Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Filter and search through 206,376 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-35036 | ### Summary Ech0 implements **link preview** (editor fetches a page title) through **`GET /api/website/title`**. That is **legitimate product behavio... | 0.0 | 0 | Neutral | No |
| Yes |
| CVE-2026-35030 | ### Impact When JWT authentication is enabled (`enable_jwt_auth: true`), the OIDC userinfo cache uses `token[:20]` as the cache key. JWT headers pro... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3503 | Protection mechanism failure in wolfCrypt post-quantum implementations (ML-KEM and ML-DSA) in wolfSSL on ARM Cortex-M microcontrollers allows a physic... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-35029 | ### Impact The `/config/update endpoint` does not enforce admin role authorization. A user who is already authenticated into the platform can then us... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-35002 | Agno versions prior to 2.3.24 contain an arbitrary code execution vulnerability in the model execution component that allows attackers to execute arbi... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34992 | ### Impact This is a missing encryption vulnerability (CWE-311) affecting inter-Node Pod traffic. In Antrea clusters configured for dual-stack network... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34990 | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local unprivilege... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34989 | ## Summary ### **Vulnerability 1: Stored DOM XSS via Profile Name Update (Persistent Payload Injection)** - Stored Cross-Site Scripting via Unsanitize... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34986 | ### Impact Decrypting a JSON Web Encryption (JWE) object will panic if the `alg` field indicates a key wrapping algorithm ([one ending in `KW`](https... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34980 | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, in a network-expose... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34976 | The `restoreTenant` admin mutation is missing from the authorization middleware config (`admin.go:499-522`), making it completely unauthenticated. Unl... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34973 | ### Summary The `searchCustomPages()` method in `phpmyfaq/src/phpMyFAQ/Search.php` uses `real_escape_string()` (via `escape()`) to sanitize the searc... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3497 | Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linu... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34969 | # Refresh Token Leaked via URL Query Parameter in OAuth Provider Callback ## Summary The auth service's OAuth provider callback flow places the refr... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34950 | ### Summary The fix for GHSA-c2ff-88x2-x9pg (CVE-2023-48223) is incomplete. The publicKeyPemMatcher regex in fast-jwt/src/crypto.js uses a ^ anchor t... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34947 | Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-la... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34940 | ## CHAMP: Description ### Summary The `ollamaStartupProbeScript()` function in `internal/modelcontroller/engine_ollama.go` constructs a shell comman... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34932 | hoppscotch is an open source API development ecosystem. Prior to version 2026.3.0, there is a stored XSS vulnerability that can lead to CSRF. This iss... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34931 | hoppscotch is an open source API development ecosystem. Prior to version 2026.3.0, there is an open redirect vulnerability that leads to token exfiltr... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34841 | ### **Impact** This is a **supply chain attack** involving compromised versions of the `axios` npm package, which introduced a hidden dependency depl... | 0.0 | 0 | Neutral | No | Yes |