Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Filter and search through 206,326 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-34601 | ## Summary `@xmldom/xmldom` allows attacker-controlled strings containing the CDATA terminator `]]>` to be inserted into a `CDATASection` node. Durin... | 0.0 | 0 | Neutral | No |
| Yes |
| CVE-2026-34598 | ### Summary A stored and blind XSS vulnerability exists in the form title field. A malicious attacker can inject JavaScript without any authentication... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34595 | Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.70 and 9.7.0-alpha.18, a... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34593 | ## Summary `Ash.Type.Module.cast_input/2` unconditionally creates a new Erlang atom via `Module.concat([value])` for any user-supplied binary string ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34574 | Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.69 and 9.7.0-alpha.14, a... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34573 | Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.68 and 9.7.0-alpha.12, t... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34570 | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3457 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Thales Sentinel LDK Runtime on Windows al... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34545 | OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34544 | OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34543 | OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34532 | Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.67 and 9.7.0-alpha.11, a... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34525 | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, multiple Host headers were allowed in aiohttp... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34520 | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, the C parser (the default for most installs) ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34519 | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an attacker who controls the reason parameter... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34518 | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, when following redirects to a different origi... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34517 | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, for some multipart form fields, aiohttp read ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34516 | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, a response with an excessive number of multip... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34515 | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, on Windows the static resource handler may ex... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34514 | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an attacker who controls the content_type par... | 0.0 | 0 | Neutral | No | No |