CVE.report
CVE.report is the most up-to-date database of common vulnerabilities and exposures. Information is pulled in from several sources and processed in to a mobile friendly, easy to use page. Use the site to quickly check for vulnerabilities in products such as operating systems, applications, hardware, networks, databases, browsers, e-mail clients and more.
CVEs provide a unique and common naming scheme for publicly known cyber security vulnerabilities in order to quickly identify and share these vulnerabilities. You can use the search below to look for vulnerabilities based on product, vendor, or common tags
The form you will see after following this link allows you to fill out the various variables in the CVSS scoring system and receive the corresponding score. The description of each of the variables is also included for additional information.
Recent CVEs
| CVE | Description | Updated |
|---|---|---|
| CVE-2026-30286 | An arbitrary file overwrite vulnerability in Funambol, Inc. Zefiro Cloud v32.0.2026011614 allows attackers to overwrite criti... | Fri, 03 Apr 2026 14:32:11 |
| CVE-2026-4789 | Kyverno, versions 1.16.0 and later, are vulnerable to SSRF due to unrestricted CEL HTTP functions. | Fri, 03 Apr 2026 14:32:11 |
| CVE-2026-4108 | Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Non-Owner Mailbox Permiss... | Fri, 03 Apr 2026 14:32:11 |
| CVE-2026-4107 | Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Folder Message Count and S... | Fri, 03 Apr 2026 14:32:11 |
| CVE-2026-3880 | Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Public Folder Client Permi... | Fri, 03 Apr 2026 14:32:11 |
| CVE-2026-5476 | A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFE_TBL_ValidateCodecLoadSize of t... | Fri, 03 Apr 2026 14:17:04 |
| CVE-2026-5475 | A vulnerability was determined in NASA cFS up to 7.0.0. This impacts the function CFE_SB_TransmitMsg of the file cfe_sb_priv.... | Fri, 03 Apr 2026 14:17:04 |
| CVE-2026-32186 | Microsoft Bing Elevation of Privilege Vulnerability | Fri, 03 Apr 2026 14:17:03 |
| CVE-2026-28373 | The Stackfield Desktop App before 1.10.2 for macOS and Windows contains a path traversal vulnerability in certain decryption ... | Fri, 03 Apr 2026 14:17:03 |
| CVE-2026-27655 | Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions Based on Mailb... | Fri, 03 Apr 2026 14:17:03 |
| CVE-2026-5115 | The PaperCut NG/MF (specifically, the embedded application for Konica Minolta devices) is vulnerable to session hijacking. Th... | Fri, 03 Apr 2026 14:17:03 |
| CVE-2026-4794 | Multiple cross-site scripting (XSS) vulnerabilities in PaperCut NG/MF before 25.0.10 allow authenticated administrator users... | Fri, 03 Apr 2026 14:17:03 |
| CVE-2026-0545 | In mlflow/mlflow, the FastAPI job endpoints under `/ajax-api/3.0/jobs/*` are not protected by authentication or authorization... | Fri, 03 Apr 2026 14:17:03 |
| CVE-2024-30850 | DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2024-33434. Reason: This record is a duplicate of CVE-2024-33434. Notes: All CVE ... | Fri, 03 Apr 2026 14:17:03 |
| CVE-2025-43264 | The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously cr... | Fri, 03 Apr 2026 14:02:03 |
| CVE-2025-43257 | This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.6. An app may be able to... | Fri, 03 Apr 2026 14:02:03 |
| CVE-2025-43219 | The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously cr... | Fri, 03 Apr 2026 14:02:03 |
| CVE-2026-32716 | SciTokens is a reference library for generating and using SciTokens. Prior to version 1.9.6, the Enforcer incorrectly validat... | Fri, 03 Apr 2026 14:02:02 |
| CVE-2026-5255 | A vulnerability was detected in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /delstaffin... | Fri, 03 Apr 2026 14:02:02 |
| CVE-2025-43202 | This issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6. ... | Fri, 03 Apr 2026 14:02:02 |
| CVE-2024-44303 | The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.1. A malicious application may be able ... | Fri, 03 Apr 2026 14:02:02 |
| CVE-2024-44286 | This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.1. An attacker with physi... | Fri, 03 Apr 2026 14:02:02 |
| CVE-2024-44250 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. An app may be able... | Fri, 03 Apr 2026 14:02:02 |
| CVE-2024-44219 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. A malicious applic... | Fri, 03 Apr 2026 14:02:02 |
| CVE-2024-40858 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. An app may be able... | Fri, 03 Apr 2026 14:02:02 |
| CVE-2026-32714 | SciTokens is a reference library for generating and using SciTokens. Prior to version 1.9.6, the KeyCache class in scitokens ... | Fri, 03 Apr 2026 14:02:01 |
| CVE-2026-4908 | A security flaw has been discovered in code-projects Simple Laundry System 1.0. This affects an unknown function of the file ... | Fri, 03 Apr 2026 14:02:01 |
| CVE-2026-4850 | A security flaw has been discovered in code-projects Simple Laundry System 1.0. Affected is an unknown function of the file /... | Fri, 03 Apr 2026 14:02:01 |
| CVE-2026-4849 | A vulnerability was identified in code-projects Simple Laundry System 1.0. This impacts an unknown function of the file /modi... | Fri, 03 Apr 2026 14:02:01 |
| CVE-2026-4784 | A vulnerability was found in code-projects Simple Laundry System 1.0. This affects an unknown function of the file /checkchec... | Fri, 03 Apr 2026 14:02:01 |
| CVE-2026-4581 | A weakness has been identified in code-projects Simple Laundry System 1.0. Affected is an unknown function of the file /check... | Fri, 03 Apr 2026 14:02:00 |
| CVE-2026-4580 | A security flaw has been discovered in code-projects Simple Laundry System 1.0. This impacts an unknown function of the file ... | Fri, 03 Apr 2026 14:02:00 |
| CVE-2026-4579 | A vulnerability was identified in code-projects Simple Laundry System 1.0. This affects an unknown function of the file /view... | Fri, 03 Apr 2026 14:02:00 |
| CVE-2026-35216 | Budibase is an open-source low-code platform. Prior to version 3.33.4, an unauthenticated attacker can achieve Remote Code Ex... | Fri, 03 Apr 2026 13:31:16 |
| CVE-2026-34726 | Copier is a library and CLI app for rendering project templates. Prior to version 9.14.1, Copier's _subdirectory setting is d... | Fri, 03 Apr 2026 13:31:16 |
| CVE-2026-34400 | Alerta is a monitoring tool. Prior to version 9.1.0, the Query string search API (q=) was vulnerable to SQL injection via the... | Fri, 03 Apr 2026 13:31:16 |
| CVE-2026-29014 | MetInfo CMS versions 7.9, 8.0, and 8.1 contain an unauthenticated PHP code injection vulnerability that allows remote attacke... | Fri, 03 Apr 2026 13:31:16 |
| CVE-2026-27124 | FastMCP is the standard framework for building MCP applications. Prior to version 3.2.0, while testing the GitHubProvider OAu... | Fri, 03 Apr 2026 13:31:16 |
| CVE-2026-5474 | A vulnerability was found in NASA cFS up to 7.0.0. This affects the function CFE_MSG_GetSize of the file apps/to_lab/fsw/src/... | Fri, 03 Apr 2026 13:31:16 |
| CVE-2026-5473 | A vulnerability has been found in NASA cFS up to 7.0.0. The impacted element is the function pickle.load of the component Pic... | Fri, 03 Apr 2026 13:31:16 |
| CVE-2026-5257 | A vulnerability has been found in code-projects Simple Laundry System 1.0. This issue affects some unknown processing of the ... | Fri, 03 Apr 2026 13:31:16 |
| CVE-2026-33997 | Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows p... | Fri, 03 Apr 2026 13:31:15 |
| CVE-2026-33415 | Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before ... | Fri, 03 Apr 2026 13:31:15 |
| CVE-2026-33073 | Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before ... | Fri, 03 Apr 2026 13:31:15 |
| CVE-2026-32727 | SciTokens is a reference library for generating and using SciTokens. Prior to version 1.9.7, the Enforcer is vulnerable to a ... | Fri, 03 Apr 2026 13:31:15 |
| CVE-2026-32695 | Traefik is an HTTP reverse proxy and load balancer. Prior to versions 3.6.11 and 3.7.0-ea.2, Traefik's Knative provider build... | Fri, 03 Apr 2026 13:31:15 |
| CVE-2026-32243 | Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before ... | Fri, 03 Apr 2026 13:31:15 |
| CVE-2026-4535 | A vulnerability has been found in Tenda FH451 1.0.0.9. This vulnerability affects the function WrlclientSet of the file /gofo... | Fri, 03 Apr 2026 13:31:14 |
| CVE-2026-4534 | A flaw has been found in Tenda FH451 1.0.0.9. This affects the function formWrlExtraSet of the file /goform/WrlExtraSet. This... | Fri, 03 Apr 2026 13:31:14 |
| CVE-2025-8065 | A stack-based buffer overflow vulnerability was identified in the ONVIF SOAP XML Parser in Tapo C200 v3 and C520WS v2.6. When... | Fri, 03 Apr 2026 13:31:14 |
| CVE-2024-44775 | kmqtt v0.2.7 is vulnerable to Denial of Service (DoS) due to a Null Pointer Exception. A remote attacker can cause the broker... | Fri, 03 Apr 2026 13:31:14 |
| CVE-2024-42040 | Buffer Overflow vulnerability in the net/bootp.c in DENEX U-Boot from its initial commit in 2002 (3861aa5) up to today on any... | Fri, 03 Apr 2026 13:31:14 |
| CVE-2024-33434 | An issue in tiagorlampert CHAOS v5.0.1 before 1b451cf62582295b7225caf5a7b506f0bad56f6b and 24c9e109b5be34df7b2bce8368eae669c4... | Fri, 03 Apr 2026 13:31:14 |
| CVE-2026-33873 | Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.9.0, the Agentic Assistant ... | Fri, 03 Apr 2026 13:16:13 |
| CVE-2026-34585 | SiYuan is a personal knowledge management system. Prior to version 3.6.2, a vulnerability allows crafted block attribute valu... | Fri, 03 Apr 2026 13:01:07 |
| CVE-2026-34453 | SiYuan is a personal knowledge management system. Prior to version 3.6.2, the publish service exposes bookmarked blocks from ... | Fri, 03 Apr 2026 13:01:07 |
| CVE-2026-34449 | SiYuan is a personal knowledge management system. Prior to version 3.6.2, a malicious website can achieve Remote Code Executi... | Fri, 03 Apr 2026 13:01:07 |
| CVE-2026-34448 | SiYuan is a personal knowledge management system. Prior to version 3.6.2, an attacker who can place a malicious URL in an Att... | Fri, 03 Apr 2026 13:01:07 |
| CVE-2026-34043 | Serialize JavaScript to a superset of JSON that includes regular expressions and functions. Prior to version 7.0.5, there is ... | Fri, 03 Apr 2026 13:01:07 |
| CVE-2026-34040 | Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows a... | Fri, 03 Apr 2026 13:01:07 |
| CVE-2026-34036 | Dolibarr is an enterprise resource planning (ERP) and customer relationship management (CRM) software package. In versions 22... | Fri, 03 Apr 2026 13:01:07 |
| CVE-2024-2961 | The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 byte... | Fri, 03 Apr 2026 12:47:41 |
| CVE-2026-35218 | Budibase is an open-source low-code platform. Prior to version 3.32.5, Budibase's Builder Command Palette renders entity name... | Fri, 03 Apr 2026 12:30:39 |
| CVE-2026-35214 | Budibase is an open-source low-code platform. Prior to version 3.33.4, the plugin file upload endpoint (POST /api/plugin/uplo... | Fri, 03 Apr 2026 12:30:39 |
| CVE-2026-31818 | Budibase is an open-source low-code platform. Prior to version 3.33.4, a server-side request forgery (SSRF) vulnerability exi... | Fri, 03 Apr 2026 12:30:39 |
| CVE-2026-31404 | In the Linux kernel, the following vulnerability has been resolved: NFSD: Defer sub-object cleanup in export put callbacks ... | Fri, 03 Apr 2026 12:30:39 |
| CVE-2026-31403 | In the Linux kernel, the following vulnerability has been resolved: NFSD: Hold net reference for the lifetime of /proc/fs/nf... | Fri, 03 Apr 2026 12:30:39 |
| CVE-2026-5472 | A flaw has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. The aff... | Fri, 03 Apr 2026 12:30:39 |
| CVE-2026-5471 | A vulnerability was detected in Investory Toy Planet Trouble App up to 1.5.5 on Android. Impacted is an unknown function of t... | Fri, 03 Apr 2026 12:30:39 |
| CVE-2026-5470 | A security vulnerability has been detected in mixelpixx Google-Research-MCP 1e062d7bd887bfe5f6e582b6cc288bb897b35cf2/ca613b73... | Fri, 03 Apr 2026 12:30:39 |
| CVE-2026-31402 | In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache Th... | Fri, 03 Apr 2026 12:30:38 |
| CVE-2026-31401 | In the Linux kernel, the following vulnerability has been resolved: HID: bpf: prevent buffer overflow in hid_hw_request rig... | Fri, 03 Apr 2026 12:30:38 |
| CVE-2026-31400 | In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix cache_request leak in cache_release When a ... | Fri, 03 Apr 2026 12:30:38 |
| CVE-2026-31399 | In the Linux kernel, the following vulnerability has been resolved: nvdimm/bus: Fix potential use after free in asynchronous... | Fri, 03 Apr 2026 12:30:37 |
| CVE-2026-31398 | In the Linux kernel, the following vulnerability has been resolved: mm/rmap: fix incorrect pte restoration for lazyfree foli... | Fri, 03 Apr 2026 12:30:37 |
| CVE-2026-31397 | In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: fix use of NULL folio in move_pages_huge... | Fri, 03 Apr 2026 12:30:37 |
| CVE-2026-31396 | In the Linux kernel, the following vulnerability has been resolved: net: macb: fix use-after-free access to PTP clock PTP c... | Fri, 03 Apr 2026 12:30:37 |
| CVE-2026-31395 | In the Linux kernel, the following vulnerability has been resolved: bnxt_en: fix OOB access in DBG_BUF_PRODUCER async event ... | Fri, 03 Apr 2026 12:30:37 |
| CVE-2026-31394 | In the Linux kernel, the following vulnerability has been resolved: mac80211: fix crash in ieee80211_chan_bw_change for AP_V... | Fri, 03 Apr 2026 12:30:37 |
| CVE-2026-31393 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Validate L2CAP_INFO_RSP payload length... | Fri, 03 Apr 2026 12:30:37 |
| CVE-2026-31392 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix krb5 mount with username option Custom... | Fri, 03 Apr 2026 12:30:36 |
| CVE-2026-31391 | In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-sha204a - Fix OOM ->tfm_count leak If mem... | Fri, 03 Apr 2026 12:30:36 |
| CVE-2026-31390 | In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix memory leak in xe_vm_madvise_ioctl When che... | Fri, 03 Apr 2026 12:30:36 |
| CVE-2026-31389 | In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free on controller registration failu... | Fri, 03 Apr 2026 12:30:36 |
| CVE-2026-25118 | immich is a high performance self-hosted photo and video management solution. Prior to version 2.6.0, the Immich application ... | Fri, 03 Apr 2026 12:30:36 |
| CVE-2026-25044 | Budibase is an open-source low-code platform. Prior to version 3.33.4, the bash automation step executes user-provided comman... | Fri, 03 Apr 2026 12:30:36 |
| CVE-2026-25043 | Budibase is an open-source low-code platform. Prior to version 3.23.25, a business logic vulnerability exists in Budibase’s... | Fri, 03 Apr 2026 12:30:36 |
| CVE-2026-23475 | In the Linux kernel, the following vulnerability has been resolved: spi: fix statistics allocation The controller per-cpu s... | Fri, 03 Apr 2026 12:30:36 |
| CVE-2026-23474 | In the Linux kernel, the following vulnerability has been resolved: mtd: Avoid boot crash in RedBoot partition table parser ... | Fri, 03 Apr 2026 12:30:36 |
| CVE-2026-23473 | In the Linux kernel, the following vulnerability has been resolved: io_uring/poll: fix multishot recv missing EOF on wakeup ... | Fri, 03 Apr 2026 12:30:36 |
| CVE-2026-23472 | In the Linux kernel, the following vulnerability has been resolved: serial: core: fix infinite loop in handle_tx() for PORT_... | Fri, 03 Apr 2026 12:30:36 |
| CVE-2026-23471 | In the Linux kernel, the following vulnerability has been resolved: drm: Fix use-after-free on framebuffers and property blo... | Fri, 03 Apr 2026 12:30:36 |
| CVE-2026-23470 | In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Fix deadlock in soft reset sequence Th... | Fri, 03 Apr 2026 12:30:35 |
| CVE-2026-23469 | In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Synchronize interrupts before suspendin... | Fri, 03 Apr 2026 12:30:35 |
| CVE-2026-23468 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Limit BO list entry count to prevent resourc... | Fri, 03 Apr 2026 12:30:35 |
| CVE-2026-23467 | In the Linux kernel, the following vulnerability has been resolved: drm/i915/dmc: Fix an unlikely NULL pointer deference at ... | Fri, 03 Apr 2026 12:30:35 |
| CVE-2026-23466 | In the Linux kernel, the following vulnerability has been resolved: drm/xe: Open-code GGTT MMIO access protection GGTT MMIO... | Fri, 03 Apr 2026 12:30:35 |
| CVE-2026-23465 | In the Linux kernel, the following vulnerability has been resolved: btrfs: log new dentries when logging parent dir of a con... | Fri, 03 Apr 2026 12:30:35 |
| CVE-2026-23464 | In the Linux kernel, the following vulnerability has been resolved: soc: microchip: mpfs: Fix memory leak in mpfs_sys_contro... | Fri, 03 Apr 2026 12:30:35 |
| CVE-2026-23463 | In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: fix race condition in qman_destroy_fq ... | Fri, 03 Apr 2026 12:30:35 |