CVE.report
CVE.report is the most up-to-date database of common vulnerabilities and exposures. Information is pulled in from several sources and processed in to a mobile friendly, easy to use page. Use the site to quickly check for vulnerabilities in products such as operating systems, applications, hardware, networks, databases, browsers, e-mail clients and more.
CVEs provide a unique and common naming scheme for publicly known cyber security vulnerabilities in order to quickly identify and share these vulnerabilities. You can use the search below to look for vulnerabilities based on product, vendor, or common tags
The form you will see after following this link allows you to fill out the various variables in the CVSS scoring system and receive the corresponding score. The description of each of the variables is also included for additional information.
cve.report now provides a free read-only JSON API for CVE details. Each record combines the CVE Program JSON record, NVD enrichment, KEV, and EPSS when available.
Recent CVEs
| CVE | Description | Updated |
|---|---|---|
| CVE-2026-41409 json | The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject() was incomplete. The classname allowlist of classes all... | Mon, 27 Apr 2026 06:17:12 |
| CVE-2026-40858 json | The camel-infinispan component's ProtoStream-based remote aggregation repository deserializes data read from a remote Infinis... | Mon, 27 Apr 2026 06:17:12 |
| CVE-2026-7112 json | A vulnerability has been found in NousResearch hermes-agent 0.8.0. Affected by this vulnerability is the function _check_auth... | Mon, 27 Apr 2026 06:17:12 |
| CVE-2026-7110 json | A flaw has been found in code-projects Invoice System in Laravel 1.0. Affected is an unknown function of the file /item. Exec... | Mon, 27 Apr 2026 06:17:12 |
| CVE-2026-7109 json | A vulnerability was detected in code-projects Invoice System in Laravel 1.0. This impacts an unknown function of the file /it... | Mon, 27 Apr 2026 06:17:12 |
| CVE-2026-40022 json | When authentication is enabled on the Apache Camel embedded HTTP server or embedded management server (camel-platform-http-ma... | Mon, 27 Apr 2026 06:17:11 |
| CVE-2026-34003 json | A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could send a specially crafted re... | Mon, 27 Apr 2026 06:17:11 |
| CVE-2026-34001 json | A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifi... | Mon, 27 Apr 2026 06:17:11 |
| CVE-2026-33999 json | A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handl... | Mon, 27 Apr 2026 06:17:11 |
| CVE-2026-33454 json | The Camel-Mail component is vulnerable to Camel message header injection. The custom header filter strategy used by the compo... | Mon, 27 Apr 2026 06:17:11 |
| CVE-2026-5201 json | A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due... | Mon, 27 Apr 2026 06:17:11 |
| CVE-2026-3008 json | Successful exploitation of the string injection vulnerability could allow an attacker to obtain memory address information or... | Mon, 27 Apr 2026 06:17:11 |
| CVE-2026-7090 json | A vulnerability was detected in code-projects Chat System 1.0. This affects an unknown function of the file /admin/send_messa... | Mon, 27 Apr 2026 02:31:04 |
| CVE-2026-7089 json | A security vulnerability has been detected in code-projects Home Service System 1.0. The impacted element is an unknown funct... | Mon, 27 Apr 2026 02:31:04 |
| CVE-2026-7088 json | A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown ... | Mon, 27 Apr 2026 02:31:04 |
| CVE-2026-7087 json | A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown functio... | Mon, 27 Apr 2026 02:31:04 |
| CVE-2026-7086 json | A vulnerability was identified in HBAI-Ltd Toonflow-app up to 1.1.1. This issue affects the function updateStoryboardUrl of t... | Mon, 27 Apr 2026 02:31:04 |
| CVE-2026-7085 json | A vulnerability was determined in HBAI-Ltd Toonflow-app up to 1.1.1. This vulnerability affects the function z.url of the fil... | Mon, 27 Apr 2026 00:29:27 |
| CVE-2026-7084 json | A vulnerability was found in HBAI-Ltd Toonflow-app up to 1.1.1. This affects the function fetch of the file src/routes/settin... | Mon, 27 Apr 2026 00:29:27 |
| CVE-2026-7083 json | A vulnerability has been found in likeadmin-likeshop likeadmin_php up to 1.9.6. Affected by this issue is the function queryR... | Mon, 27 Apr 2026 00:29:27 |
| CVE-2026-7082 json | A flaw has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function formWrlExtraSet of the file /gofo... | Mon, 27 Apr 2026 00:29:26 |
| CVE-2026-7081 json | A vulnerability was detected in Tenda F456 1.0.0.5. Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSet... | Mon, 27 Apr 2026 00:29:26 |
| CVE-2026-3868 json | An improper handling of the length parameter inconsistency vulnerability has been identified in Moxa’s Secure Router. Beca... | Mon, 27 Apr 2026 00:29:26 |
| CVE-2026-3867 json | An improper ownership management vulnerability has been identified in Moxa’s Secure Router. Because of improper ownership m... | Mon, 27 Apr 2026 00:29:26 |
| CVE-2026-7106 json | The Highland Software Custom Role Manager plugin for WordPress is vulnerable to Privilege Escalation in versions up to and in... | Sun, 26 Apr 2026 23:28:19 |
| CVE-2026-7080 json | A security vulnerability has been detected in Tenda F456 1.0.0.5. This impacts the function fromPPTPUserSetting of the file /... | Sun, 26 Apr 2026 23:28:19 |
| CVE-2026-7079 json | A weakness has been identified in Tenda F456 1.0.0.5. This affects the function fromAdvSetWan of the file /goform/AdvSetWan o... | Sun, 26 Apr 2026 23:28:19 |
| CVE-2026-7078 json | A security flaw has been discovered in Tenda F456 1.0.0.5. The impacted element is the function fromSetIpBind of the file /go... | Sun, 26 Apr 2026 23:28:19 |
| CVE-2026-7077 json | A vulnerability was identified in itsourcecode Courier Management System 1.0. The affected element is an unknown function of ... | Sun, 26 Apr 2026 23:28:19 |
| CVE-2026-3006 json | Successful exploitation of the race condition vulnerability could allow an attacker to trigger a kernel heap overflow, potent... | Sun, 26 Apr 2026 23:28:19 |
| CVE-2026-7076 json | A vulnerability was determined in itsourcecode Courier Management System 1.0. Impacted is an unknown function of the file /ed... | Sun, 26 Apr 2026 22:27:59 |
| CVE-2026-7075 json | A vulnerability was found in itsourcecode Construction Management System 1.0. This issue affects some unknown processing of t... | Sun, 26 Apr 2026 22:27:59 |
| CVE-2026-7074 json | A vulnerability has been found in itsourcecode Construction Management System 1.0. This vulnerability affects unknown code of... | Sun, 26 Apr 2026 22:27:59 |
| CVE-2026-7073 json | A flaw has been found in itsourcecode Construction Management System 1.0. This affects an unknown part of the file /execute.p... | Sun, 26 Apr 2026 21:26:14 |
| CVE-2026-7072 json | A vulnerability was detected in CodePanda Source canteen_management_system 1.0. Affected by this issue is some unknown functi... | Sun, 26 Apr 2026 21:26:14 |
| CVE-2026-7071 json | A security vulnerability has been detected in CodeAstro Online Job Portal 1.0. Affected by this vulnerability is an unknown f... | Sun, 26 Apr 2026 21:26:14 |
| CVE-2026-7070 json | A weakness has been identified in code-projects Inventory Management System 1.0. Affected is an unknown function of the compo... | Sun, 26 Apr 2026 21:26:14 |
| CVE-2025-54236 json | Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Impr... | Sun, 26 Apr 2026 21:10:52 |
| CVE-2026-42363 json | An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility ... | Sun, 26 Apr 2026 20:25:10 |
| CVE-2026-33566 json | There is a cypher injection issue in LogonTracer prior to v2.0.0. If specially crafted Windows event log data is loaded, the ... | Sun, 26 Apr 2026 20:25:10 |
| CVE-2026-33277 json | An OS command Injection issue exists in LogonTracer prior to v2.0.0. An arbitrary OS command may be executed by a logged-in u... | Sun, 26 Apr 2026 20:25:10 |
| CVE-2026-7069 json | A security flaw has been discovered in D-Link DIR-825 up to 3.00b32. This impacts the function AddPortMapping of the file upn... | Sun, 26 Apr 2026 20:25:10 |
| CVE-2026-7068 json | A vulnerability was identified in D-Link DIR-825 3.00b32. This affects the function NMBD_process of the file sserver.c of the... | Sun, 26 Apr 2026 20:25:10 |
| CVE-2026-7067 json | A vulnerability was determined in D-Link DIR-822 A_101. The impacted element is the function system of the file /udhcpcd/dhcp... | Sun, 26 Apr 2026 20:25:10 |
| CVE-2026-7066 json | A vulnerability was found in choieastsea simple-openstack-mcp up to 767b2f4a8154cca344344b9725537a58399e6036. The affected el... | Sun, 26 Apr 2026 20:25:10 |
| CVE-2026-7065 json | A vulnerability has been found in BidingCC BuildingAI up to 26.0.1. Impacted is the function uploadRemoteFile of the file pac... | Sun, 26 Apr 2026 20:25:10 |
| CVE-2026-7064 json | A flaw has been found in AgentDeskAI browser-tools-mcp up to 1.2.0. This issue affects some unknown processing of the file br... | Sun, 26 Apr 2026 19:24:14 |
| CVE-2026-7063 json | A vulnerability was detected in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the ... | Sun, 26 Apr 2026 19:24:14 |
| CVE-2026-7062 json | A security vulnerability has been detected in Intina47 context-sync up to 2.0.0. This affects an unknown part of the file src... | Sun, 26 Apr 2026 19:24:14 |
| CVE-2026-7061 json | A weakness has been identified in Toowiredd chatgpt-mcp-server up to 0.1.0. Affected by this issue is some unknown functional... | Sun, 26 Apr 2026 18:23:36 |
| CVE-2026-7060 json | A vulnerability was determined in liyupi yu-picture up to a053632c41340152bf75b66b3c543d129123d8ec. This impacts the function... | Sun, 26 Apr 2026 18:23:36 |
| CVE-2026-7059 json | A vulnerability was found in 666ghj MiroFish up to 0.1.2. This affects the function get_simulation_posts of the file backend/... | Sun, 26 Apr 2026 18:23:36 |
| CVE-2026-7058 json | A vulnerability has been found in 666ghj MiroFish up to 0.1.2. The impacted element is the function SimulationIPCClient.send_... | Sun, 26 Apr 2026 18:23:36 |
| CVE-2026-7057 json | A flaw has been found in Tenda F456 1.0.0.5. The affected element is an unknown function of the file /goform/setcfm of the co... | Sun, 26 Apr 2026 18:23:36 |
| CVE-2026-7056 json | A vulnerability was detected in Tenda F456 1.0.0.5. Impacted is the function fromSafeUrlFilter of the file /goform/SafeUrlFil... | Sun, 26 Apr 2026 18:23:36 |
| CVE-2026-7055 json | A security vulnerability has been detected in Tenda F456 1.0.0.5. This issue affects the function fromVirtualSer of the file ... | Sun, 26 Apr 2026 18:23:36 |
| CVE-2026-7054 json | A weakness has been identified in Tenda F456 1.0.0.5. This vulnerability affects the function fromPptpUserAdd of the file /go... | Sun, 26 Apr 2026 18:23:36 |
| CVE-2026-7053 json | A security flaw has been discovered in Tenda F456 1.0.0.5. This affects the function frmL7ProtForm of the file /goform/L7Prot... | Sun, 26 Apr 2026 18:23:36 |
| CVE-2026-7045 json | A vulnerability was determined in baomidou dynamic-datasource 2.5.0. Affected by this vulnerability is the function DsSpelExp... | Sun, 26 Apr 2026 18:23:36 |
| CVE-2026-7044 json | A vulnerability was found in GreenCMS up to 2.3. Affected is the function themeadd of the file /index.php?m=admin&c=custom&a=... | Sun, 26 Apr 2026 18:23:36 |
| CVE-2026-7043 json | A vulnerability has been found in GreenCMS up to 2.3. This impacts the function pluginAddLocal of the file /index.php?m=admin... | Sun, 26 Apr 2026 18:23:35 |
| CVE-2026-7042 json | A flaw has been found in 666ghj MiroFish up to 0.1.2. This affects the function create_app of the file backend/app/__init__.p... | Sun, 26 Apr 2026 18:23:35 |
| CVE-2018-25297 json | Wansview 1.0.2 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying ove... | Sun, 26 Apr 2026 18:23:35 |
| CVE-2018-25296 json | P10 Central Management Software 1.4.13 contains a buffer overflow vulnerability in the login password field that allows local... | Sun, 26 Apr 2026 18:23:35 |
| CVE-2018-25295 json | ObserverIP Scan Tool 1.4.0.1 contains a denial of service vulnerability that allows local attackers to crash the application ... | Sun, 26 Apr 2026 18:23:35 |
| CVE-2018-25294 json | CEWE Photoshow 6.3.4 contains a buffer overflow vulnerability in the login dialog that allows attackers to crash the applicat... | Sun, 26 Apr 2026 18:23:35 |
| CVE-2018-25293 json | Prime95 29.4b7 contains a buffer overflow vulnerability in the PrimeNet connection dialog that allows local attackers to cras... | Sun, 26 Apr 2026 18:23:35 |
| CVE-2018-25292 json | Bome Restorator 1793 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplyi... | Sun, 26 Apr 2026 18:23:35 |
| CVE-2018-25291 json | Project64 2.3.2 contains a buffer overflow vulnerability in the Plugin Directory settings field that allows local attackers t... | Sun, 26 Apr 2026 18:23:35 |
| CVE-2018-25290 json | Easyboot 6.6.0 contains a buffer overflow vulnerability in the Replace Text function that allows local attackers to crash the... | Sun, 26 Apr 2026 18:23:35 |
| CVE-2018-25289 json | Softdisk 3.0.3 contains a buffer overflow vulnerability in the registration code dialog that allows local attackers to crash ... | Sun, 26 Apr 2026 18:23:35 |
| CVE-2018-25288 json | StyleWriter 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an... | Sun, 26 Apr 2026 18:23:35 |
| CVE-2018-25287 json | Drive Power Manager 1.10 contains a buffer overflow vulnerability that allows local attackers to crash the application by sup... | Sun, 26 Apr 2026 18:23:35 |
| CVE-2018-25286 json | Easy PhotoResQ 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying... | Sun, 26 Apr 2026 18:23:35 |
| CVE-2018-25285 json | Fathom 2.4 contains a buffer overflow vulnerability in the Authorization Code field that allows local attackers to crash the ... | Sun, 26 Apr 2026 18:23:34 |
| CVE-2018-25284 json | HD Tune Pro 5.70 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying a... | Sun, 26 Apr 2026 18:23:34 |
| CVE-2018-25283 json | iSmartViewPro 1.5 contains a structured exception handling (SEH) buffer overflow vulnerability in the 'Save Path for Snapshot... | Sun, 26 Apr 2026 18:23:34 |
| CVE-2018-25282 json | Nmap 7.70 contains a denial of service vulnerability that allows local attackers to crash the application by processing malic... | Sun, 26 Apr 2026 18:23:34 |
| CVE-2018-25281 json | iCash 7.6.5 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an ove... | Sun, 26 Apr 2026 18:23:34 |
| CVE-2018-25280 json | Infiltrator Network Security Scanner 4.6 contains a buffer overflow vulnerability that allows local attackers to crash the ap... | Sun, 26 Apr 2026 18:23:34 |
| CVE-2018-25279 json | jiNa OCR Image to Text 1.0 contains a denial of service vulnerability that allows local attackers to crash the application by... | Sun, 26 Apr 2026 18:23:34 |
| CVE-2018-25278 json | PicaJet FX 2.6.5 contains a denial of service vulnerability that allows local attackers to crash the application by submittin... | Sun, 26 Apr 2026 18:23:34 |
| CVE-2018-25277 json | PixGPS 1.1.8 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an ov... | Sun, 26 Apr 2026 18:23:34 |
| CVE-2018-25276 json | RoboImport 1.2.0.72 contains a denial of service vulnerability that allows local attackers to crash the application by submit... | Sun, 26 Apr 2026 18:23:34 |
| CVE-2018-25275 json | Faleemi Plus 1.0.2 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying... | Sun, 26 Apr 2026 18:23:34 |
| CVE-2026-41080 json | libexpat before 2.7.6 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document. | Sun, 26 Apr 2026 18:23:33 |
| CVE-2018-25274 json | InfraRecorder 0.53 contains a denial of service vulnerability that allows local attackers to crash the application by importi... | Sun, 26 Apr 2026 18:23:33 |
| CVE-2018-25273 json | CrossFont 7.5 contains a buffer overflow vulnerability that allows local attackers to crash the application by submitting an ... | Sun, 26 Apr 2026 18:23:33 |
| CVE-2018-25264 json | TransMac 12.2 contains a buffer overflow vulnerability in the license key input field that allows local attackers to crash th... | Sun, 26 Apr 2026 18:23:33 |
| CVE-2018-25263 json | Faleemi Desktop Software 1.8.2 contains a local buffer overflow vulnerability in the Device alias field that allows local att... | Sun, 26 Apr 2026 18:23:33 |
| CVE-2026-6786 json | Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs s... | Sun, 26 Apr 2026 16:06:14 |
| CVE-2026-6785 json | Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. ... | Sun, 26 Apr 2026 16:06:14 |
| CVE-2025-64348 json | ELOG allows an authenticated user to modify or overwrite the configuration file, resulting in denial of service. If the execu... | Sun, 26 Apr 2026 15:35:44 |
| CVE-2025-35051 json | Newforma Project Center Server (NPCS) accepts serialized .NET data via the '/ProjectCenter.rem' endpoint on 9003/tcp, allowin... | Sun, 26 Apr 2026 15:05:42 |
| CVE-2025-26793 json | The Web GUI configuration panel of Hirsch (formerly Identiv and Viscount) Enterphone MESH through 2024 ships with default cre... | Sun, 26 Apr 2026 15:05:42 |
| CVE-2025-1789 json | Local privilege escalation in Genetec Update Service. An authenticated, low-privileged, Windows user could exploit this vulne... | Sun, 26 Apr 2026 14:50:42 |
| CVE-2025-1790 json | Local privilege escalation in Genetec Sipelia Plugin. An authenticated low-privileged Windows user could exploit this vulnera... | Sun, 26 Apr 2026 14:50:41 |
| CVE-2025-1787 json | Local admin could to leak information from the Genetec Update Service configuration web page. An authenticated, admin privile... | Sun, 26 Apr 2026 14:50:41 |
| CVE-2026-7041 json | A vulnerability was detected in 666ghj MiroFish up to 0.1.2. The impacted element is an unknown function of the file /console... | Sun, 26 Apr 2026 09:20:31 |
| CVE-2026-7039 json | A security vulnerability has been detected in tufantunc ssh-mcp up to 1.5.0. The affected element is the function shell.write... | Sun, 26 Apr 2026 09:20:31 |