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, ... | Sat, 09 May 2026 02:19:24 |
| CVE-2025-15634 json | A missing authorization vulnerability in HCL BigFix WebUI allows an authenticated user without proper permissions to view sen... | Sat, 09 May 2026 02:19:24 |
| CVE-2025-15633 json | An improper authorization vulnerability in HCL BigFix WebUI allows an authenticated user without Master Operator privileges ... | Sat, 09 May 2026 02:19:24 |
| CVE-2026-44028 json | An issue was discovered in Nix before 2.34.7 and Lix before 2.95.2. Unbounded recursion in the NAR (Nix Archive) parser could... | Sat, 09 May 2026 00:19:31 |
| CVE-2026-42461 json | Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to version 1.18.0, four GET endpo... | Sat, 09 May 2026 00:19:31 |
| CVE-2026-42301 json | pyp2spec generates working Fedora RPM spec file for Python projects. Prior to version 0.14.1, pyp2spec was writing PyPI packa... | Sat, 09 May 2026 00:19:31 |
| CVE-2026-42297 json | Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From version... | Sat, 09 May 2026 00:19:31 |
| CVE-2026-42296 json | Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to ver... | Sat, 09 May 2026 00:19:31 |
| CVE-2026-42295 json | Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From version... | Sat, 09 May 2026 00:19:31 |
| CVE-2026-42294 json | Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to ver... | Sat, 09 May 2026 00:19:31 |