CVE.report
CVE.report is the most up-to-date database of common vulnerabilities and exposures. Information is pulled in from several sources and processed in to a mobile friendly, easy to use page. Use the site to quickly check for vulnerabilities in products such as operating systems, applications, hardware, networks, databases, browsers, e-mail clients and more.
CVEs provide a unique and common naming scheme for publicly known cyber security vulnerabilities in order to quickly identify and share these vulnerabilities. You can use the search below to look for vulnerabilities based on product, vendor, or common tags
The form you will see after following this link allows you to fill out the various variables in the CVSS scoring system and receive the corresponding score. The description of each of the variables is also included for additional information.
cve.report now provides a free read-only JSON API for CVE details. Each record combines the CVE Program JSON record, NVD enrichment, KEV, and EPSS when available.
Recent CVEs
| CVE | Description | Updated |
|---|---|---|
| CVE-2026-45622 json | Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, the... | Fri, 15 May 2026 19:31:00 |
| CVE-2026-45402 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, multiple e... | Fri, 15 May 2026 19:31:00 |
| CVE-2026-45396 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the POST /... | Fri, 15 May 2026 19:31:00 |
| CVE-2026-45350 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.6, there is a... | Fri, 15 May 2026 19:31:00 |
| CVE-2026-45338 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a Server-S... | Fri, 15 May 2026 19:31:00 |
| CVE-2026-45331 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, validate_u... | Fri, 15 May 2026 19:31:00 |
| CVE-2026-45010 json | phpMyFAQ before 4.1.2 contains an improper restriction of excessive authentication attempts vulnerability in the /admin/check... | Fri, 15 May 2026 19:31:00 |
| CVE-2026-44571 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.6, in standar... | Fri, 15 May 2026 19:31:00 |
| CVE-2026-8704 json | Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified. | Fri, 15 May 2026 19:31:00 |
| CVE-2026-45667 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, GET /api/v... | Fri, 15 May 2026 18:29:22 |
| CVE-2026-45666 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, the API /... | Fri, 15 May 2026 18:29:22 |
| CVE-2026-45665 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, a Stored C... | Fri, 15 May 2026 18:29:22 |
| CVE-2026-45365 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, an intern... | Fri, 15 May 2026 18:29:22 |
| CVE-2026-45351 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.9, when a reg... | Fri, 15 May 2026 18:29:22 |
| CVE-2026-8700 json | Crypt::DSA versions before 1.20 for Perl generate seeds using rand. Seeds were generated using Perl's built-in rand function... | Fri, 15 May 2026 18:29:22 |
| CVE-2026-45347 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.5.11, there is ... | Fri, 15 May 2026 18:29:21 |
| CVE-2026-45346 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.31, there is ... | Fri, 15 May 2026 18:29:21 |
| CVE-2026-45345 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.5.7, a user can... | Fri, 15 May 2026 18:29:21 |
| CVE-2026-45318 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, his adviso... | Fri, 15 May 2026 18:29:21 |
| CVE-2026-45317 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, an applica... | Fri, 15 May 2026 18:29:21 |
| CVE-2026-45316 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, the POST /... | Fri, 15 May 2026 18:29:21 |
| CVE-2026-45315 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, the audio ... | Fri, 15 May 2026 18:29:21 |
| CVE-2026-45314 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, the channe... | Fri, 15 May 2026 18:29:21 |
| CVE-2026-45303 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.5, through th... | Fri, 15 May 2026 18:29:21 |
| CVE-2026-45301 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.3.16, a missing... | Fri, 15 May 2026 18:29:21 |
| CVE-2026-45299 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, the profil... | Fri, 15 May 2026 18:29:21 |
| CVE-2026-44570 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.19, authoriza... | Fri, 15 May 2026 18:29:21 |
| CVE-2026-44569 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.19, there's a... | Fri, 15 May 2026 18:29:21 |
| CVE-2026-44567 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.1.124, the API ... | Fri, 15 May 2026 18:29:21 |
| CVE-2026-46474 json | Trog::TOTP versions before 1.006 for Perl generate secrets using rand. Secrets were generated using Perl's built-in rand fun... | Fri, 15 May 2026 18:29:20 |
| CVE-2026-46365 json | phpMyFAQ before 4.1.2 contains a missing authorization vulnerability in the DELETE /admin/api/content/tags/{tagId} endpoint t... | Fri, 15 May 2026 18:29:20 |
| CVE-2026-46359 json | phpMyFAQ before 4.1.2 contains a sql injection vulnerability in CurrentUser::setTokenData that allows authenticated attackers... | Fri, 15 May 2026 18:29:20 |
| CVE-2026-45671 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, any authen... | Fri, 15 May 2026 18:29:20 |
| CVE-2026-45400 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, a parsing ... | Fri, 15 May 2026 18:29:20 |
| CVE-2026-45387 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, when setti... | Fri, 15 May 2026 18:29:20 |
| CVE-2026-44826 json | Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.2, Vvv... | Fri, 15 May 2026 18:29:20 |
| CVE-2026-44566 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.1.124, when att... | Fri, 15 May 2026 18:29:20 |
| CVE-2026-44565 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.10, when uplo... | Fri, 15 May 2026 18:29:20 |
| CVE-2026-44549 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, Excel file... | Fri, 15 May 2026 18:29:20 |
| CVE-2026-35194 json | Code injection in SQL code generation in Apache Flink 1.15.0 through 1.20.x and 2.0.0 through 2.x allows authenticated users ... | Fri, 15 May 2026 18:29:20 |
| CVE-2026-8669 json | Imager versions through 1.030 for Perl allow a heap out of bounds (OOB) write on crafted multi-frame GIF files. Imager::File... | Fri, 15 May 2026 18:29:20 |
| CVE-2026-8454 json | Imager::File::GIF versions through 1.002 for Perl allow a heap out of bounds (OOB) write on crafted multi-frame GIF files. I... | Fri, 15 May 2026 18:29:20 |
| CVE-2026-46366 json | phpMyFAQ before 4.1.2 contains an information disclosure vulnerability in the getIdFromSolutionId() method that lacks permiss... | Fri, 15 May 2026 17:28:52 |
| CVE-2026-45675 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, he LDAP an... | Fri, 15 May 2026 17:28:52 |
| CVE-2026-45672 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.12, the /api/... | Fri, 15 May 2026 17:28:52 |
| CVE-2026-45401 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the valida... | Fri, 15 May 2026 17:28:52 |
| CVE-2026-45398 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, _validate_... | Fri, 15 May 2026 17:28:52 |
| CVE-2026-45397 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, GET /api/v... | Fri, 15 May 2026 17:28:52 |
| CVE-2026-45395 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the tool u... | Fri, 15 May 2026 17:28:52 |
| CVE-2026-45386 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, Pin/Unpin ... | Fri, 15 May 2026 17:28:52 |
| CVE-2026-45385 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, an IDOR vu... | Fri, 15 May 2026 17:28:52 |
| CVE-2026-44721 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a stored c... | Fri, 15 May 2026 17:28:52 |
| CVE-2026-44568 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the Accoun... | Fri, 15 May 2026 17:28:52 |
| CVE-2026-44561 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the is_use... | Fri, 15 May 2026 17:28:52 |
| CVE-2026-44559 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the GET /a... | Fri, 15 May 2026 17:28:52 |
| CVE-2026-44555 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, Open WebUI... | Fri, 15 May 2026 17:28:52 |
| CVE-2026-44553 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, administra... | Fri, 15 May 2026 17:28:52 |
| CVE-2026-8696 json | radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_pids_list() function within the GDB client core that allows... | Fri, 15 May 2026 17:28:52 |
| CVE-2026-46363 json | phpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in FAQ creation and update endpoints that bypass s... | Fri, 15 May 2026 17:28:51 |
| CVE-2026-46360 json | phpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in SvgSanitizer::decodeAllEntities() that limits r... | Fri, 15 May 2026 17:28:51 |
| CVE-2026-45616 json | Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, Th... | Fri, 15 May 2026 17:28:51 |
| CVE-2026-45393 json | Reserved. Details will be published at disclosure. | Fri, 15 May 2026 17:28:51 |
| CVE-2026-45009 json | phpMyFAQ before 4.1.2 contains an insufficient authorization vulnerability in admin-api routes that allows authenticated ordi... | Fri, 15 May 2026 17:28:51 |
| CVE-2026-42585 json | Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty incorrec... | Fri, 15 May 2026 17:28:51 |
| CVE-2026-39053 json | Oinone Pamirs 7.0.0 contains an XML External Entity (XXE) issue in its XStream-based XML parsing logic. When attacker-control... | Fri, 15 May 2026 17:28:51 |
| CVE-2026-8558 json | Out of bounds write in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code ins... | Fri, 15 May 2026 17:28:51 |
| CVE-2026-45399 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, any authen... | Fri, 15 May 2026 16:28:44 |
| CVE-2026-45349 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a user jus... | Fri, 15 May 2026 16:28:44 |
| CVE-2026-45339 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, Open WebUI... | Fri, 15 May 2026 16:28:44 |
| CVE-2026-46408 json | Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, the... | Fri, 15 May 2026 16:28:43 |
| CVE-2026-44564 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the ydoc:d... | Fri, 15 May 2026 16:28:43 |
| CVE-2026-44563 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /api/g... | Fri, 15 May 2026 16:28:43 |
| CVE-2026-44562 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the POST /... | Fri, 15 May 2026 16:28:43 |
| CVE-2026-44560 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the type: ... | Fri, 15 May 2026 16:28:43 |
| CVE-2026-44558 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the channe... | Fri, 15 May 2026 16:28:43 |
| CVE-2026-44557 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the _valid... | Fri, 15 May 2026 16:28:43 |
| CVE-2026-44556 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /respo... | Fri, 15 May 2026 16:28:43 |
| CVE-2026-44554 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the POST /... | Fri, 15 May 2026 16:28:43 |
| CVE-2026-44552 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the tool_s... | Fri, 15 May 2026 16:28:43 |
| CVE-2026-44551 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the LDAP a... | Fri, 15 May 2026 16:28:43 |
| CVE-2026-44550 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, FolderForm... | Fri, 15 May 2026 16:28:43 |
| CVE-2025-67031 json | ORSEE (Online Recruitment System for Economic Experiments) 3.1.0 contains an authenticated Remote Code Execution vulnerabilit... | Fri, 15 May 2026 16:28:43 |
| CVE-2026-46333 json | In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dump... | Fri, 15 May 2026 16:28:42 |
| CVE-2026-45053 json | CubeCart is an ecommerce software solution. Prior to 6.7.0, an Authenticated Arbitrary File Upload vulnerability exists in th... | Fri, 15 May 2026 16:28:42 |
| CVE-2026-44695 json | Outline is a service that allows for collaborative documentation. Prior to 1.7.1, the Slack integration callback for GET /aut... | Fri, 15 May 2026 16:28:42 |
| CVE-2026-44376 json | CubeCart is an ecommerce software solution. Prior to 6.7.0, an unauthenticated Reflected XSS vulnerability exists in the Cube... | Fri, 15 May 2026 16:28:42 |
| CVE-2026-43912 json | Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, Vaultwarden does not enforce that a groups_use... | Fri, 15 May 2026 16:28:42 |
| CVE-2026-22586 json | Hard-coded Cryptographic Key vulnerability in Salesforce Marketing Cloud Engagement (CloudPages, Forward to a Friend, Profile... | Fri, 15 May 2026 16:28:42 |
| CVE-2026-43335 json | In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: sm8450: Fix NULL pointer dereference... | Fri, 15 May 2026 16:13:47 |
| CVE-2026-24000 json | Fleet is open source device management software. Prior to version 4.80.1, Fleet trusted client-supplied IP address headers wh... | Fri, 15 May 2026 16:13:47 |
| CVE-2026-20914 json | Null pointer dereference for some Intel(R) QAT software drivers for Windows before version 2.6.0 within Ring 3: User Applicat... | Fri, 15 May 2026 16:13:47 |
| CVE-2026-20905 json | Improper input validation for some Intel(R) QAT software drivers for Windows before version 2.6 within Ring 3: User Applicati... | Fri, 15 May 2026 16:13:47 |
| CVE-2026-20881 json | Divide by zero for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may al... | Fri, 15 May 2026 16:13:47 |
| CVE-2026-20793 json | Unchecked return value for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Application... | Fri, 15 May 2026 16:13:47 |
| CVE-2026-20782 json | Buffer overflow for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may a... | Fri, 15 May 2026 16:13:47 |
| CVE-2026-20771 json | Null pointer dereference for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applicati... | Fri, 15 May 2026 16:13:47 |
| CVE-2026-20767 json | Improper input validation for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applicat... | Fri, 15 May 2026 16:13:47 |
| CVE-2026-20717 json | Improper input validation for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applicat... | Fri, 15 May 2026 16:13:47 |
| CVE-2026-20714 json | Out-of-bounds write for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications m... | Fri, 15 May 2026 16:13:47 |
| CVE-2026-8401 json | Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3. | Fri, 15 May 2026 16:13:47 |