Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Filter and search through 206,431 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-34990 | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local unprivilege... | 0.0 | 0 | Neutral | No |
| Yes |
| CVE-2026-34989 | ## Summary ### **Vulnerability 1: Stored DOM XSS via Profile Name Update (Persistent Payload Injection)** - Stored Cross-Site Scripting via Unsanitize... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34986 | ### Impact Decrypting a JSON Web Encryption (JWE) object will panic if the `alg` field indicates a key wrapping algorithm ([one ending in `KW`](https... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34982 | No description available | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34980 | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, in a network-expose... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34976 | The `restoreTenant` admin mutation is missing from the authorization middleware config (`admin.go:499-522`), making it completely unauthenticated. Unl... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34973 | ### Summary The `searchCustomPages()` method in `phpmyfaq/src/phpMyFAQ/Search.php` uses `real_escape_string()` (via `escape()`) to sanitize the searc... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3497 | Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linu... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34969 | # Refresh Token Leaked via URL Query Parameter in OAuth Provider Callback ## Summary The auth service's OAuth provider callback flow places the refr... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34951 | No description available | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34950 | ### Summary The fix for GHSA-c2ff-88x2-x9pg (CVE-2023-48223) is incomplete. The publicKeyPemMatcher regex in fast-jwt/src/crypto.js uses a ^ anchor t... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34947 | Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-la... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34940 | ## CHAMP: Description ### Summary The `ollamaStartupProbeScript()` function in `internal/modelcontroller/engine_ollama.go` constructs a shell comman... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34932 | hoppscotch is an open source API development ecosystem. Prior to version 2026.3.0, there is a stored XSS vulnerability that can lead to CSRF. This iss... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34931 | hoppscotch is an open source API development ecosystem. Prior to version 2026.3.0, there is an open redirect vulnerability that leads to token exfiltr... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34897 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Lingren Media LIbrary Assistant allows Sto... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34885 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David Lingren Media LIbrary Assistant allows SQL... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34841 | ### **Impact** This is a **supply chain attack** involving compromised versions of the `axios` npm package, which introduced a hidden dependency depl... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34834 | Bulwark Webmail is a self-hosted webmail client for Stalwart Mail Server. Prior to version 1.4.10, the verifyIdentity() function contained logic that ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34833 | Bulwark Webmail is a self-hosted webmail client for Stalwart Mail Server. Prior to version 1.4.10, the GET /api/auth/session endpoint previously inclu... | 0.0 | 0 | Neutral | No | No |