CVE.report
CVE.report is the most up-to-date database of common vulnerabilities and exposures. Information is pulled in from several sources and processed in to a mobile friendly, easy to use page. Use the site to quickly check for vulnerabilities in products such as operating systems, applications, hardware, networks, databases, browsers, e-mail clients and more.
CVEs provide a unique and common naming scheme for publicly known cyber security vulnerabilities in order to quickly identify and share these vulnerabilities. You can use the search below to look for vulnerabilities based on product, vendor, or common tags
The form you will see after following this link allows you to fill out the various variables in the CVSS scoring system and receive the corresponding score. The description of each of the variables is also included for additional information.
cve.report now provides a free read-only JSON API for CVE details. Each record combines the CVE Program JSON record, NVD enrichment, KEV, and EPSS when available.
Recent CVEs
| CVE | Description | Updated |
|---|---|---|
| CVE-2026-42800 json | NULL pointer dereference vulnerability in ASR1903 in ASR Lapwing_Linux on Linux (ims_client modules) allows Pointer Manipulat... | Thu, 30 Apr 2026 06:18:36 |
| CVE-2026-41016 json | Apache Airflow's SMTP provider `SmtpHook` called Python's `smtplib.SMTP.starttls()` without an SSL context, so no certificate... | Thu, 30 Apr 2026 06:18:36 |
| CVE-2026-31431 json | In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place T... | Thu, 30 Apr 2026 06:18:36 |
| CVE-2026-6498 json | The Five Star Restaurant Reservations plugin for WordPress is vulnerable to a payment bypass via PHP type juggling in version... | Thu, 30 Apr 2026 06:18:36 |
| CVE-2026-42799 json | Out-of-bounds read vulnerability in ASR Kestrel (nr_fw modules) allows Overflow Buffers. This vulnerability is associated w... | Thu, 30 Apr 2026 05:18:35 |
| CVE-2026-42512 json | As dhclient is building an environment to pass to dhclient-script, it may need to resize the array of string pointers. The c... | Thu, 30 Apr 2026 05:18:35 |
| CVE-2026-39457 json | When exchanging data over a socket, libnv uses select(2) to wait for data to arrive. However, it does not verify whether the... | Thu, 30 Apr 2026 05:18:35 |
| CVE-2026-35547 json | When processing the header of an incoming message, libnv failed to properly validate the message size. The lack of validatio... | Thu, 30 Apr 2026 05:18:35 |
| CVE-2026-22070 json | ColorOS Assistant has an unauthenticated start-download channel, leading to file path traversal. | Thu, 30 Apr 2026 05:18:35 |
| CVE-2026-7164 json | Incorrect packet validation allowed unbounded recursion parsing SCTP chunk parameters. This can eventually result in a stack... | Thu, 30 Apr 2026 04:18:19 |
| CVE-2026-5201 json | A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due... | Thu, 30 Apr 2026 04:18:19 |
| CVE-2026-7270 json | An operator precedence bug in the kernel results in a scenario where a buffer overflow causes attacker-controlled data to ove... | Thu, 30 Apr 2026 03:17:00 |
| CVE-2026-6870 json | GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:17:00 |
| CVE-2026-6869 json | WebSocket protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:17:00 |
| CVE-2026-6867 json | SMB2 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:17:00 |
| CVE-2026-6538 json | BEEP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:17:00 |
| CVE-2026-6537 json | ZigBee protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:17:00 |
| CVE-2026-6536 json | DLMS/COSEM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 | Thu, 30 Apr 2026 03:17:00 |
| CVE-2026-6535 json | Dissection engine zlib decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:17:00 |
| CVE-2026-6534 json | USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:16:59 |
| CVE-2026-6533 json | Dissection engine LZ77 decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:16:59 |
| CVE-2026-6532 json | Kismet protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:16:59 |
| CVE-2026-6531 json | SANE protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:16:59 |
| CVE-2026-6530 json | DCP-ETSI protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:16:59 |
| CVE-2026-6529 json | iLBC audio codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:16:59 |
| CVE-2026-6528 json | TLS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 allows denial of service | Thu, 30 Apr 2026 03:16:59 |
| CVE-2026-6527 json | ASN.1 PER protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:16:59 |
| CVE-2026-6526 json | RTSP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 | Thu, 30 Apr 2026 03:16:59 |
| CVE-2026-6524 json | MySQL protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:16:59 |
| CVE-2026-6523 json | GNW protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:16:59 |
| CVE-2026-6522 json | RPKI-Router protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:16:59 |
| CVE-2026-6521 json | OpenFlow v5 protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:16:59 |
| CVE-2026-6520 json | OpenFlow v6 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:16:59 |
| CVE-2026-6519 json | MBIM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:16:59 |
| CVE-2026-5657 json | iLBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:16:59 |
| CVE-2026-5655 json | SDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 allows denial of service | Thu, 30 Apr 2026 03:16:59 |
| CVE-2026-5654 json | AMR-NB codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:16:59 |
| CVE-2026-5653 json | DCP-ETSI protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:16:59 |
| CVE-2026-5409 json | Monero protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:16:59 |
| CVE-2026-5408 json | BT-DHT protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:16:59 |
| CVE-2026-42798 json | Little CMS (lcms2) 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c. | Thu, 30 Apr 2026 03:16:58 |
| CVE-2026-42511 json | The BOOTP file field is written to the lease file without escaping embedded double-quotes, allowing injection of arbitrary dh... | Thu, 30 Apr 2026 03:16:58 |
| CVE-2026-41226 json | Open redirect vulnerability exists in Multiple laser printers and MFPs which implement Ricoh Web Image Monitor. When accessin... | Thu, 30 Apr 2026 03:16:58 |
| CVE-2026-5407 json | SMB2 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:16:58 |
| CVE-2026-5406 json | FC-SWILS protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:16:58 |
| CVE-2026-5402 json | TLS protocol dissector heap overflow in Wireshark 4.6.0 to 4.6.4 allows denial of service and possible code execution | Thu, 30 Apr 2026 03:16:58 |
| CVE-2026-5401 json | AFP Spotlight protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:16:58 |
| CVE-2026-5299 json | ICMPv6 PvD protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 03:16:58 |
| CVE-2024-39847 json | Unauthenticated attackers can exploit a weakness in the XML parser functionality of the SOAP endpoints in 4D server. This all... | Thu, 30 Apr 2026 03:16:58 |
| CVE-2026-7379 json | Memory leak in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 02:30:48 |
| CVE-2026-7378 json | Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 02:30:48 |
| CVE-2026-7376 json | Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 02:30:48 |
| CVE-2026-7375 json | UDS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 02:30:48 |
| CVE-2026-6868 json | HTTP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | Thu, 30 Apr 2026 02:30:48 |
| CVE-2025-13030 json | All versions of the package django-mdeditor are vulnerable to Missing Authentication for Critical Function in the image uploa... | Thu, 30 Apr 2026 02:30:48 |
| CVE-2026-42510 json | OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface. | Thu, 30 Apr 2026 00:28:27 |
| CVE-2026-7470 json | A flaw has been found in Tenda 4G300 US_4G300V1.0Mt_V1.01.42_CN_TDC01. Affected is the function sub_427C3C of the file /gofor... | Wed, 29 Apr 2026 23:28:26 |
| CVE-2026-7469 json | A vulnerability was detected in Tenda 4G300 US_4G300V1.0Mt_V1.01.42_CN_TDC01. This impacts the function sub_425A28 of the fil... | Wed, 29 Apr 2026 22:28:24 |
| CVE-2026-41940 json | cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthentica... | Wed, 29 Apr 2026 21:28:22 |
| CVE-2026-7468 json | A security vulnerability has been detected in 1024-lab smart-admin up to 3.30.0. This affects an unknown function of the file... | Wed, 29 Apr 2026 21:28:22 |
| CVE-2026-7447 json | A flaw has been found in SourceCodester Pet Grooming Management Software 1.0. This vulnerability affects unknown code of the ... | Wed, 29 Apr 2026 21:28:22 |
| CVE-2025-54236 json | Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Impr... | Wed, 29 Apr 2026 21:13:22 |
| CVE-2026-7446 json | A vulnerability was detected in VetCoders mcp-server-semgrep 1.0.0. This affects the function analyze_results/filter_results/... | Wed, 29 Apr 2026 20:28:21 |
| CVE-2026-7445 json | A security vulnerability has been detected in ZachHandley ZMCPTools up to 0.2.2. Affected by this issue is some unknown funct... | Wed, 29 Apr 2026 20:28:21 |
| CVE-2026-5550 json | A vulnerability was identified in Tenda AC10 16.03.10.10_multi_TDE01. This affects the function fromSysToolChangePwd of the f... | Wed, 29 Apr 2026 19:58:20 |
| CVE-2026-5549 json | A vulnerability was determined in Tenda AC10 16.03.10.10_multi_TDE01. Affected by this issue is some unknown functionality of... | Wed, 29 Apr 2026 19:43:19 |
| CVE-2018-25261 json | Iperius Backup 5.8.1 contains a local buffer overflow vulnerability in the structured exception handling (SEH) mechanism that... | Wed, 29 Apr 2026 19:43:19 |
| CVE-2018-25260 json | MAGIX Music Editor 3.1 contains a buffer overflow vulnerability in the FreeDB Proxy Options dialog that allows local attacker... | Wed, 29 Apr 2026 19:43:19 |
| CVE-2018-25259 json | Terminal Services Manager 3.1 contains a stack-based buffer overflow vulnerability in the computer names field that allows lo... | Wed, 29 Apr 2026 19:43:19 |
| CVE-2026-40910 json | frp is a fast reverse proxy. From 0.43.0 to 0.68.0, frp contains an authentication bypass in the HTTP vhost routing path when... | Wed, 29 Apr 2026 19:28:19 |
| CVE-2026-7443 json | A weakness has been identified in BurtTheCoder mcp-dnstwist up to 1.0.4. Affected by this vulnerability is the function fuzz_... | Wed, 29 Apr 2026 19:28:19 |
| CVE-2026-7426 json | Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6... | Wed, 29 Apr 2026 19:28:19 |
| CVE-2026-7425 json | Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 a... | Wed, 29 Apr 2026 19:28:19 |
| CVE-2026-7424 json | Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network ac... | Wed, 29 Apr 2026 19:28:19 |
| CVE-2026-7420 json | A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. Impacted is the function strcpy of the fil... | Wed, 29 Apr 2026 19:28:19 |
| CVE-2026-7419 json | A vulnerability was identified in UTT HiPER 1250GW up to 3.2.7-210907-180535. This issue affects the function strcpy of the f... | Wed, 29 Apr 2026 19:28:19 |
| CVE-2026-7381 json | Plack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path rewriting. Plack::Middleware:... | Wed, 29 Apr 2026 19:28:19 |
| CVE-2026-6221 json | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | Wed, 29 Apr 2026 19:28:19 |
| CVE-2018-25269 json | ICEWARP 11.0.0.0 contains a cross-site scripting vulnerability that allows attackers to inject malicious HTML elements into e... | Wed, 29 Apr 2026 19:28:19 |
| CVE-2018-25267 json | UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dial... | Wed, 29 Apr 2026 19:28:19 |
| CVE-2026-7054 json | A weakness has been identified in Tenda F456 1.0.0.5. This vulnerability affects the function fromPptpUserAdd of the file /go... | Wed, 29 Apr 2026 18:43:18 |
| CVE-2026-7053 json | A security flaw has been discovered in Tenda F456 1.0.0.5. This affects the function frmL7ProtForm of the file /goform/L7Prot... | Wed, 29 Apr 2026 18:43:18 |
| CVE-2026-7033 json | A vulnerability has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function fromSafeClientFilter of ... | Wed, 29 Apr 2026 18:43:18 |
| CVE-2026-5687 json | A weakness has been identified in Tenda CX12L 16.03.53.12. This issue affects the function fromNatStaticSetting of the file /... | Wed, 29 Apr 2026 18:43:18 |
| CVE-2026-5686 json | A security flaw has been discovered in Tenda CX12L 16.03.53.12. This vulnerability affects the function fromRouteStatic of th... | Wed, 29 Apr 2026 18:43:18 |
| CVE-2026-5685 json | A vulnerability was identified in Tenda CX12L 16.03.53.12. This affects the function fromAddressNat of the file /goform/addre... | Wed, 29 Apr 2026 18:43:17 |
| CVE-2026-7418 json | A vulnerability was determined in UTT HiPER 1250GW up to 3.2.7-210907-180535. This vulnerability affects the function strcpy ... | Wed, 29 Apr 2026 18:28:18 |
| CVE-2026-7417 json | A vulnerability was found in Algovate xhs-mcp 0.8.11. This affects the function xhs_publish_content of the file src/server/mc... | Wed, 29 Apr 2026 18:28:18 |
| CVE-2026-7416 json | A vulnerability was found in PolarVista xcode-mcp-server 1.0.0. This issue affects the function build_project/run_tests of th... | Wed, 29 Apr 2026 18:28:18 |
| CVE-2026-7410 json | A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects unknown code of the... | Wed, 29 Apr 2026 18:28:18 |
| CVE-2026-7409 json | A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function save_user of the file /admin/... | Wed, 29 Apr 2026 18:28:17 |
| CVE-2026-7057 json | A flaw has been found in Tenda F456 1.0.0.5. The affected element is an unknown function of the file /goform/setcfm of the co... | Wed, 29 Apr 2026 18:28:17 |
| CVE-2026-7056 json | A vulnerability was detected in Tenda F456 1.0.0.5. Impacted is the function fromSafeUrlFilter of the file /goform/SafeUrlFil... | Wed, 29 Apr 2026 18:28:17 |
| CVE-2026-7055 json | A security vulnerability has been detected in Tenda F456 1.0.0.5. This issue affects the function fromVirtualSer of the file ... | Wed, 29 Apr 2026 18:28:17 |
| CVE-2025-15610 json | The .NET Remoting framework used by OpenText Fax (RightFax) includes known security vulnerabilities that could be exploited i... | Wed, 29 Apr 2026 18:28:17 |
| CVE-2026-5107 json | A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function process_type2_route of the file bgpd/... | Wed, 29 Apr 2026 18:13:17 |
| CVE-2026-4965 json | A vulnerability was detected in letta-ai letta 0.16.4. This issue affects the function resolve_type of the file letta/functio... | Wed, 29 Apr 2026 18:13:17 |
| CVE-2026-4964 json | A security vulnerability has been detected in letta-ai letta 0.16.4. This vulnerability affects the function _convert_message... | Wed, 29 Apr 2026 18:13:17 |
| CVE-2026-4962 json | A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some unknown functionality in the li... | Wed, 29 Apr 2026 18:13:17 |
| CVE-2026-4566 json | A flaw has been found in Belkin F9K1122 1.00.33. The affected element is the function formWISP5G of the file /goform/formWISP... | Wed, 29 Apr 2026 18:13:17 |