CVE.report
CVE.report is the most up-to-date database of common vulnerabilities and exposures. Information is pulled in from several sources and processed in to a mobile friendly, easy to use page. Use the site to quickly check for vulnerabilities in products such as operating systems, applications, hardware, networks, databases, browsers, e-mail clients and more.
CVEs provide a unique and common naming scheme for publicly known cyber security vulnerabilities in order to quickly identify and share these vulnerabilities. You can use the search below to look for vulnerabilities based on product, vendor, or common tags
The form you will see after following this link allows you to fill out the various variables in the CVSS scoring system and receive the corresponding score. The description of each of the variables is also included for additional information.
cve.report now provides a free read-only JSON API for CVE details. Each record combines the CVE Program JSON record, NVD enrichment, KEV, and EPSS when available.
Recent CVEs
| CVE | Description | Updated |
|---|---|---|
| CVE-2026-49494 json | Comodo Internet Security's firewall driver Inspect.sys contains an integer underflow in its IPv6 packet parser. The parser de... | Sun, 07 Jun 2026 09:23:44 |
| CVE-2026-11459 json | A security vulnerability has been detected in SecureAge CatchPulse up to 10.9.1. Impacted is an unknown function in the libra... | Sun, 07 Jun 2026 06:23:39 |
| CVE-2026-11458 json | A weakness has been identified in erzhongxmu JeeWMS up to 141740afb2ba14d441c82a833d0a418d07ca2d69. This issue affects some u... | Sun, 07 Jun 2026 05:23:38 |
| CVE-2026-11457 json | A security flaw has been discovered in erzhongxmu JeeWMS up to 141740afb2ba14d441c82a833d0a418d07ca2d69. This vulnerability a... | Sun, 07 Jun 2026 05:23:37 |
| CVE-2026-11456 json | A vulnerability was identified in Chanjet CRM 1.0. This affects an unknown part of the file /tools/jxf_dump_systable.php of t... | Sun, 07 Jun 2026 05:23:37 |
| CVE-2026-11455 json | A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.2. Affected by this issue is the function check_cmd_exis... | Sun, 07 Jun 2026 05:23:37 |
| CVE-2026-11453 json | A vulnerability was found in Tiobon Employee Self-Service System up to 7.2. Affected by this vulnerability is an unknown func... | Sun, 07 Jun 2026 00:18:30 |
| CVE-2026-11452 json | A vulnerability has been found in GL.iNet GL-MT3000 up to 4.4.5. Affected is the function FUN_0042e200 of the file /cgi-bin/g... | Sun, 07 Jun 2026 00:18:30 |
| CVE-2026-11451 json | A flaw has been found in GL.iNet GL-MT3000 4.4.5. This impacts the function snprintf of the file /cgi-bin/glc of the componen... | Sun, 07 Jun 2026 00:18:30 |
| CVE-2026-11450 json | A vulnerability was detected in GL.iNet GL-MT3000 4.4.5. This affects the function dlopen in the library /usr/lib/oui-httpd/r... | Sat, 06 Jun 2026 23:18:28 |
| CVE-2026-11449 json | A security vulnerability has been detected in GL.iNet GL-MT3000 4.4.5. The impacted element is the function rpc_sys of the fi... | Sat, 06 Jun 2026 23:18:28 |
| CVE-2026-11448 json | A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5. The affected element is the function realpath of the file /r... | Sat, 06 Jun 2026 23:18:28 |
| CVE-2026-11447 json | A security flaw has been discovered in GL.iNet GL-MT3000 up to 4.4.5. Impacted is the function iwinfo_backend of the file iwi... | Sat, 06 Jun 2026 22:18:27 |
| CVE-2026-26422 json | clash-verge-service-ipc before 2.3.0 has a world-reachable IPC endpoint, leading to local privilege escalation. | Sat, 06 Jun 2026 19:31:19 |
| CVE-2026-36229 json | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further... | Sat, 06 Jun 2026 17:30:14 |
| CVE-2026-36499 json | A missing upper-bound check in the udpif_set_threads() function of Open vSwitch v3.6.90 allows an attacker with OVSDB write a... | Sat, 06 Jun 2026 16:29:02 |
| CVE-2026-11441 json | A vulnerability was identified in theonedev onedev up to 15.0.5. This vulnerability affects the function canAccessIssue of th... | Sat, 06 Jun 2026 14:28:16 |
| CVE-2026-11440 json | A vulnerability was determined in theonedev onedev up to 15.0.5. This affects an unknown part of the file /repositories/{proj... | Sat, 06 Jun 2026 14:28:16 |
| CVE-2026-11439 json | A vulnerability was found in theonedev onedev up to 15.0.5. Affected by this issue is some unknown functionality of the file ... | Sat, 06 Jun 2026 14:28:16 |
| CVE-2026-11012 json | Use after free in Serial in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the... | Sat, 06 Jun 2026 14:28:15 |
| CVE-2026-11010 json | Use after free in WebShare in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised t... | Sat, 06 Jun 2026 14:28:15 |
| CVE-2026-11009 json | Use after free in USB in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to potentially perform a s... | Sat, 06 Jun 2026 14:28:15 |
| CVE-2026-11006 json | Out of bounds read in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memo... | Sat, 06 Jun 2026 14:28:15 |
| CVE-2026-11004 json | Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the rendere... | Sat, 06 Jun 2026 14:28:15 |
| CVE-2026-11002 json | Use after free in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer... | Sat, 06 Jun 2026 14:28:15 |
| CVE-2026-11438 json | A vulnerability has been found in theonedev onedev up to 15.0.5. Affected by this vulnerability is an unknown functionality o... | Sat, 06 Jun 2026 13:28:14 |
| CVE-2026-11437 json | A flaw has been found in perfree go-fastdfs-web up to 1.3.7. Affected is the function checkServer of the file /install/checkS... | Sat, 06 Jun 2026 13:28:14 |
| CVE-2026-11001 json | Inappropriate implementation in Payments in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a us... | Sat, 06 Jun 2026 13:28:14 |
| CVE-2026-10999 json | Integer overflow in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised th... | Sat, 06 Jun 2026 13:28:14 |
| CVE-2026-10994 json | Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive ... | Sat, 06 Jun 2026 13:28:14 |
| CVE-2026-10993 json | Heap buffer overflow in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitiv... | Sat, 06 Jun 2026 13:28:14 |
| CVE-2026-10992 json | Insufficient data validation in Animation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potenti... | Sat, 06 Jun 2026 13:28:14 |
| CVE-2026-10990 json | Use after free in Glic in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer pro... | Sat, 06 Jun 2026 13:28:14 |
| CVE-2026-11436 json | A vulnerability was detected in Mage AI up to 0.9.79. This impacts the function useMutation of the file mage_ai/frontend/comp... | Sat, 06 Jun 2026 12:28:12 |
| CVE-2026-11435 json | A security vulnerability has been detected in Jinher OA 1.0. This affects an unknown function of the file nextselectplan.aspx... | Sat, 06 Jun 2026 12:28:12 |
| CVE-2026-11434 json | A weakness has been identified in FluentCMS 0.0.5. The impacted element is an unknown function of the file /admin/blocks of t... | Sat, 06 Jun 2026 11:28:11 |
| CVE-2026-11413 json | A security vulnerability has been detected in JingDong JD Cloud Box AX6600 4.5.3.r4546. The impacted element is the function ... | Sat, 06 Jun 2026 10:28:09 |
| CVE-2026-11211 json | Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a s... | Sat, 06 Jun 2026 09:28:08 |
| CVE-2026-11199 json | Inappropriate implementation in WebRTC in Google Chrome prior to 149.0.7827.53 allowed an attacker in a privileged network po... | Sat, 06 Jun 2026 09:28:07 |
| CVE-2026-11103 json | Inappropriate implementation in Installer in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perf... | Sat, 06 Jun 2026 09:28:07 |
| CVE-2026-11072 json | Use after free in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary co... | Sat, 06 Jun 2026 09:28:07 |
| CVE-2026-10971 json | Insufficient validation of untrusted input in Printing in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote at... | Sat, 06 Jun 2026 09:28:07 |
| CVE-2026-11229 json | Inappropriate implementation in Enterprise in Google Chrome prior to 149.0.7827.53 allowed a local attacker to perform privil... | Sat, 06 Jun 2026 08:27:10 |
| CVE-2026-10725 json | Protocol::HTTP2 versions through 1.12 for Perl is vulnerable to a HTTP/2 Bomb. Protocol::HTTP2's inbound HPACK path has no h... | Sat, 06 Jun 2026 08:27:10 |
| CVE-2026-11412 json | A weakness has been identified in Jinher OA C6. The affected element is an unknown function of the file /C6/JHSoft.Web.Module... | Sat, 06 Jun 2026 07:26:29 |
| CVE-2026-11411 json | A security flaw has been discovered in iAI Lab PDF AI App 4.21.0 on Android. Impacted is the function getExternalCacheDir of ... | Sat, 06 Jun 2026 07:26:29 |
| CVE-2026-11408 json | A vulnerability was identified in vertex-app vertex up to 2026.02.12. This issue affects some unknown processing of the file ... | Sat, 06 Jun 2026 07:26:29 |
| CVE-2026-11406 json | A vulnerability was determined in GL.iNet MT3000 up to 4.4.5. This vulnerability affects unknown code of the file ovpnclient.... | Sat, 06 Jun 2026 06:25:32 |
| CVE-2026-7402 json | Improper Control of Interaction Frequency vulnerability in MeWare Software Development Inc. PDKS allows Flooding. This issue... | Sat, 06 Jun 2026 04:24:46 |
| CVE-2026-7399 json | Authorization bypass through User-Controlled key vulnerability in MeWare Software Development Inc. PDKS allows Privilege Abus... | Sat, 06 Jun 2026 04:24:46 |
| CVE-2026-7382 json | Exposure of Sensitive Information to an Unauthorized Actor, Exposure of private personal information to an unauthorized actor... | Sat, 06 Jun 2026 04:24:46 |
| CVE-2026-6849 json | Improper neutralization of special elements used in an OS command ('OS command injection') vulnerability in TUBITAK BILGEM So... | Sat, 06 Jun 2026 04:24:46 |
| CVE-2026-5166 json | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in TUBITAK BILGEM Software Techn... | Sat, 06 Jun 2026 04:24:46 |
| CVE-2026-5161 json | Improper link resolution before file access ('link following') vulnerability in TUBITAK BILGEM Software Technologies Research... | Sat, 06 Jun 2026 04:24:46 |
| CVE-2026-5141 json | Improper Privilege Management, Improper Access Control, Incorrect privilege assignment vulnerability in TUBITAK BILGEM Softwa... | Sat, 06 Jun 2026 04:24:46 |
| CVE-2026-5140 json | Improper neutralization of CRLF sequences ('CRLF injection') vulnerability in TUBITAK BILGEM Software Technologies Research I... | Sat, 06 Jun 2026 04:24:46 |
| CVE-2026-3120 json | Improper Control of Generation of Code ('Code Injection') vulnerability in Profelis Information and Consulting Trade and Indu... | Sat, 06 Jun 2026 04:24:46 |
| CVE-2026-2624 json | Missing Authentication for Critical Function vulnerability in ePati Cyber Security Technologies Inc. Antikor Next Gener... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2026-2339 json | Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderah... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2026-1819 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Karel Electronic... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2026-1619 json | Authorization Bypass Through User-Controlled Key vulnerability in Universal Software Inc. FlexCity/Kiosk allows Exploitation ... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2026-1618 json | Authentication Bypass Using an Alternate Path or Channel vulnerability in Universal Software Inc. FlexCity/Kiosk allows Privi... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-2406 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Verisay Communic... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-2405 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Verisay Communic... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-2307 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Verisay Communic... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-2204 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tapandsign Techn... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-2155 json | Unrestricted Upload of File with Dangerous Type vulnerability in Echo Call Center Services Trade and Industry Inc. Specto CM ... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-2154 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Echo Call Center... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-1928 json | Improper Restriction of Excessive Authentication Attempts vulnerability in Restajet Information Technologies Inc. Online Food... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-1927 json | Cross-Site Request Forgery (CSRF) vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows ... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-1885 json | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Restajet Information Technologies Inc. Online Food Deliv... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-1395 json | Generation of Error Message Containing Sensitive Information vulnerability in Codriapp Innovation and Software Technologies I... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-1161 json | Incorrect Use of Privileged APIs vulnerability in NomySoft Information Technology Training and Consulting Inc. Nomysem allows... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-1031 json | Authorization Bypass Through User-Controlled Key vulnerability in Utarit Informatics Services Inc. SoliClub allows Functional... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-1030 json | Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Utarit Informatics Services Inc. SoliClub ... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-1029 json | Use of Hard-coded Credentials vulnerability in Utarit Information Services Inc. SoliClub allows Read Sensitive Constants With... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-0645 json | Unrestricted Upload of File with Dangerous Type vulnerability in Narkom Communication and Software Technologies Trade Ltd. Co... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-0643 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Narkom Communica... | Sat, 06 Jun 2026 04:24:45 |
| CVE-2025-2413 json | Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft ProKuafor allows Authentication Bypass. ... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-2411 json | Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft TaskPano allows Authentication Bypass. T... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-2404 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ubit Information... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-1740 json | Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft MyRezzta allows Authentication Bypass, Pa... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0987 json | Authorization Bypass Through User-Controlled Key vulnerability in CB Project Ltd. Co. CVLand allows Parameter Injection. Thi... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0879 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Shopside Softwar... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0878 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Akinsoft LimonDe... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0876 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Isin Basi Advert... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0875 json | Authorization Bypass Through User-Controlled Key vulnerability in PROLIZ Computer Software Hardware Service Trade Ltd. Co. OB... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0670 json | Authorization Bypass Through User-Controlled Key vulnerability in Akinsoft ProKuafor allows Resource Leak Exposure. This iss... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0642 json | Use of Hard-coded Credentials, Authorization Bypass Through User-Controlled Key vulnerability in PosCube Hardware Software an... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0640 json | Authorization Bypass Through User-Controlled Key vulnerability in Akinsoft OctoCloud allows Resource Leak Exposure. This iss... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0616 json | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Teknolojik Center Telec... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0609 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Logo Software In... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0608 json | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Logo Software Inc. Logo Cloud allows Phishing, Forceful ... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0607 json | Improper Encoding or Escaping of Output vulnerability in Logo Software Inc. Logo Cloud allows Phishing. This issue affects L... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0606 json | Authorization Bypass Through User-Controlled Key vulnerability in Logo Software Inc. Logo Cloud allows Forceful Browsing, Res... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0603 json | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Callvision Healthcare C... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0547 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Paraşüt Softwa... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0546 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting'), Improper Restriction of Rendered... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0421 json | Improper Restriction of Rendered UI Layers or Frames vulnerability in Shopside Software Technologies Inc. Shopside allows iFr... | Sat, 06 Jun 2026 04:24:44 |
| CVE-2025-0420 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Paraşüt Softwa... | Sat, 06 Jun 2026 04:24:44 |