Cveclient CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-35466	2 Cert/cc, Cmu	2 Cveclient/cveinterface.js, Cveclient	2026-06-03	6.1 Medium
XSS vulnerability in cveInterface.js allows for inject HTML to be passed to display, as cveInterface trusts input from CVE API services
CVE-2026-35467	2 Cert/cc, Cmu	2 Cveclient/encrypt-storage.js, Cveclient	2026-06-03	7.5 High
The stored API keys in temporary browser client is not marked as protected allowing for JavScript console or other errors to allow for extraction of the encryption credentials.

Page 1 of 1.