Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (11502 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-7399 1 Meware Software Development 1 Pdks 2026-06-06 8.1 High
Authorization bypass through User-Controlled key vulnerability in MeWare Software Development Inc. PDKS allows Privilege Abuse. This issue affects PDKS: from V16.20200313 before VMYR_3.5.2025117.
CVE-2025-0606 1 Logo Software 1 Logo Cloud 2026-06-06 6 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Logo Software Inc. Logo Cloud allows Forceful Browsing, Resource Leak Exposure. This issue affects Logo Cloud: before 0.67.
CVE-2025-0608 1 Logo Software 1 Logo Cloud 2026-06-06 5.5 Medium
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Logo Software Inc. Logo Cloud allows Phishing, Forceful Browsing. This issue affects Logo Cloud: before 2025.R6.
CVE-2025-0640 1 Akinsoft 1 Octocloud 2026-06-06 4.7 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Akinsoft OctoCloud allows Resource Leak Exposure. This issue affects OctoCloud: from s1.09.02 before v1.11.01.
CVE-2025-0642 1 Poscube 1 Assist 2026-06-06 6.3 Medium
Use of Hard-coded Credentials, Authorization Bypass Through User-Controlled Key vulnerability in PosCube Hardware Software and Consulting Ltd. Co. Assist allows Excavation, Authentication Bypass. This issue affects Assist: through 10.02.2025.
CVE-2025-0670 1 Akinsoft 1 Prokuafor 2026-06-06 4.7 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Akinsoft ProKuafor allows Resource Leak Exposure. This issue affects ProKuafor: from s1.02.07 before v1.02.08.
CVE-2025-0875 2026-06-06 6.5 Medium
Authorization Bypass Through User-Controlled Key vulnerability in PROLIZ Computer Software Hardware Service Trade Ltd. Co. OBS (Student Affairs Information System) allows Parameter Injection. This issue affects OBS (Student Affairs Information System): before v26.0328.
CVE-2025-0987 1 Cb Project 1 Cvland 2026-06-06 9.9 Critical
Authorization Bypass Through User-Controlled Key vulnerability in CB Project Ltd. Co. CVLand allows Parameter Injection. This issue affects CVLand: from 2.1.0 through 20251103. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-1031 1 Utarit 1 Soliclub 2026-06-06 7.5 High
Authorization Bypass Through User-Controlled Key vulnerability in Utarit Informatics Services Inc. SoliClub allows Functionality Misuse. This issue affects SoliClub: from 5.2.4 before 5.3.7.
CVE-2025-1161 1 Nomysost 1 Nomysem 2026-06-06 7.1 High
Incorrect Use of Privileged APIs vulnerability in NomySoft Information Technology Training and Consulting Inc. Nomysem allows Privilege Escalation. This issue affects Nomysem: through May 2025.
CVE-2025-1269 2026-06-06 4.8 Medium
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in HAVELSAN Liman MYS allows Cross-Site Flashing. This issue affects Liman MYS: before 2.1.1 - 1010.
CVE-2025-1469 2026-06-06 7.5 High
Authorization Bypass Through User-Controlled Key vulnerability in Turtek Software Eyotek allows Exploitation of Trusted Identifiers. This issue affects Eyotek: before 11.03.2025.
CVE-2025-1885 1 Restajet 1 Online Food Delivery System 2026-06-06 5.4 Medium
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows Phishing, Forceful Browsing. This issue affects Online Food Delivery System: through 19122025. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-2301 2026-06-06 4.4 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Akbim Software Online Exam Registration allows Exploitation of Trusted Identifiers. This issue affects Online Exam Registration: before 14.03.2025.
CVE-2025-2311 2026-06-06 9 Critical
Incorrect Use of Privileged APIs, Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulnerability in Sechard Information Technologies SecHard allows Authentication Bypass, Interface Manipulation, Authentication Abuse, Harvesting Information via API Event Monitoring. This issue affects SecHard: before 3.3.0.20220411.
CVE-2026-11206 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2026-06-06 6.5 Medium
Insufficient policy enforcement in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11184 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2026-06-06 6.3 Medium
Insufficient policy enforcement in Actor in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11282 1 Google 1 Chrome 2026-06-06 9.6 Critical
Insufficient policy enforcement in Sandbox in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11288 1 Google 1 Chrome 2026-06-05 6.5 Medium
Insufficient policy enforcement in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11292 1 Google 1 Chrome 2026-06-05 4.3 Medium
Insufficient policy enforcement in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)