Every CVE whose affected-product data names Cmu Cveclient, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2026-35467 — CVSS 7.5 (high): The stored API keys in temporary browser client is not marked as protected allowing for JavScript console or other errors to allow for…
CVE-2026-35466 — CVSS 6.1 (medium): XSS vulnerability in cveInterface.js allows for inject HTML to be passed to display, as cveInterface trusts input from CVE API services