CVE.report
CVE.report is the most up-to-date database of common vulnerabilities and exposures. Information is pulled in from several sources and processed in to a mobile friendly, easy to use page. Use the site to quickly check for vulnerabilities in products such as operating systems, applications, hardware, networks, databases, browsers, e-mail clients and more.
CVEs provide a unique and common naming scheme for publicly known cyber security vulnerabilities in order to quickly identify and share these vulnerabilities. You can use the search below to look for vulnerabilities based on product, vendor, or common tags
The form you will see after following this link allows you to fill out the various variables in the CVSS scoring system and receive the corresponding score. The description of each of the variables is also included for additional information.
cve.report now provides a free read-only JSON API for CVE details. Each record combines the CVE Program JSON record, NVD enrichment, KEV, and EPSS when available.
Recent CVEs
| CVE | Description | Updated |
|---|---|---|
| CVE-2026-12329 json | Memory safety bug fixed in Thunderbird ESR 140.12. This vulnerability was fixed in Firefox ESR 140.12 and Thunderbird 140.12. | Tue, 16 Jun 2026 17:05:19 |
| CVE-2026-10635 json | On Xtensa targets with CONFIG_USERSPACE and CONFIG_XTENSA_MMU, the page-table code (arch/xtensa/core/ptables.c) maintains a g... | Tue, 16 Jun 2026 17:05:19 |
| CVE-2026-48777 json | FileBrowser Quantum is a free, self-hosted, web-based file manager. Versions prior to 1.3.2-stable, 1.4.0-beta and 1.4.1-beta... | Tue, 16 Jun 2026 16:50:23 |
| CVE-2026-47750 json | stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, a... | Tue, 16 Jun 2026 16:50:23 |
| CVE-2026-47747 json | stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, a... | Tue, 16 Jun 2026 16:50:23 |
| CVE-2026-46448 json | In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placem... | Tue, 16 Jun 2026 16:50:23 |
| CVE-2026-22313 json | The device has a webserver that exposes a REST API authenticated with a token on the management network. By exploiting an OS ... | Tue, 16 Jun 2026 16:50:23 |
| CVE-2026-22312 json | The device has a webserver that exposes a REST API authenticated with a constant token. The unauthenticated API can be used b... | Tue, 16 Jun 2026 16:50:23 |
| CVE-2026-12425 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PowerSchool Empl... | Tue, 16 Jun 2026 16:50:23 |
| CVE-2026-12117 json | Improper access control in the social login connection endpoint in Devolutions Server 2026.2.5 allows an authenticated vault... | Tue, 16 Jun 2026 16:50:23 |
| CVE-2026-12105 json | Improper access control in Devolutions Server 2026.2.5, 2026.1.21 allows an authenticated user to access attachments via fol... | Tue, 16 Jun 2026 16:50:23 |
| CVE-2026-11890 json | Improper access control in PAM account discovery results in Devolutions Server 2026.2.5, 2026.1.21 allows an authenticated u... | Tue, 16 Jun 2026 16:50:23 |
| CVE-2026-10303 json | In ServerCo getssl version 2.49 and prior, the ACME challenge token returned to the client was not strictly validated against... | Tue, 16 Jun 2026 16:50:23 |
| CVE-2026-0165 json | In several functions of the RTCP packet decoder, there is a possible out-of-bounds read due to a missing bounds check. This c... | Tue, 16 Jun 2026 16:50:23 |
| CVE-2026-0164 json | In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution wit... | Tue, 16 Jun 2026 16:50:23 |
| CVE-2026-0162 json | In ParsePayloads of AudioSdpParser.cpp, there is a possible memory corruption due to type confusion. This could lead to remot... | Tue, 16 Jun 2026 16:50:23 |
| CVE-2026-0161 json | In numberOfReportBlocks of RtpSession.cpp, there is a possible out of bounds write due to an integer overflow. This could lea... | Tue, 16 Jun 2026 16:50:23 |
| CVE-2026-0160 json | In TextRtpPayloadDecoderNode::DecodeT140 of TextRtpPayloadDecoderNode.cpp, there is a possible out of bounds write due to a m... | Tue, 16 Jun 2026 16:50:22 |
| CVE-2026-0158 json | In Camera, there is a possible unauthorized way to access photos due to a missing permission check. This could lead to local ... | Tue, 16 Jun 2026 16:50:22 |
| CVE-2026-0157 json | In RtcpHeader::decodeRtcpHeader, there is a possible OOB read due to a missing bounds check. This could lead to remote inform... | Tue, 16 Jun 2026 16:50:22 |
| CVE-2026-0156 json | In checkSsrcCollisionOnRcv of RtpSession.cpp, there is a possible memory safety issue due to a missing null check. This could... | Tue, 16 Jun 2026 16:50:22 |
| CVE-2026-0155 json | In ImsMediaBitReader::ReadByteBuffer, there is a possible OOB read due to a missing bounds check. This could lead to remote i... | Tue, 16 Jun 2026 16:50:22 |
| CVE-2026-0154 json | In Modem, there is a possible way to trigger a modem crash during a SIP REFER request due to memory corruption. This could le... | Tue, 16 Jun 2026 16:50:22 |
| CVE-2026-0153 json | In Write of msg_to_host_buffer.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead ... | Tue, 16 Jun 2026 16:50:22 |
| CVE-2026-0152 json | In OSMMapPMRGeneric of pmr_os.c, there is a possible way to leverage a system call to system call to maliciously expand the V... | Tue, 16 Jun 2026 16:50:22 |
| CVE-2026-0151 json | In IntfGraphCreate of intfgraph.c, there is a possible out of bounds write due to an integer overflow. This could lead to rem... | Tue, 16 Jun 2026 16:50:22 |
| CVE-2026-0150 json | In ExecuteGraph command handler of EdgeTPU firmware, there is a possible out of bounds write due to an integer overflow. This... | Tue, 16 Jun 2026 16:50:22 |
| CVE-2026-0149 json | In RtpSession::rtpSendRtcpPacket, there is a possible OOB write due to a heap buffer overflow. This could lead to remote code... | Tue, 16 Jun 2026 16:50:22 |
| CVE-2026-0148 json | In multiple functions of VideoRtpPayloadDecoderNode.cpp, there is a possible out of bounds write due to an integer overflow. ... | Tue, 16 Jun 2026 16:50:22 |
| CVE-2026-0147 json | In __mfc_core_nal_q_get_dec_metadata_sei_nal of mfc_core_nal_q.c, there is a possible out of bounds write due to a missing bo... | Tue, 16 Jun 2026 16:50:22 |
| CVE-2026-0146 json | In mfc_core_get_dec_metadata_sei_nal of mfc_core_reg_api.c, there is a possible out of bounds write due to a missing bounds c... | Tue, 16 Jun 2026 16:50:22 |
| CVE-2026-0145 json | In keymint, there is a possible Permission Bypass due to a logic error in the code. This could lead to local information disc... | Tue, 16 Jun 2026 16:50:22 |
| CVE-2026-0144 json | In writeAocCommand of AocAudioCodec.cpp, there is a possible memory safety issue due to a missing bounds check. This could le... | Tue, 16 Jun 2026 16:50:22 |
| CVE-2026-0143 json | In lwis_device_external_event_emit of lwis_event.c, there is a possible memory corruption due to a use after free. This could... | Tue, 16 Jun 2026 16:50:21 |
| CVE-2026-0142 json | In iavb_parse_key_data of avb_rsa.c, there is a possible out of bounds read due to improper input validation. This could lead... | Tue, 16 Jun 2026 16:50:21 |
| CVE-2026-0141 json | In decodeAppPacket of RtcpAppPacket.cpp, there is a possible OOB read due to a missing bounds check. This could lead to remot... | Tue, 16 Jun 2026 16:50:21 |
| CVE-2026-0140 json | In RtpPacket::decodePacket, there is a possible out-of-bounds read due to an integer overflow. This could lead to remote info... | Tue, 16 Jun 2026 16:50:21 |
| CVE-2026-0139 json | In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution wit... | Tue, 16 Jun 2026 16:50:21 |
| CVE-2026-0138 json | In lwis_io_buffer_write of lwis_io_buffer.c, there is a possible out of bounds write due to memory corruption. This could lea... | Tue, 16 Jun 2026 16:50:21 |
| CVE-2026-0137 json | In edgetpu_sync_fence_group_shutdown() of edgetpu-dmabuf.c, there is a possible elevation of privilege due to a use after fre... | Tue, 16 Jun 2026 16:50:21 |
| CVE-2026-0136 json | In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service w... | Tue, 16 Jun 2026 16:50:21 |
| CVE-2026-0135 json | In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote code execution with... | Tue, 16 Jun 2026 16:50:21 |
| CVE-2026-0134 json | In PostWipeData of recovery_ui.cpp, there is a possible data persistence issue after a factory reset due to a logic error in ... | Tue, 16 Jun 2026 16:50:21 |
| CVE-2026-0133 json | In smmu_attach_dev of arm-smmu-v3.c, there is a possible way to sign malicious Android Runtime bootclass artifacts due to a m... | Tue, 16 Jun 2026 16:50:21 |
| CVE-2026-0132 json | In Modem, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution wit... | Tue, 16 Jun 2026 16:50:21 |
| CVE-2026-0131 json | In RtpPacket::decodePacket, there is a possible out of bounds access due to an integer overflow. This could lead to local esc... | Tue, 16 Jun 2026 16:50:21 |
| CVE-2026-0130 json | In RtcpChunk::decodeRtcpChunk, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remot... | Tue, 16 Jun 2026 16:50:21 |
| CVE-2026-0129 json | In RtcpByePacket::decodeByePacket, there is a possible due to a missing bounds check. This could lead to remote information ... | Tue, 16 Jun 2026 16:50:21 |
| CVE-2026-0128 json | In RtcpFbPacket::decodeRtcpFbPacket, there is a possible out of bounds read due to an integer overflow. This could lead to re... | Tue, 16 Jun 2026 16:50:21 |
| CVE-2026-0127 json | In NrmmMsgCodec::DecodeUPUTransparentContext of cn_NrmmDecoder.cpp, there is a possible out-of-bounds read due to memory corr... | Tue, 16 Jun 2026 16:50:21 |
| CVE-2026-0126 json | In WC-Radio, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution ... | Tue, 16 Jun 2026 16:50:21 |
| CVE-2026-53866 json | OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in shell inline-command parsing that allows authenticate... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53865 json | OpenClaw before 2026.5.2 contains a path traversal vulnerability in maintenance task execution that allows workspace-derived ... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53864 json | OpenClaw before 2026.5.26 contains an insufficient sanitization vulnerability in the host environment sanitizer that allows N... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53863 json | OpenClaw before 2026.4.25 contains an input validation vulnerability in tool group policy callers that accept unvalidated gro... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53862 json | OpenClaw before 2026.5.12 contains a bootstrap token replay vulnerability allowing callers with pending token access to reuse... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53861 json | OpenClaw before 2026.5.6 contains an allowlist bypass vulnerability in the macOS Swift exec feature that misses combined POSI... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53860 json | OpenClaw before 2026.5.7 contains a sender policy bypass vulnerability in BlueBubbles that allows participants to match allow... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53859 json | OpenClaw before 2026.5.26 contains a hostname validation vulnerability allowing attackers to bypass blocklist comparisons usi... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53858 json | OpenClaw before 2026.5.2 contains an environment variable injection vulnerability where workspace .env STATE_DIRECTORY could ... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53857 json | OpenClaw before 2026.5.3 contains a policy enforcement vulnerability where Zalo contacts with mutable display metadata could ... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53856 json | OpenClaw 2026.4.23 before 2026.4.24 contains an insecure file permissions vulnerability in config recovery that restores Open... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53855 json | OpenClaw before 2026.4.2 contains an inline-eval bypass vulnerability allowing authenticated operators to weaken strict allow... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53854 json | OpenClaw before 2026.4.25 contains a privilege escalation vulnerability in internal and webchat command authentication that a... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53853 json | OpenClaw before 2026.5.12 contains an argument pattern validation bypass in the exec allowlist that allows attackers to execu... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53852 json | OpenClaw before 2026.4.25 contains a scope containment bypass vulnerability in device re-pairing that allows authenticated op... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53851 json | OpenClaw before 2026.5.12 contains a notification bypass vulnerability allowing Slack reaction events to enter the agent pipe... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53850 json | OpenClaw before 2026.4.25 contains a control scope enforcement bypass vulnerability in the focus command that allows authenti... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53849 json | OpenClaw before 2026.5.7 contains a privilege escalation vulnerability where the allowFrom feature improperly validates Disco... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53848 json | OpenClaw before 2026.5.26 contains an exec allowlist bypass vulnerability allowing authenticated operators to execute wrapper... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53847 json | OpenClaw before 2026.5.6 contains a privilege escalation vulnerability in the Active Memory write scope that allows Gateway o... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53846 json | OpenClaw before 2026.4.29 contains a path traversal vulnerability in the install helper that allows workspace .env files to o... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53845 json | OpenClaw before 2026.5.6 contains a hook bypass vulnerability where skill commands routed through the affected dispatch path ... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53844 json | OpenClaw before 2026.4.29 contains a session visibility check bypass vulnerability in shared memory search that allows authen... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53843 json | OpenClaw before 2026.5.26 contains an authorization bypass vulnerability where a surviving pairing-scoped device session can ... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53842 json | OpenClaw before 2026.5.2 contains an environment variable injection vulnerability allowing workspace .env files to influence ... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53841 json | OpenClaw before 2026.5.12 contains a cross-site scripting vulnerability in exported session HTML that preserves unsafe javasc... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-53840 json | OpenClaw before 2026.5.12 contains an information disclosure vulnerability in streamable-http MCP servers that forwards opera... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-0125 json | In multiple functions of vpu_ioctl.c, there is a possible use after free due to a race condition. This could lead to local es... | Tue, 16 Jun 2026 16:50:20 |
| CVE-2026-50656 json | Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly ref... | Tue, 16 Jun 2026 16:50:19 |
| CVE-2026-48775 json | LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB (both sync and async, via a... | Tue, 16 Jun 2026 16:50:19 |
| CVE-2026-47964 json | DNG SDK versions 1.7.1 2536 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbit... | Tue, 16 Jun 2026 16:50:19 |
| CVE-2026-47963 json | DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of ... | Tue, 16 Jun 2026 16:50:19 |
| CVE-2026-47934 json | DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of ... | Tue, 16 Jun 2026 16:50:19 |
| CVE-2026-47927 json | DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of ... | Tue, 16 Jun 2026 16:50:19 |
| CVE-2026-47749 json | stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, a... | Tue, 16 Jun 2026 16:50:19 |
| CVE-2026-47748 json | stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, a... | Tue, 16 Jun 2026 16:50:19 |
| CVE-2026-24228 json | NVIDIA NeMo Framework for Linux contains a vulnerability where an attacker may cause deserialization of untrusted data. A suc... | Tue, 16 Jun 2026 16:50:19 |
| CVE-2026-24155 json | NVIDIA NeMo Framework for all platforms contains a code injection vulnerability. A successful exploit of this vulnerability m... | Tue, 16 Jun 2026 16:50:19 |
| CVE-2026-12323 json | Spoofing issue in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | Tue, 16 Jun 2026 16:50:19 |
| CVE-2026-12322 json | Clickjacking issue in the Widget: Gtk component. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | Tue, 16 Jun 2026 16:50:19 |
| CVE-2026-12321 json | JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | Tue, 16 Jun 2026 16:50:19 |
| CVE-2026-12320 json | Information disclosure in the Password Manager component. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | Tue, 16 Jun 2026 16:50:19 |
| CVE-2026-12319 json | Denial-of-service in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | Tue, 16 Jun 2026 16:50:19 |
| CVE-2026-12313 json | Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox... | Tue, 16 Jun 2026 16:50:19 |
| CVE-2026-12311 json | Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox... | Tue, 16 Jun 2026 16:50:19 |
| CVE-2026-12303 json | Information disclosure due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed i... | Tue, 16 Jun 2026 16:50:19 |
| CVE-2026-11420 json | Two path traversal vulnerabilities in the Network Installation Service (NIS) of Altium Enterprise Server allow an unauthentic... | Tue, 16 Jun 2026 16:50:19 |
| CVE-2026-11419 json | A path traversal vulnerability exists in the Altium Enterprise Server Vault Service UploadController due to improper validati... | Tue, 16 Jun 2026 16:50:19 |
| CVE-2026-11414 json | A hard-coded cryptographic key is used by Altium Enterprise Server to sign file download URLs in the Vault service. Because t... | Tue, 16 Jun 2026 16:50:19 |