Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Filter and search through 206,371 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-34387 | Fleet is open source device management software. Prior to 4.81.1, a command injection vulnerability in Fleet's software installer pipeline allows an a... | 0.0 | 0 | Neutral | No |
| No |
| CVE-2026-34385 | ### Summary A critical second-order SQL Injection vulnerability in Fleet's Apple MDM profile delivery pipeline could allow an attacker with a valid M... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34380 | No description available | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34379 | No description available | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34378 | No description available | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34377 | --- # CVE-2026-34377: Consensus Failure via Crafted V5 Authorization Data ## Summary A logic error in Zebra's transaction verification cache could a... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34372 | ### Impact A user which has permission for the Sulu Admin via atleast one role could have access to the subentities of contacts via the admin API wit... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34228 | Emlog is an open source website building system. Prior to version 2.6.8, the backend upgrade interface accepts remote SQL and ZIP URLs via GET paramet... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34219 | ## Description ### Summary The Rust libp2p Gossipsub implementation contains a remotely reachable panic in `backoff` expiry handling. After a peer s... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34217 | ## Description A scope modification vulnerability exists in `@nyariv/sandboxjs` version 0.8.35 and below. The vulnerability allows untrusted sandboxe... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34211 | ## Summary The `@nyariv/sandboxjs` parser contains unbounded recursion in the `restOfExp` function and the `lispify`/`lispifyExpr` call chain. An att... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34208 | ### Summary SandboxJS blocks direct assignment to global objects (for example `Math.random = ...`), but this protection can be bypassed through an exp... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34204 | ## Impact _What kind of vulnerability is it? Who is impacted?_ A flaw in `extractMetadataFromMime()` allows any authenticated user with `s3:PutObjec... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34202 | --- # Remote Denial of Service via Crafted V5 Transactions ## Summary A vulnerability in Zebra's transaction processing logic allows a remote, unaut... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34200 | Nhost is an open source Firebase alternative with GraphQL. Prior to version 1.41.0, The Nhost CLI MCP server, when explicitly configured to listen on ... | 0.0 | 0 | Neutral | Yes | No |
| CVE-2026-34172 | ## Summary `ChatWorkflow.chat(message)` passes its string argument directly as a Jinja2 template source to a non-sandboxed `Environment`. A developer... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34148 | No description available | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34124 | A denial-of-service vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTTP request path parsing logic. The implementation enforces l... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34122 | A stack-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within a configuration handling component due to insufficient i... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34121 | An authentication bypass vulnerability within the HTTP handling of the DS configuration service in TP-Link Tapo C520WS v2.6 was identified, due to inc... | 0.0 | 0 | Neutral | No | No |