CVE.report
CVE.report is the most up-to-date database of common vulnerabilities and exposures. Information is pulled in from several sources and processed in to a mobile friendly, easy to use page. Use the site to quickly check for vulnerabilities in products such as operating systems, applications, hardware, networks, databases, browsers, e-mail clients and more.
CVEs provide a unique and common naming scheme for publicly known cyber security vulnerabilities in order to quickly identify and share these vulnerabilities. You can use the search below to look for vulnerabilities based on product, vendor, or common tags
The form you will see after following this link allows you to fill out the various variables in the CVSS scoring system and receive the corresponding score. The description of each of the variables is also included for additional information.
cve.report now provides a free read-only JSON API for CVE details. Each record combines the CVE Program JSON record, NVD enrichment, KEV, and EPSS when available.
Recent CVEs
| CVE | Description | Updated |
|---|---|---|
| CVE-2026-11436 json | A vulnerability was detected in Mage AI up to 0.9.79. This impacts the function useMutation of the file mage_ai/frontend/comp... | Sat, 06 Jun 2026 12:28:12 |
| CVE-2026-11435 json | A security vulnerability has been detected in Jinher OA 1.0. This affects an unknown function of the file nextselectplan.aspx... | Sat, 06 Jun 2026 12:28:12 |
| CVE-2026-11434 json | A weakness has been identified in FluentCMS 0.0.5. The impacted element is an unknown function of the file /admin/blocks of t... | Sat, 06 Jun 2026 11:28:11 |
| CVE-2026-11413 json | A security vulnerability has been detected in JingDong JD Cloud Box AX6600 4.5.3.r4546. The impacted element is the function ... | Sat, 06 Jun 2026 10:28:09 |
| CVE-2026-11211 json | Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a s... | Sat, 06 Jun 2026 09:28:08 |
| CVE-2026-11199 json | Inappropriate implementation in WebRTC in Google Chrome prior to 149.0.7827.53 allowed an attacker in a privileged network po... | Sat, 06 Jun 2026 09:28:07 |
| CVE-2026-11103 json | Inappropriate implementation in Installer in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perf... | Sat, 06 Jun 2026 09:28:07 |
| CVE-2026-11072 json | Use after free in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary co... | Sat, 06 Jun 2026 09:28:07 |
| CVE-2026-10971 json | Insufficient validation of untrusted input in Printing in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote at... | Sat, 06 Jun 2026 09:28:07 |
| CVE-2026-11229 json | Inappropriate implementation in Enterprise in Google Chrome prior to 149.0.7827.53 allowed a local attacker to perform privil... | Sat, 06 Jun 2026 08:27:10 |
| CVE-2026-10725 json | Protocol::HTTP2 versions through 1.12 for Perl is vulnerable to a HTTP/2 Bomb. Protocol::HTTP2's inbound HPACK path has no h... | Sat, 06 Jun 2026 08:27:10 |
| CVE-2026-11412 json | A weakness has been identified in Jinher OA C6. The affected element is an unknown function of the file /C6/JHSoft.Web.Module... | Sat, 06 Jun 2026 07:26:29 |
| CVE-2026-11411 json | A security flaw has been discovered in iAI Lab PDF AI App 4.21.0 on Android. Impacted is the function getExternalCacheDir of ... | Sat, 06 Jun 2026 07:26:29 |
| CVE-2026-11408 json | A vulnerability was identified in vertex-app vertex up to 2026.02.12. This issue affects some unknown processing of the file ... | Sat, 06 Jun 2026 07:26:29 |
| CVE-2026-11406 json | A vulnerability was determined in GL.iNet MT3000 up to 4.4.5. This vulnerability affects unknown code of the file ovpnclient.... | Sat, 06 Jun 2026 06:25:32 |
| CVE-2026-7402 json | Improper Control of Interaction Frequency vulnerability in MeWare Software Development Inc. PDKS allows Flooding. This issue... | Sat, 06 Jun 2026 04:24:46 |
| CVE-2026-7399 json | Authorization bypass through User-Controlled key vulnerability in MeWare Software Development Inc. PDKS allows Privilege Abus... | Sat, 06 Jun 2026 04:24:46 |
| CVE-2026-7382 json | Exposure of Sensitive Information to an Unauthorized Actor, Exposure of private personal information to an unauthorized actor... | Sat, 06 Jun 2026 04:24:46 |
| CVE-2026-6849 json | Improper neutralization of special elements used in an OS command ('OS command injection') vulnerability in TUBITAK BILGEM So... | Sat, 06 Jun 2026 04:24:46 |
| CVE-2026-5166 json | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in TUBITAK BILGEM Software Techn... | Sat, 06 Jun 2026 04:24:46 |
| CVE-2026-5161 json | Improper link resolution before file access ('link following') vulnerability in TUBITAK BILGEM Software Technologies Research... | Sat, 06 Jun 2026 04:24:46 |
| CVE-2026-5141 json | Improper Privilege Management, Improper Access Control, Incorrect privilege assignment vulnerability in TUBITAK BILGEM Softwa... | Sat, 06 Jun 2026 04:24:46 |
| CVE-2026-5140 json | Improper neutralization of CRLF sequences ('CRLF injection') vulnerability in TUBITAK BILGEM Software Technologies Research I... | Sat, 06 Jun 2026 04:24:46 |
| CVE-2026-3120 json | Improper Control of Generation of Code ('Code Injection') vulnerability in Profelis Information and Consulting Trade and Indu... | Sat, 06 Jun 2026 04:24:46 |
| CVE-2026-2624 json | Missing Authentication for Critical Function vulnerability in ePati Cyber Security Technologies Inc. Antikor Next Gener... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2026-2339 json | Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderah... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2026-1819 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Karel Electronic... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2026-1619 json | Authorization Bypass Through User-Controlled Key vulnerability in Universal Software Inc. FlexCity/Kiosk allows Exploitation ... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2026-1618 json | Authentication Bypass Using an Alternate Path or Channel vulnerability in Universal Software Inc. FlexCity/Kiosk allows Privi... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-2406 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Verisay Communic... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-2405 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Verisay Communic... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-2307 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Verisay Communic... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-2204 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tapandsign Techn... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-2155 json | Unrestricted Upload of File with Dangerous Type vulnerability in Echo Call Center Services Trade and Industry Inc. Specto CM ... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-2154 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Echo Call Center... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-1928 json | Improper Restriction of Excessive Authentication Attempts vulnerability in Restajet Information Technologies Inc. Online Food... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-1927 json | Cross-Site Request Forgery (CSRF) vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows ... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-1885 json | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Restajet Information Technologies Inc. Online Food Deliv... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-1395 json | Generation of Error Message Containing Sensitive Information vulnerability in Codriapp Innovation and Software Technologies I... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-1161 json | Incorrect Use of Privileged APIs vulnerability in NomySoft Information Technology Training and Consulting Inc. Nomysem allows... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-1031 json | Authorization Bypass Through User-Controlled Key vulnerability in Utarit Informatics Services Inc. SoliClub allows Functional... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-1030 json | Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Utarit Informatics Services Inc. SoliClub ... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-1029 json | Use of Hard-coded Credentials vulnerability in Utarit Information Services Inc. SoliClub allows Read Sensitive Constants With... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-0645 json | Unrestricted Upload of File with Dangerous Type vulnerability in Narkom Communication and Software Technologies Trade Ltd. Co... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-0643 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Narkom Communica... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-2413 json | Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft ProKuafor allows Authentication Bypass. ... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-2411 json | Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft TaskPano allows Authentication Bypass. T... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-2404 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ubit Information... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-1740 json | Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft MyRezzta allows Authentication Bypass, Pa... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0987 json | Authorization Bypass Through User-Controlled Key vulnerability in CB Project Ltd. Co. CVLand allows Parameter Injection. Thi... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0879 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Shopside Softwar... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0878 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Akinsoft LimonDe... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0876 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Isin Basi Advert... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0875 json | Authorization Bypass Through User-Controlled Key vulnerability in PROLIZ Computer Software Hardware Service Trade Ltd. Co. OB... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0670 json | Authorization Bypass Through User-Controlled Key vulnerability in Akinsoft ProKuafor allows Resource Leak Exposure. This iss... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0642 json | Use of Hard-coded Credentials, Authorization Bypass Through User-Controlled Key vulnerability in PosCube Hardware Software an... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0640 json | Authorization Bypass Through User-Controlled Key vulnerability in Akinsoft OctoCloud allows Resource Leak Exposure. This iss... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0616 json | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Teknolojik Center Telec... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0609 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Logo Software In... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0608 json | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Logo Software Inc. Logo Cloud allows Phishing, Forceful ... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0607 json | Improper Encoding or Escaping of Output vulnerability in Logo Software Inc. Logo Cloud allows Phishing. This issue affects L... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0606 json | Authorization Bypass Through User-Controlled Key vulnerability in Logo Software Inc. Logo Cloud allows Forceful Browsing, Res... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0603 json | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Callvision Healthcare C... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0547 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Paraşüt Softwa... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0546 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting'), Improper Restriction of Rendered... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0421 json | Improper Restriction of Rendered UI Layers or Frames vulnerability in Shopside Software Technologies Inc. Shopside allows iFr... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0420 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Paraşüt Softwa... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0419 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Zirve Informatio... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-2412 json | Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft QR Menu allows Authentication Bypass. Th... | Sat, 06 Jun 2026 04:24:43 |
| CVE-2025-2311 json | Incorrect Use of Privileged APIs, Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulne... | Sat, 06 Jun 2026 04:24:43 |
| CVE-2025-2301 json | Authorization Bypass Through User-Controlled Key vulnerability in Akbim Software Online Exam Registration allows Exploitation... | Sat, 06 Jun 2026 04:24:43 |
| CVE-2025-1929 json | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Risk Yazılım Teknoloj... | Sat, 06 Jun 2026 04:24:43 |
| CVE-2025-1496 json | Improper Restriction of Excessive Authentication Attempts vulnerability in BG-TEK Coslat Hotspot allows Password Brute Forcin... | Sat, 06 Jun 2026 04:24:43 |
| CVE-2025-1469 json | Authorization Bypass Through User-Controlled Key vulnerability in Turtek Software Eyotek allows Exploitation of Trusted Ident... | Sat, 06 Jun 2026 04:24:43 |
| CVE-2025-1301 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Yordam Informati... | Sat, 06 Jun 2026 04:24:43 |
| CVE-2025-1269 json | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in HAVELSAN Liman MYS allows Cross-Site Flashing. This iss... | Sat, 06 Jun 2026 04:24:43 |
| CVE-2025-1035 json | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Komtera Technolgies KLog Serv... | Sat, 06 Jun 2026 04:24:43 |
| CVE-2025-0984 json | Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-s... | Sat, 06 Jun 2026 04:24:43 |
| CVE-2025-0877 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AtaksAPP Reserva... | Sat, 06 Jun 2026 04:24:43 |
| CVE-2025-0610 json | Cross-Site Request Forgery (CSRF) vulnerability in Akınsoft QR Menü allows Cross Site Request Forgery. This issue affects ... | Sat, 06 Jun 2026 04:24:43 |
| CVE-2025-0545 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tekrom Technolog... | Sat, 06 Jun 2026 04:24:43 |
| CVE-2026-50589 json | In OpenStack Ironic 32 before 37.0.0, an unauthenticated malicious user could submit a crafted JSON string to some endpoints ... | Sat, 06 Jun 2026 02:22:10 |
| CVE-2026-10879 json | DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The prepars... | Sat, 06 Jun 2026 02:22:10 |
| CVE-2025-2812 json | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mydata Informatics Tick... | Sat, 06 Jun 2026 02:22:10 |
| CVE-2025-2488 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Profelis Informa... | Sat, 06 Jun 2026 02:22:10 |
| CVE-2025-2421 json | Improper Control of Generation of Code ('Code Injection') vulnerability in Profelis Informatics SambaBox allows Code Injectio... | Sat, 06 Jun 2026 02:22:10 |
| CVE-2025-2417 json | Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft e-Mutabakat allows Authentication Bypass.... | Sat, 06 Jun 2026 02:22:10 |
| CVE-2025-2416 json | Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft LimonDesk allows Authentication Bypass. ... | Sat, 06 Jun 2026 02:22:10 |
| CVE-2025-2415 json | Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft MyRezzta allows Authentication Bypass. T... | Sat, 06 Jun 2026 02:22:10 |
| CVE-2025-2414 json | Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft OctoCloud allows Authentication Bypass. ... | Sat, 06 Jun 2026 02:22:10 |
| CVE-2026-11150 json | Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scr... | Sat, 06 Jun 2026 01:20:20 |
| CVE-2026-11148 json | Inappropriate implementation in Payments in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to leak ... | Sat, 06 Jun 2026 01:20:20 |
| CVE-2026-9851 json | The Booking Package plugin for WordPress is vulnerable to Privilege Escalation via Account Takeover in versions up to, and in... | Sat, 06 Jun 2026 01:20:20 |
| CVE-2026-9829 json | The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to time-based SQL Injection v... | Sat, 06 Jun 2026 01:20:20 |
| CVE-2026-9594 json | The WP Maps – Google Maps,OpenStreetMap,Mapbox,Store Locator,Listing,Directory & Filters plugin for WordPress is vulnerable... | Sat, 06 Jun 2026 01:20:20 |
| CVE-2026-9016 json | The Debug Log Manager – Conveniently Monitor and Inspect Errors plugin for WordPress is vulnerable to Improper Output Neutr... | Sat, 06 Jun 2026 01:20:20 |
| CVE-2026-8839 json | The MapPress Maps for WordPress plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all... | Sat, 06 Jun 2026 01:20:20 |
| CVE-2026-8611 json | The Klamra Paycal for Aspaclaria plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to... | Sat, 06 Jun 2026 01:20:20 |
| CVE-2026-7624 json | The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to authorization bypass in all versions up to, and includin... | Sat, 06 Jun 2026 01:20:20 |
| CVE-2026-11146 json | Insufficient validation of untrusted input in Chromoting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker wh... | Sat, 06 Jun 2026 01:20:19 |