CVE.report
CVE.report is the most up-to-date database of common vulnerabilities and exposures. Information is pulled in from several sources and processed in to a mobile friendly, easy to use page. Use the site to quickly check for vulnerabilities in products such as operating systems, applications, hardware, networks, databases, browsers, e-mail clients and more.
CVEs provide a unique and common naming scheme for publicly known cyber security vulnerabilities in order to quickly identify and share these vulnerabilities. You can use the search below to look for vulnerabilities based on product, vendor, or common tags
The form you will see after following this link allows you to fill out the various variables in the CVSS scoring system and receive the corresponding score. The description of each of the variables is also included for additional information.
cve.report now provides a free read-only JSON API for CVE details. Each record combines the CVE Program JSON record, NVD enrichment, KEV, and EPSS when available.
Recent CVEs
| CVE | Description | Updated |
|---|---|---|
| CVE-2026-45312 json | RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In 0.24.0 and earlier, a Jinja2 template injection in ... | Mon, 01 Jun 2026 22:20:22 |
| CVE-2026-45043 json | RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, improper validation in the PUT /rustfs/ad... | Mon, 01 Jun 2026 22:20:22 |
| CVE-2026-10559 json | A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is an unknown function of the file... | Mon, 01 Jun 2026 22:20:22 |
| CVE-2026-10558 json | A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is an unknown function of the file /adm... | Mon, 01 Jun 2026 22:20:22 |
| CVE-2026-10550 json | A weakness has been identified in elunez eladmin up to 2.7. This vulnerability affects unknown code of the file App.java of t... | Mon, 01 Jun 2026 22:20:22 |
| CVE-2026-10548 json | A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.23. This affects the function _sync_anthropic_e... | Mon, 01 Jun 2026 22:20:22 |
| CVE-2026-10529 json | A weakness has been identified in westboy CicadasCMS up to 2431154dac8d0735e04f1fd2a3c3556668fc8dab. Impacted is an unknown f... | Mon, 01 Jun 2026 22:20:22 |
| CVE-2026-9149 json | A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted `.sol... | Mon, 01 Jun 2026 21:35:21 |
| CVE-2026-2734 json | In mlflow/mlflow versions up to 3.9.0, the `SearchModelVersions` REST API endpoint and the `mlflowSearchModelVersions` GraphQ... | Mon, 01 Jun 2026 21:20:20 |
| CVE-2026-42184 json | Tauri is a framework for building binaries for all major desktop platforms. From 2.0 to 2.11.0, a flaw in Tauri's is_local_ur... | Mon, 01 Jun 2026 21:05:20 |
| CVE-2026-28764 json | MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerability | Mon, 01 Jun 2026 21:05:20 |
| CVE-2026-24425 json | Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that ... | Mon, 01 Jun 2026 21:05:20 |
| CVE-2026-9617 json | PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a table and placin... | Mon, 01 Jun 2026 20:50:20 |
| CVE-2026-48545 json | Gradio before version 6.15.0 contains a cookie injection vulnerability that allows remote attackers to perform cross-Space se... | Mon, 01 Jun 2026 20:35:19 |
| CVE-2026-10528 json | A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11. This issue affects the function DcmItem::read of t... | Mon, 01 Jun 2026 20:20:20 |
| CVE-2026-10514 json | A vulnerability has been found in 1Panel-dev CordysCRM up to 1.6.2. This affects an unknown function of the file backend/fram... | Mon, 01 Jun 2026 20:20:20 |
| CVE-2026-10302 json | A flaw has been found in itsourcecode Fees Management System 1.0. The impacted element is an unknown function of the file /ma... | Mon, 01 Jun 2026 20:20:20 |
| CVE-2026-10301 json | A vulnerability was detected in itsourcecode Fees Management System 1.0. The affected element is an unknown function of the f... | Mon, 01 Jun 2026 20:20:20 |
| CVE-2026-9050 json | The Slider Revolution plugin for WordPress in versions 6.0.0-6.7.55 and 7.0.0-7.0.14 is vulnerable to unauthorized modificati... | Mon, 01 Jun 2026 20:20:20 |
| CVE-2026-9048 json | The Slider Revolution plugin for WordPress is vulnerable to Sensitive Information Exposure in versions 7.0.0 - 7.0.14, via th... | Mon, 01 Jun 2026 20:20:20 |
| CVE-2026-0089 json | In multiple functions of PackageInstallerService.java, there is a possible way to install unverified apps due to a missing pe... | Mon, 01 Jun 2026 20:20:20 |
| CVE-2026-0085 json | In applySimpleFieldMaxSize of DataRowHandler.java, there is a possible way to insert a large contact name due to improper inp... | Mon, 01 Jun 2026 20:20:20 |
| CVE-2026-0080 json | In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a crash due to an integer overflow. Thi... | Mon, 01 Jun 2026 20:20:20 |
| CVE-2026-0079 json | In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to an integer overf... | Mon, 01 Jun 2026 20:20:20 |
| CVE-2026-0074 json | In getPreferredSize of LauncherProcessImageListener.kt, there is a possible denial of service due to resource exhaustion. Th... | Mon, 01 Jun 2026 20:20:20 |
| CVE-2026-0070 json | In multiple functions of DevicePolicyManagerService.java, there is a possible way to hide a system critical package due to im... | Mon, 01 Jun 2026 20:20:20 |
| CVE-2026-0069 json | In verifySignature of ApkChecksums.java, there is a possible way to cause a crash due to resource exhaustion. This could lead... | Mon, 01 Jun 2026 20:20:20 |
| CVE-2026-0067 json | In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a permanent denial of service due to a ... | Mon, 01 Jun 2026 20:20:20 |
| CVE-2026-0060 json | In updateState of GraphicsDriverEnableAngleAsSystemDriverController.java, there is a possible persistent dos issue due to an ... | Mon, 01 Jun 2026 20:20:20 |
| CVE-2026-0059 json | In multiple functions of sdp_discovery.cc, there is a possible way to achieve code execution due to a heap buffer overflow. T... | Mon, 01 Jun 2026 20:20:20 |
| CVE-2026-0056 json | In setTo of ResourceTypes.cpp, there is a possible read out of bounds due to an incorrect bounds check. This could lead to lo... | Mon, 01 Jun 2026 20:20:20 |
| CVE-2026-0052 json | In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a crash due to an integer overflow. Thi... | Mon, 01 Jun 2026 20:20:20 |
| CVE-2026-0051 json | In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a system crash due to improper input va... | Mon, 01 Jun 2026 20:20:19 |
| CVE-2026-0050 json | In handleBondStateChanged of AdapterService.java, there is a possible sensitive information disclosure due to a permissions b... | Mon, 01 Jun 2026 20:20:19 |
| CVE-2026-0044 json | In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause the system to crash due to an integer o... | Mon, 01 Jun 2026 20:20:19 |
| CVE-2026-0043 json | In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to an integer overf... | Mon, 01 Jun 2026 20:20:19 |
| CVE-2026-0042 json | In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to resource exhaust... | Mon, 01 Jun 2026 20:20:19 |
| CVE-2026-0041 json | In multiple functions of ubsan_throwing_runtime.cpp, there is a possible UBSan failure due to an integer overflow. This could... | Mon, 01 Jun 2026 20:20:19 |
| CVE-2026-0040 json | In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a crash due to an integer overflow. Thi... | Mon, 01 Jun 2026 20:20:19 |
| CVE-2026-0039 json | In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to an integer overf... | Mon, 01 Jun 2026 20:20:19 |
| CVE-2026-0018 json | In multiple functions of AccessibilityManagerService.java, there is a possible persistent denial of service due to improper i... | Mon, 01 Jun 2026 20:20:19 |
| CVE-2026-0016 json | In updateProvidersWhenServiceRemoved of CredentialManagerService.java, there is a possible way to override settings across us... | Mon, 01 Jun 2026 20:20:19 |
| CVE-2025-60495 json | A segmentation violation in the gf_media_get_color_info function (/media_tools/isom_tools.c) of GPAC Project/MP4Box before 26... | Mon, 01 Jun 2026 20:20:19 |
| CVE-2025-60486 json | A heap use-after-free in the dasher_process function (/filters/dasher.c) of GPAC Project/MP4Box before 26.02.0 allows attacke... | Mon, 01 Jun 2026 20:20:19 |
| CVE-2025-60485 json | A segmentation violation in the gf_isom_apple_set_tag_ex function (/isomedia/isom_write.c) of GPAC Project/MP4Box before 26.0... | Mon, 01 Jun 2026 20:20:19 |
| CVE-2025-60483 json | A NULL pointer dereference in the gf_ac4_pres_b_4_back_channels_present function (/media_tools/av_parsers.c) of GPAC Project/... | Mon, 01 Jun 2026 20:20:19 |
| CVE-2025-60481 json | A NULL pointer dereference in the gf_odf_ac4_cfg_dsi_v1 function (/odf/descriptors.c) of GPAC Project/MP4Box before 26.02.0 a... | Mon, 01 Jun 2026 20:20:19 |
| CVE-2025-55664 json | A heap buffer overflow in the m2tsdmx_send_packet function (filters/dmx_m2ts.c) of GPAC MP4Box v2.4 allows attackers to cause... | Mon, 01 Jun 2026 20:20:19 |
| CVE-2025-48648 json | In isSameApp of NotificationManagerService.java, there is a possible persistent dos due to resource exhaustion. This could le... | Mon, 01 Jun 2026 20:20:19 |
| CVE-2025-48616 json | In multiple functions of KeyguardViewMediator.java , there is a possible way to bypass lockdown mode with screen pinning due ... | Mon, 01 Jun 2026 20:20:19 |
| CVE-2026-28511 json | eLabFTW is an open source electronic lab notebook. Prior to version 5.4.2, in certain cases, an authenticated user performing... | Mon, 01 Jun 2026 19:20:20 |
| CVE-2026-25879 json | Langroid is a framework for building large-language-model-powered applications. Prior to version 0.63.0, SQLChatAgent execute... | Mon, 01 Jun 2026 19:20:20 |
| CVE-2026-25277 json | Memory corruption while using Strongbox due to buffer overflow. | Mon, 01 Jun 2026 19:20:20 |
| CVE-2026-25276 json | Memory corruption while using Strongbox due to missing bounds check. | Mon, 01 Jun 2026 19:20:20 |
| CVE-2026-25260 json | Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications. | Mon, 01 Jun 2026 19:20:20 |
| CVE-2026-25259 json | Memory corruption while processing multiple IOCTL command for escape operations. | Mon, 01 Jun 2026 19:20:20 |
| CVE-2026-25258 json | Memory corruption while processing IOCTL calls for escape operations. | Mon, 01 Jun 2026 19:20:20 |
| CVE-2026-24782 json | Kiteworks is a private data network (PDN). Prior to version 9.3.0,ultiple SQL Injection vulnerabilities in Kiteworks Secure D... | Mon, 01 Jun 2026 19:20:20 |
| CVE-2026-24761 json | Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability i... | Mon, 01 Jun 2026 19:20:20 |
| CVE-2026-24756 json | Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability i... | Mon, 01 Jun 2026 19:20:19 |
| CVE-2026-24755 json | Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability i... | Mon, 01 Jun 2026 19:20:19 |
| CVE-2026-24754 json | Kiteworks is a private data network (PDN). Prior to version 9.3.0, a stored XSS vulnerability in Kiteworks Secure Data Forms ... | Mon, 01 Jun 2026 19:20:19 |
| CVE-2026-24753 json | Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability i... | Mon, 01 Jun 2026 19:20:19 |
| CVE-2026-24752 json | Kiteworks is a private data network (PDN). Prior to version 9.3.0, a reflected XSS vulnerability in Kiteworks Secure Data For... | Mon, 01 Jun 2026 19:20:19 |
| CVE-2026-24092 json | Memory Corruption when processing fastboot commands to set display mode. | Mon, 01 Jun 2026 19:20:19 |
| CVE-2026-24091 json | Memory corruption while processing fastboot commands with improperly formatted input. | Mon, 01 Jun 2026 19:20:19 |
| CVE-2026-24090 json | Cryptographic issue while processing partition table entries allows unauthorized modification of boot flow. | Mon, 01 Jun 2026 19:20:19 |
| CVE-2026-24089 json | Memory corruption while processing fastboot commands with invalid input. | Mon, 01 Jun 2026 19:20:19 |
| CVE-2026-24088 json | Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloa... | Mon, 01 Jun 2026 19:20:19 |
| CVE-2026-24087 json | Memory corruption while processing fastboot OEM commands. | Mon, 01 Jun 2026 19:20:19 |
| CVE-2026-24085 json | Memory Corruption when processing display command line information due to improper initialization of a variable. | Mon, 01 Jun 2026 19:20:19 |
| CVE-2026-10300 json | A security vulnerability has been detected in SGLang 0.5.10.post1. Impacted is an unknown function of the file python/sglang/... | Mon, 01 Jun 2026 19:20:19 |
| CVE-2026-10299 json | A weakness has been identified in code-projects Online Hospital Management System 1.0. This issue affects some unknown proces... | Mon, 01 Jun 2026 19:20:19 |
| CVE-2026-10298 json | A security flaw has been discovered in ggml-org whisper.cpp up to 1.8.2. This vulnerability affects the function whisper_mode... | Mon, 01 Jun 2026 19:20:19 |
| CVE-2026-10297 json | A vulnerability was identified in itsourcecode Fees Management System 1.0. This affects an unknown part of the file /manage_c... | Mon, 01 Jun 2026 19:20:19 |
| CVE-2026-10296 json | A vulnerability was determined in itsourcecode Fees Management System 1.0. Affected by this issue is some unknown functionali... | Mon, 01 Jun 2026 19:20:19 |
| CVE-2026-10295 json | A vulnerability was found in SourceCodester Customer Review App 1.0. Affected by this vulnerability is the function add_revie... | Mon, 01 Jun 2026 19:20:19 |
| CVE-2025-59614 json | Memory Corruption when sending random number generator command with insufficient output buffer size. | Mon, 01 Jun 2026 19:20:19 |
| CVE-2025-59613 json | Memory Corruption when output buffer size is smaller than input buffer size during data copying operation. | Mon, 01 Jun 2026 19:20:19 |
| CVE-2025-59612 json | Memory corruption in windows drivers while sending incorrect trusted application request | Mon, 01 Jun 2026 19:20:19 |
| CVE-2025-59611 json | Memory corruption in diagnostic services due to absence of input validation | Mon, 01 Jun 2026 19:20:19 |
| CVE-2025-59610 json | Memory Corruption when processing IOCTL requests with mismatched API versions due to concurrent modification of user-space bu... | Mon, 01 Jun 2026 19:20:19 |
| CVE-2026-28586 json | In multiple functions of AppOpsService.java, there is a possible missing permission check due to a permissions bypass. This c... | Mon, 01 Jun 2026 19:20:18 |
| CVE-2026-28581 json | In fixInitiatingUserIfNecessary of CallIntentProcessor.java, there is a possible way to make an emergency call due to a logic... | Mon, 01 Jun 2026 19:20:18 |
| CVE-2026-28580 json | In multiple functions, there is a possible desync in persistence due to an incorrect bounds check. This could lead to local e... | Mon, 01 Jun 2026 19:20:18 |
| CVE-2026-28578 json | In multiple functions of DevicePolicyManagerService.java, there is a possible desync from persistence due to improper input v... | Mon, 01 Jun 2026 19:20:18 |
| CVE-2026-28577 json | In addWindow of WindowManagerService.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This coul... | Mon, 01 Jun 2026 19:20:18 |
| CVE-2026-0100 json | In Load of LoadedArsc.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local es... | Mon, 01 Jun 2026 19:20:18 |
| CVE-2026-0099 json | In onNullBinding of HostEmulationManager.java, there is a possible way to launch an activity from the background due to a log... | Mon, 01 Jun 2026 19:20:18 |
| CVE-2026-0098 json | In getCallingPackageName of Shared.java, there is a possible way to bypass activity start restrictions due to a confused depu... | Mon, 01 Jun 2026 19:20:18 |
| CVE-2026-0097 json | In multiple locations, there is a possible way to bypass user interaction when pairing an LE device due to a logic error. Thi... | Mon, 01 Jun 2026 19:20:18 |
| CVE-2026-0096 json | In getAppLabel of ForgetDeviceDialogFragment.java, there is a possible trick the user into forgetting a device due to mislead... | Mon, 01 Jun 2026 19:20:18 |
| CVE-2026-0095 json | In l2c_fcr_clone_buf of l2c_fcr.cc, there is a possible way to trigger controlled heap corruption within the privileged Bluet... | Mon, 01 Jun 2026 19:20:18 |
| CVE-2026-0094 json | In getApplicationLabel of KeyChainActivity.java, there is a possible way to trick the user into approving access to certifica... | Mon, 01 Jun 2026 19:20:18 |
| CVE-2026-0093 json | In multiple locations, there is a possible misleading UI due to obfuscation. This could lead to local escalation of privilege... | Mon, 01 Jun 2026 19:20:18 |
| CVE-2026-0091 json | In multiple locations, there is a possible way to execute code in the launcher process due to an over-privileged shell user. ... | Mon, 01 Jun 2026 19:20:18 |
| CVE-2025-59609 json | Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length. | Mon, 01 Jun 2026 19:20:18 |
| CVE-2025-59606 json | Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initializa... | Mon, 01 Jun 2026 19:20:18 |
| CVE-2025-59605 json | Memory Corruption when processing device identifier strings that exceed the expected maximum length. | Mon, 01 Jun 2026 19:20:18 |
| CVE-2025-59604 json | Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer. | Mon, 01 Jun 2026 19:20:18 |