CVE.report

CVE.report is the most up-to-date database of common vulnerabilities and exposures. Information is pulled in from several sources and processed in to a mobile friendly, easy to use page. Use the site to quickly check for vulnerabilities in products such as operating systems, applications, hardware, networks, databases, browsers, e-mail clients and more.

CVEs provide a unique and common naming scheme for publicly known cyber security vulnerabilities in order to quickly identify and share these vulnerabilities. You can use the search below to look for vulnerabilities based on product, vendor, or common tags


The form you will see after following this link allows you to fill out the various variables in the CVSS scoring system and receive the corresponding score. The description of each of the variables is also included for additional information.

cve.report now provides a free read-only JSON API for CVE details. Each record combines the CVE Program JSON record, NVD enrichment, KEV, and EPSS when available.

Read the API docs

[rss] [api]
Recent CVEs
Recently updated CVE records
CVE Description Updated
CVE-2026-14129 json Inappropriate implementation in PreviewTab in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who c... Wed, 01 Jul 2026 13:05:08
CVE-2026-14121 json Use after free in Chromoting in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary ... Wed, 01 Jul 2026 13:05:08
CVE-2026-14119 json Type Confusion in Bluetooth in Google Chrome on Windows prior to 150.0.7871.47 allowed an attacker on the local network segme... Wed, 01 Jul 2026 13:05:08
CVE-2026-14117 json Insufficient validation of untrusted input in DevTools in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote at... Wed, 01 Jul 2026 13:05:08
CVE-2026-13781 json Insufficient validation of untrusted input in Skia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had ... Wed, 01 Jul 2026 13:05:07
CVE-2026-13780 json Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had... Wed, 01 Jul 2026 13:05:07
CVE-2026-13779 json Use after free in Chromoting in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a remote attacker to execute arbitra... Wed, 01 Jul 2026 13:05:07
CVE-2026-13778 json Use after free in WebUSB in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code vi... Wed, 01 Jul 2026 13:05:07
CVE-2026-14063 json Out of bounds read in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensi... Wed, 01 Jul 2026 12:50:07
CVE-2026-14061 json Inappropriate implementation in Dawn in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially ... Wed, 01 Jul 2026 12:50:07
CVE-2026-14059 json Insufficient policy enforcement in Related-Website-Sets in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to ... Wed, 01 Jul 2026 12:50:07
CVE-2026-13783 json Use after free in Views in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in s... Wed, 01 Jul 2026 12:50:07
CVE-2026-13782 json Use after free in Browser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer ... Wed, 01 Jul 2026 12:50:07
CVE-2026-14076 json Insufficient policy enforcement in Network in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass conten... Wed, 01 Jul 2026 12:35:07
CVE-2026-14073 json Insufficient validation of untrusted input in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypa... Wed, 01 Jul 2026 12:35:07
CVE-2026-14071 json Side-channel information leakage in WebAudio in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-... Wed, 01 Jul 2026 12:35:07
CVE-2026-14070 json Integer overflow in WebNN in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive i... Wed, 01 Jul 2026 12:35:07
CVE-2026-14069 json Integer overflow in WebNN in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive i... Wed, 01 Jul 2026 12:35:06
CVE-2026-14068 json Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convince... Wed, 01 Jul 2026 12:35:06
CVE-2026-14067 json Use after free in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to execute arbitrar... Wed, 01 Jul 2026 12:35:06
CVE-2026-14066 json Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote ... Wed, 01 Jul 2026 12:35:06
CVE-2026-14065 json Insufficient validation of untrusted input in PageInfo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who ... Wed, 01 Jul 2026 12:35:06
CVE-2026-58127 json PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 via PacsgearMediaServerEngine.dll, registered wit... Wed, 01 Jul 2026 12:20:15
CVE-2026-58126 json PACSgear PACS Scan 5.2.1 contains an unauthenticated remote code execution vulnerability that allows remote attackers to read... Wed, 01 Jul 2026 12:20:15
CVE-2026-58038 json Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Founda... Wed, 01 Jul 2026 12:20:15
CVE-2026-58037 json Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Founda... Wed, 01 Jul 2026 12:20:15
CVE-2026-8857 json A vulnerability in Wikimedia Foundation timeline. This vulnerability is associated with program files scripts/EasyTimeline.... Wed, 01 Jul 2026 12:20:15
CVE-2026-8480 json A vulnerability was discovered on Stormshield Network Security 4.3.0  to 4.3.41 (included), 4.4.0 to 4.8.15 (included) , 5.0... Wed, 01 Jul 2026 12:20:15
CVE-2026-58036 json Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerabil... Wed, 01 Jul 2026 12:20:14
CVE-2026-58033 json Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerabil... Wed, 01 Jul 2026 12:20:14
CVE-2026-58032 json Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Founda... Wed, 01 Jul 2026 12:20:14
CVE-2026-58030 json Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Founda... Wed, 01 Jul 2026 12:20:14
CVE-2026-58029 json Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiChange... Wed, 01 Jul 2026 12:20:14
CVE-2026-58028 json Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Founda... Wed, 01 Jul 2026 12:20:14
CVE-2026-58027 json Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation AbuseFilter. This vulnerab... Wed, 01 Jul 2026 12:20:14
CVE-2026-58026 json Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerabil... Wed, 01 Jul 2026 12:20:14
CVE-2026-58025 json Deserialization of untrusted data vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with pr... Wed, 01 Jul 2026 12:20:14
CVE-2026-58024 json Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerabil... Wed, 01 Jul 2026 12:20:14
CVE-2026-57517 json Control Web Panel before 0.9.8.1225 contains a blind SQL injection vulnerability that allows unauthenticated remote attackers... Wed, 01 Jul 2026 12:20:14
CVE-2026-24270 json NVIDIA AIStore framework contains a vulnerability where an attacker could bypass authentication. A successful exploit of this... Wed, 01 Jul 2026 12:20:14
CVE-2026-24266 json NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause a use-after-free issue. A succe... Wed, 01 Jul 2026 12:20:14
CVE-2026-24264 json NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause improper handling of highly com... Wed, 01 Jul 2026 12:20:14
CVE-2026-24260 json NVIDIA Container Toolkit for Linux contains a vulnerability where an attacker could cause a time-of-check time-of-use race co... Wed, 01 Jul 2026 12:20:14
CVE-2026-24251 json NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically manag... Wed, 01 Jul 2026 12:20:14
CVE-2026-24250 json NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper validation of allowed inputs... Wed, 01 Jul 2026 12:20:14
CVE-2026-24249 json NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A ... Wed, 01 Jul 2026 12:20:14
CVE-2026-24248 json NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of code generation. ... Wed, 01 Jul 2026 12:20:14
CVE-2026-24247 json NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A ... Wed, 01 Jul 2026 12:20:14
CVE-2026-24246 json NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically manag... Wed, 01 Jul 2026 12:20:14
CVE-2026-24245 json NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A ... Wed, 01 Jul 2026 12:20:14
CVE-2026-24244 json NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A ... Wed, 01 Jul 2026 12:20:14
CVE-2026-24243 json NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A ... Wed, 01 Jul 2026 12:20:14
CVE-2026-24242 json NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause server-side request forgery. A succes... Wed, 01 Jul 2026 12:20:14
CVE-2026-24240 json NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A ... Wed, 01 Jul 2026 12:20:14
CVE-2026-13707 json Session fixation vulnerability in Wikimedia Foundation OAuth. This vulnerability is associated with program files src/Backe... Wed, 01 Jul 2026 12:20:14
CVE-2026-13706 json Improper input validation vulnerability in Wikimedia Foundation UrlShortener. This vulnerability is associated with program... Wed, 01 Jul 2026 12:20:14
CVE-2025-23351 json NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function (VF) ... Wed, 01 Jul 2026 12:20:14
CVE-2025-23350 json NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function (VF) ... Wed, 01 Jul 2026 12:20:14
CVE-2026-58035 json Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Founda... Wed, 01 Jul 2026 12:20:13
CVE-2026-58034 json Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Founda... Wed, 01 Jul 2026 12:20:13
CVE-2026-58031 json Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Founda... Wed, 01 Jul 2026 12:20:13
CVE-2026-12374 json Improper certificate validation and a time-of-check time-of-use (TOCTOU) race condition in the PrivilegedHelperTool XPC servi... Wed, 01 Jul 2026 12:20:13
CVE-2026-6688 json FatFs R0.16 and earlier contains a downstream-caller vulnerability pattern associated with FatFs long filename handling. With... Wed, 01 Jul 2026 12:20:13
CVE-2026-6687 json FatFs R0.16 and earlier contains a stack overflow bug in f_getlabel() because exFAT label length (XDIR_NumLabel) is trusted w... Wed, 01 Jul 2026 12:20:13
CVE-2026-6686 json FatFs R0.16 and earlier contains an uninitialized cluster exposure when f_lseek() extends files beyond EOF without zero-filli... Wed, 01 Jul 2026 12:20:13
CVE-2026-6684 json FatFs prior to R0.16 that use GPT scanning with 'FF_LBA64 = 1' contains an issue where an unbounded loop count derived from G... Wed, 01 Jul 2026 12:20:13
CVE-2026-6683 json FatFs R0.16 and earlier contains a divide-by-zero in exFAT sync logic bug when crafted metadata causes n_fatent - 2 to be zer... Wed, 01 Jul 2026 12:20:13
CVE-2026-6682 json In FatFS R0.16 and earlier contains a FAT32 integer overflow bug in mount_volume() where fasize *= fs->n_fats can wrap, leadi... Wed, 01 Jul 2026 12:20:13
CVE-2026-6283 json Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in DivvyDrive Information ... Wed, 01 Jul 2026 12:20:13
CVE-2026-5220 json Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in DivvyDrive Information ... Wed, 01 Jul 2026 12:20:13
CVE-2026-5142 json A flaw was found in foreman. Authenticated users with 'view_keypairs' permission can bypass taxonomy scoping, allowing them t... Wed, 01 Jul 2026 12:20:13
CVE-2026-5138 json A flaw was found in Foreman. An authenticated user with host-edit permissions could exploit a cross-tenant information disclo... Wed, 01 Jul 2026 12:20:13
CVE-2026-5136 json A flaw was found in Foreman. The Usergroup model in Foreman does not properly validate role assignments against the calling u... Wed, 01 Jul 2026 12:20:13
CVE-2026-5135 json A flaw was found in Foreman. This broken access control vulnerability allows an authenticated user with host-edit permissions... Wed, 01 Jul 2026 12:20:13
CVE-2026-2891 json The following Poly Voice IP devices, CCX, Trio, and Edge E, might be inoperable if they connect to a malicious SIP server and... Wed, 01 Jul 2026 12:20:13
CVE-2025-15646 json HTML::Gumbo versions before 0.19 for Perl disclose heap memory via type confusion. Support for the <template> element was ad... Wed, 01 Jul 2026 12:20:13
CVE-2026-57962 json A malicious LDAP server, which a Thunderbird user is configured to query for address-book autocomplete, can stash arbitrarily... Wed, 01 Jul 2026 12:20:12
CVE-2026-56700 json Grav CMS before 2.0.0-beta.2 contains multiple code-execution vulnerabilities. Three unsafe unserialize() calls - in Schedule... Wed, 01 Jul 2026 12:20:12
CVE-2026-56399 json Open WebUI before 0.6.27 contains a server-side request forgery vulnerability in the /api/v1/retrieval/process/web endpoint t... Wed, 01 Jul 2026 12:20:12
CVE-2026-56377 json ImageMagick before 7.1.2-24 contains an incorrect policy check that allows attackers to create or truncate files disallowed b... Wed, 01 Jul 2026 12:20:12
CVE-2026-56369 json ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CT... Wed, 01 Jul 2026 12:20:12
CVE-2026-56363 json ImageMagick before 7.1.2-22 contains a division by zero vulnerability in binomial kernel processing that allows attackers to ... Wed, 01 Jul 2026 12:20:12
CVE-2026-56361 json ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of-bounds heap buffer reads. A... Wed, 01 Jul 2026 12:20:12
CVE-2026-56350 json n8n before 2.8.0 contains an authentication bypass vulnerability allowing authenticated SSO users to disable SSO enforcement ... Wed, 01 Jul 2026 12:20:12
CVE-2026-56331 json Capgo before 12.128.2 contains improper error handling in the /private/accept_invitation endpoint that returns HTTP 500 inste... Wed, 01 Jul 2026 12:20:12
CVE-2026-56328 json Capgo before 12.128.2 allows multiple public channels for the same app and platform to coexist simultaneously, while unnamed ... Wed, 01 Jul 2026 12:20:12
CVE-2026-56320 json Capgo before 12.128.2 contains an authorization flaw in POST /private/create_device that accepts a caller-supplied org_id par... Wed, 01 Jul 2026 12:20:12
CVE-2026-56286 json Capgo before 12.128.2 contains an authentication bypass vulnerability in the account deletion endpoint that allows deletion w... Wed, 01 Jul 2026 12:20:12
CVE-2026-56278 json Flowise before 3.1.0 (affected versions 3.0.13 and earlier) uses a weak hardcoded default secret ('flowise') for the express-... Wed, 01 Jul 2026 12:20:12
CVE-2026-56264 json Crawl4AI before 0.8.7 contains an arbitrary JavaScript execution vulnerability in the Docker API server's /execute_js endpoin... Wed, 01 Jul 2026 12:20:12
CVE-2026-56233 json Capgo before 12.128.2 contains a path traversal vulnerability in the builder upload proxy that allows authenticated users wit... Wed, 01 Jul 2026 12:20:12
CVE-2026-56230 json Capgo before 12.128.2 contains a broken object level authorization vulnerability in middlewareKey() that accepts the client-c... Wed, 01 Jul 2026 12:20:12
CVE-2026-56219 json Capgo before 12.128.2 contains a NULL-auth bypass vulnerability in the public.get_org_user_access_rbac function that allows u... Wed, 01 Jul 2026 12:20:12
CVE-2026-52197 json An issue in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_... Wed, 01 Jul 2026 12:20:12
CVE-2026-52195 json Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of servic... Wed, 01 Jul 2026 12:20:12
CVE-2026-14151 json Inappropriate implementation in AI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the ... Wed, 01 Jul 2026 12:20:12
CVE-2026-14150 json Insufficient validation of untrusted input in Speech in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who ha... Wed, 01 Jul 2026 12:20:12
CVE-2026-14143 json Incorrect security UI in Passwords in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spo... Wed, 01 Jul 2026 12:20:12
CVE-2026-14142 json Inappropriate implementation in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromi... Wed, 01 Jul 2026 12:20:12
CVE-2026-14141 json Incorrect security UI in Document Picture-in-Picture in Google Chrome on Android prior to 150.0.7871.47 allowed a remote atta... Wed, 01 Jul 2026 12:20:12
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report