CVE.report
CVE.report is the most up-to-date database of common vulnerabilities and exposures. Information is pulled in from several sources and processed in to a mobile friendly, easy to use page. Use the site to quickly check for vulnerabilities in products such as operating systems, applications, hardware, networks, databases, browsers, e-mail clients and more.
CVEs provide a unique and common naming scheme for publicly known cyber security vulnerabilities in order to quickly identify and share these vulnerabilities. You can use the search below to look for vulnerabilities based on product, vendor, or common tags
The form you will see after following this link allows you to fill out the various variables in the CVSS scoring system and receive the corresponding score. The description of each of the variables is also included for additional information.
cve.report now provides a free read-only JSON API for CVE details. Each record combines the CVE Program JSON record, NVD enrichment, KEV, and EPSS when available.
Recent CVEs
| CVE | Description | Updated |
|---|---|---|
| CVE-2026-6636 json | A vulnerability was detected in p2r3 convert up to 6998584ace3e11db66dff0b423612a5cf91de75b. Affected is the function Bun.ser... | Mon, 20 Apr 2026 08:16:37 |
| CVE-2026-6635 json | A security vulnerability has been detected in rowboatlabs rowboat up to 0.1.67. This impacts the function tool_call of the fi... | Mon, 20 Apr 2026 08:16:37 |
| CVE-2026-6634 json | A weakness has been identified in usememos memos up to 0.22.1. This affects the function memos_access_token of the file src/A... | Mon, 20 Apr 2026 08:16:37 |
| CVE-2026-6633 json | A security flaw has been discovered in Yifang CMS up to 2.0.5. The impacted element is the function store of the file plugins... | Mon, 20 Apr 2026 08:16:37 |
| CVE-2026-5958 json | When sed is invoked with both -i (in-place edit) and --follow-symlinks, the function open_next_file() performs two separate, ... | Mon, 20 Apr 2026 08:16:37 |
| CVE-2026-6654 json | Double-Free / Use-After-Free (UAF) in the `IntoIter::drop` and `ThinVec::clear` functions in the thin_vec crate. A panic in `... | Mon, 20 Apr 2026 07:17:20 |
| CVE-2026-6632 json | A vulnerability was identified in Tenda F451 1.0.0.7_cn_svn7958. The affected element is the function fromSafeClientFilter of... | Mon, 20 Apr 2026 07:17:20 |
| CVE-2026-6631 json | A vulnerability was determined in Tenda F451 1.0.0.7_cn_svn7958. Impacted is the function fromwebExcptypemanFilter of the fil... | Mon, 20 Apr 2026 07:17:20 |
| CVE-2026-6630 json | A vulnerability was found in Tenda F451 1.0.0.7_cn_svn7958. This issue affects the function fromGstDhcpSetSer of the file /go... | Mon, 20 Apr 2026 07:17:20 |
| CVE-2026-6629 json | A vulnerability has been found in Metasoft 美特软件 MetaCRM up to 6.4.0. This vulnerability affects the function Statemen... | Mon, 20 Apr 2026 07:17:20 |
| CVE-2026-31430 json | In the Linux kernel, the following vulnerability has been resolved: X.509: Fix out-of-bounds access when parsing extensions ... | Mon, 20 Apr 2026 06:16:36 |
| CVE-2026-31429 json | In the Linux kernel, the following vulnerability has been resolved: net: skb: fix cross-cache free of KFENCE-allocated skb h... | Mon, 20 Apr 2026 06:16:36 |
| CVE-2026-6628 json | A flaw has been found in phili67 Ecclesia CRM up to 8.0.0. This affects the function ValidateInput of the file /v2/query/view... | Mon, 20 Apr 2026 06:16:36 |
| CVE-2026-6626 json | A vulnerability was detected in Cockpit-HQ Cockpit up to 2.13.5. Affected by this issue is some unknown functionality of the ... | Mon, 20 Apr 2026 06:16:36 |
| CVE-2026-6625 json | A security vulnerability has been detected in moxi624 Mogu Blog v2 up to 5.2. Affected by this vulnerability is the function ... | Mon, 20 Apr 2026 06:16:36 |
| CVE-2026-6624 json | A weakness has been identified in BichitroGan ISP Billing Software 2025.3.20. Affected is an unknown function of the file /?\... | Mon, 20 Apr 2026 06:16:36 |
| CVE-2026-6623 json | A security flaw has been discovered in BichitroGan ISP Billing Software 2025.3.20. This impacts an unknown function of the fi... | Mon, 20 Apr 2026 06:16:36 |
| CVE-2026-6622 json | A vulnerability was identified in BichitroGan ISP Billing Software 2025.3.20. This affects an unknown function of the file /?... | Mon, 20 Apr 2026 06:16:36 |
| CVE-2025-13480 json | Fudo Enterprise in versions from 5.5.0 through 5.6.2 allows low privileged users to access certain administrator-only resourc... | Mon, 20 Apr 2026 06:16:36 |
| CVE-2026-6621 json | A vulnerability was determined in 1024bit extend-deep up to 0.1.6. The impacted element is an unknown function of the file in... | Mon, 20 Apr 2026 05:16:33 |
| CVE-2026-6620 json | A vulnerability was found in SonicCloudOrg sonic-server up to 2.0.0. The affected element is the function Upload of the file ... | Mon, 20 Apr 2026 05:16:33 |
| CVE-2026-6619 json | A vulnerability has been found in langgenius dify up to 1.13.3. Impacted is the function openInNewTab of the file web/app/com... | Mon, 20 Apr 2026 05:16:33 |
| CVE-2026-6618 json | A flaw has been found in langgenius dify up to 1.13.3. This issue affects the function parse_openai_plugin_json_to_tool_bundl... | Mon, 20 Apr 2026 05:16:33 |
| CVE-2026-39454 json | SKYSEA Client View and SKYMEC IT Manager provided by Sky Co.,LTD. configure the installation folder with improper file access... | Mon, 20 Apr 2026 05:16:32 |
| CVE-2026-5967 json | ThreatSonar Anti-Ransomware developed by TeamT5 has an Privilege Escalation vulnerability. Authenticated remote attackers wit... | Mon, 20 Apr 2026 05:16:32 |
| CVE-2026-5121 json | A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer alloc... | Mon, 20 Apr 2026 05:16:32 |
| CVE-2025-59089 json | If an attacker causes kdcproxy to connect to an attacker-controlled KDC server (e.g. through server-side request forgery), th... | Mon, 20 Apr 2026 05:16:32 |
| CVE-2023-5966 json | An authenticated privileged attacker could upload a specially crafted zip to the EspoCRM server in version 7.2.5, via the ext... | Mon, 20 Apr 2026 05:16:32 |
| CVE-2023-5965 json | An authenticated privileged attacker could upload a specially crafted zip to the EspoCRM server in version 7.2.5, via the upd... | Mon, 20 Apr 2026 05:16:32 |
| CVE-2026-41282 json | ProjectDiscovery Nuclei 3 before 3.8.0 allows DSL expression injection. This affects use of -env-vars for multi-step template... | Mon, 20 Apr 2026 04:31:13 |
| CVE-2026-6617 json | A vulnerability was detected in langgenius dify up to 0.6.9. This vulnerability affects the function get_api_tool_provider_re... | Mon, 20 Apr 2026 04:31:13 |
| CVE-2026-6616 json | A security vulnerability has been detected in TransformerOptimus SuperAGI up to 0.0.14. This affects the function extract_wit... | Mon, 20 Apr 2026 04:31:13 |
| CVE-2026-6615 json | A weakness has been identified in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function Upload of ... | Mon, 20 Apr 2026 04:31:13 |
| CVE-2026-5966 json | ThreatSonar Anti-Ransomware developed by TeamT5 has an Arbitrary File Deletion vulnerability. Authenticated remote attackers ... | Mon, 20 Apr 2026 04:31:13 |
| CVE-2026-5964 json | EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arb... | Mon, 20 Apr 2026 04:31:13 |
| CVE-2026-5963 json | EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arb... | Mon, 20 Apr 2026 04:31:13 |
| CVE-2026-4424 json | A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to ... | Mon, 20 Apr 2026 04:31:13 |
| CVE-2026-6644 json | A command injection vulnerability was found in the PPTP VPN Clients on the ADM. The vulnerability allows an administrative us... | Mon, 20 Apr 2026 03:30:14 |
| CVE-2026-6643 json | A stack-based buffer overflow vulnerability was found in the VPN Clients on the ADM. The issue stems from the use of unbounde... | Mon, 20 Apr 2026 03:30:14 |
| CVE-2026-6614 json | A security flaw has been discovered in TransformerOptimus SuperAGI up to 0.0.14. Affected by this vulnerability is the functi... | Mon, 20 Apr 2026 03:30:14 |
| CVE-2026-6613 json | A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Affected is the function delete_agent/stop_schedu... | Mon, 20 Apr 2026 03:30:14 |
| CVE-2026-6612 json | A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This impacts the function get_agent_execution/upd... | Mon, 20 Apr 2026 03:30:14 |
| CVE-2026-6611 json | A vulnerability was found in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the file djangoblog/s... | Mon, 20 Apr 2026 03:30:14 |
| CVE-2024-7083 json | The Email Encoder WordPress plugin before 2.3.4 does not sanitise and escape some of its settings, which could allow high pr... | Mon, 20 Apr 2026 03:30:14 |
| CVE-2026-6610 json | A vulnerability has been found in liangliangyy DjangoBlog up to 2.1.0.0. The impacted element is an unknown function of the f... | Mon, 20 Apr 2026 02:30:07 |
| CVE-2026-6609 json | A flaw has been found in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function form_valid of the file o... | Mon, 20 Apr 2026 02:30:07 |
| CVE-2026-6608 json | A vulnerability was detected in lm-sys fastchat up to 0.2.36. Impacted is the function add_text of the component Arena Side-b... | Mon, 20 Apr 2026 02:30:07 |
| CVE-2026-6607 json | A security vulnerability has been detected in lm-sys fastchat up to 0.2.36. This issue affects the function api_generate of t... | Mon, 20 Apr 2026 01:28:15 |
| CVE-2026-6606 json | A weakness has been identified in modelscope agentscope up to 1.0.18. This vulnerability affects the function _process_audio_... | Mon, 20 Apr 2026 01:28:15 |
| CVE-2026-6605 json | A security flaw has been discovered in modelscope agentscope up to 1.0.18. This affects the function _get_bytes_from_web_url ... | Mon, 20 Apr 2026 01:28:15 |
| CVE-2026-6604 json | A vulnerability was identified in modelscope agentscope up to 1.0.18. Affected by this issue is the function _parse_url/prepa... | Mon, 20 Apr 2026 01:28:15 |
| CVE-2026-6603 json | A vulnerability was determined in modelscope agentscope up to 1.0.18. Affected by this vulnerability is the function execute_... | Mon, 20 Apr 2026 01:28:15 |
| CVE-2026-32965 json | Initialization of a resource with an insecure default vulnerability exists in SD-330AC and AMC Manager provided by silex tech... | Mon, 20 Apr 2026 00:27:46 |
| CVE-2026-32964 json | SD-330AC and AMC Manager provided by silex technology, Inc. contain an improper neutralization of CRLF sequences ('CRLF Injec... | Mon, 20 Apr 2026 00:27:46 |
| CVE-2026-32963 json | SD-330AC and AMC Manager provided by silex technology, Inc. contain a reflected cross-site scripting vulnerability. When a us... | Mon, 20 Apr 2026 00:27:46 |
| CVE-2026-32962 json | SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for critical function issue. The... | Mon, 20 Apr 2026 00:27:46 |
| CVE-2026-32961 json | SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in packet data... | Mon, 20 Apr 2026 00:27:46 |
| CVE-2026-32960 json | SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a sensitive information in resource not rem... | Mon, 20 Apr 2026 00:27:46 |
| CVE-2026-32959 json | SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a use of a broken or risky cryptographic al... | Mon, 20 Apr 2026 00:27:46 |
| CVE-2026-32958 json | SD-330AC and AMC Manager provided by silex technology, Inc. use a hard-coded cryptographic key. An administrative user may be... | Mon, 20 Apr 2026 00:27:46 |
| CVE-2026-32957 json | SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for critical function issue on f... | Mon, 20 Apr 2026 00:27:46 |
| CVE-2026-32956 json | SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in processing ... | Mon, 20 Apr 2026 00:27:46 |
| CVE-2026-6602 json | A vulnerability was found in rickxy Hospital Management System up to 88a4290d957dc5bdde8a56e5ad451ad14f7f90f4. Affected is an... | Mon, 20 Apr 2026 00:27:46 |
| CVE-2026-6601 json | A vulnerability has been found in Lagom WHMCS Template up to 2.4.2. This impacts an unknown function of the component Datatab... | Mon, 20 Apr 2026 00:27:46 |
| CVE-2026-6600 json | A flaw has been found in langflow-ai langflow up to 1.8.3. This affects an unknown function of the file src/frontend/src/moda... | Mon, 20 Apr 2026 00:27:46 |
| CVE-2026-6599 json | A vulnerability was detected in langflow-ai langflow up to 1.8.3. The impacted element is the function get_client_ip/install_... | Mon, 20 Apr 2026 00:27:46 |
| CVE-2026-6598 json | A security vulnerability has been detected in langflow-ai langflow up to 1.8.3. The affected element is the function create_p... | Mon, 20 Apr 2026 00:27:46 |
| CVE-2026-32955 json | SD-330AC and AMC Manager provided by silex technology, Inc. contain a stack-based buffer overflow vulnerability in processing... | Mon, 20 Apr 2026 00:27:45 |
| CVE-2026-4111 json | A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read... | Mon, 20 Apr 2026 00:27:45 |
| CVE-2026-6597 json | A weakness has been identified in langflow-ai langflow up to 1.8.3. Impacted is the function remove_api_keys/has_api_terms of... | Sun, 19 Apr 2026 23:27:04 |
| CVE-2026-6596 json | A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the function create_upload_file o... | Sun, 19 Apr 2026 23:27:03 |
| CVE-2026-6595 json | A vulnerability was identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59... | Sun, 19 Apr 2026 23:27:03 |
| CVE-2026-6594 json | A vulnerability was determined in brikcss merge up to 1.3.0. This affects an unknown part. Executing a manipulation of the ar... | Sun, 19 Apr 2026 22:26:21 |
| CVE-2026-6593 json | A vulnerability was found in ComfyUI up to 0.13.0. Affected by this issue is some unknown functionality of the file server.py... | Sun, 19 Apr 2026 22:26:21 |
| CVE-2026-6592 json | A vulnerability has been found in ComfyUI up to 0.13.0. Affected by this vulnerability is the function getuserdata of the fil... | Sun, 19 Apr 2026 22:26:21 |
| CVE-2026-6591 json | A flaw has been found in ComfyUI up to 0.13.0. Affected is the function folder_paths.get_annotated_filepath of the file folde... | Sun, 19 Apr 2026 21:26:20 |
| CVE-2026-6590 json | A vulnerability was detected in ComfyUI up to 0.13.0. This impacts the function get_model_preview of the file app/model_manag... | Sun, 19 Apr 2026 21:26:20 |
| CVE-2026-6589 json | A security vulnerability has been detected in ComfyUI up to 0.13.0. This affects the function create_origin_only_middleware o... | Sun, 19 Apr 2026 21:26:20 |
| CVE-2026-6588 json | A weakness has been identified in serge-chat serge up to 1.4TB. The impacted element is the function download_model/delete_mo... | Sun, 19 Apr 2026 21:26:20 |
| CVE-2025-54236 json | Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Impr... | Sun, 19 Apr 2026 21:11:21 |
| CVE-2026-6587 json | A security flaw has been discovered in vibrantlabsai RAGAS up to 0.4.3. The affected element is the function _try_process_loc... | Sun, 19 Apr 2026 20:26:18 |
| CVE-2026-6586 json | A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Impacted is the function get_budget/update_budget... | Sun, 19 Apr 2026 20:26:18 |
| CVE-2026-6585 json | A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This issue affects the function update_organisati... | Sun, 19 Apr 2026 20:26:18 |
| CVE-2026-6584 json | A vulnerability was found in TransformerOptimus SuperAGI up to 0.0.14. This vulnerability affects the function update_user of... | Sun, 19 Apr 2026 20:26:18 |
| CVE-2026-33810 json | When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildca... | Sun, 19 Apr 2026 19:26:17 |
| CVE-2026-6583 json | A vulnerability has been found in TransformerOptimus SuperAGI up to 0.0.14. This affects the function delete_api_key/edit_api... | Sun, 19 Apr 2026 19:26:17 |
| CVE-2026-6582 json | A flaw has been found in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function get_vector_db_detai... | Sun, 19 Apr 2026 19:26:17 |
| CVE-2026-6581 json | A vulnerability was detected in H3C Magic B1 up to 100R004. Affected by this vulnerability is the function SetMobileAPInfoByI... | Sun, 19 Apr 2026 19:26:17 |
| CVE-2026-6580 json | A security vulnerability has been detected in liangliangyy DjangoBlog up to 2.1.0.0. Affected is an unknown function of the f... | Sun, 19 Apr 2026 19:26:17 |
| CVE-2025-27363 json | An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when atte... | Sun, 19 Apr 2026 19:26:17 |
| CVE-2026-6579 json | A weakness has been identified in liangliangyy DjangoBlog up to 2.1.0.0. This impacts an unknown function of the file blog/vi... | Sun, 19 Apr 2026 18:26:14 |
| CVE-2026-6578 json | A security flaw has been discovered in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the file dj... | Sun, 19 Apr 2026 18:26:14 |
| CVE-2026-6577 json | A vulnerability was identified in liangliangyy DjangoBlog up to 2.1.0.0. The impacted element is an unknown function of the f... | Sun, 19 Apr 2026 16:26:12 |
| CVE-2025-49796 json | A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corru... | Sun, 19 Apr 2026 16:26:12 |
| CVE-2025-49795 json | A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an atta... | Sun, 19 Apr 2026 16:26:12 |
| CVE-2025-14512 json | A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflo... | Sun, 19 Apr 2026 16:26:12 |
| CVE-2025-14104 json | A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specific... | Sun, 19 Apr 2026 16:26:12 |
| CVE-2025-14087 json | A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a deni... | Sun, 19 Apr 2026 16:26:12 |
| CVE-2025-13601 json | A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_st... | Sun, 19 Apr 2026 16:26:12 |
| CVE-2025-9566 json | There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file ... | Sun, 19 Apr 2026 16:26:12 |