Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Filter and search through 206,501 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-34832 | No description available | 0.0 | 0 | Neutral | No |
| No |
| CVE-2026-34831 | ## Summary `Rack::Files#fail` sets the `Content-Length` response header using `String#size` instead of `String#bytesize`. When the response body cont... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34830 | ## Summary `Rack::Sendfile#map_accel_path` interpolates the value of the `X-Accel-Mapping` request header directly into a regular expression when rew... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34829 | ## Summary `Rack::Multipart::Parser` only wraps the request body in a `BoundedIO` when `CONTENT_LENGTH` is present. When a `multipart/form-data` requ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34828 | ### Summary A session management vulnerability allows previously issued authenticated sessions to remain valid after sensitive account security change... | 0.0 | 0 | Neutral | Yes | No |
| CVE-2026-34827 | ## Summary `Rack::Multipart::Parser#handle_mime_head` parses quoted multipart parameters such as `Content-Disposition: form-data; name="..."` using r... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34826 | ## Summary `Rack::Utils.get_byte_ranges` parses the HTTP `Range` header without limiting the number of individual byte ranges. Although the existing ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34825 | ## Summary NocoBase <= 2.0.8 `plugin-workflow-sql` substitutes template variables directly into raw SQL strings via `getParsedValue()` without parame... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34823 | Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /manage/password/web/. An authenticated a... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34822 | Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the new_cert_name parameter to /manage/ca/certificate/. An authen... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34821 | Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /manage/vpnauthentication/user/. An authe... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34820 | Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /manage/ipsec/. An authenticated attacker... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34819 | Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the REMARK parameter to /cgi-bin/openvpnclient.cgi. An authentica... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34818 | Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /manage/dnsmasq/localdomains/. An authent... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34817 | Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the ADDRESS BCC parameter to /cgi-bin/smtprouting.cgi. An authent... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34816 | Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the domain parameter to /manage/smtpscan/domainrouting/. An authe... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34815 | Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the DOMAIN parameter to /cgi-bin/smtpdomains.cgi. An authenticate... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34814 | Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the group parameter to /cgi-bin/proxygroup.cgi. An authenticated ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34813 | Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the user parameter to /cgi-bin/proxyuser.cgi. An authenticated at... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34812 | Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the mimetypes parameter to /cgi-bin/proxypolicy.cgi. An authentic... | 0.0 | 0 | Neutral | No | No |