Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Filter and search through 206,460 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-3561 | Philips Hue Bridge hk_hap characteristics Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent a... | 0.0 | 0 | Neutral | No |
| No |
| CVE-2026-3560 | Philips Hue Bridge HomeKit hk_hap_pair_storage_put Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-a... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3559 | Philips Hue Bridge HomeKit Accessory Protocol Static Nonce Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers t... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3558 | Philips Hue Bridge HomeKit Accessory Protocol Transient Pairing Mode Authentication Bypass Vulnerability. This vulnerability allows network-adjacent a... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3557 | Philips Hue Bridge hap_pair_verify_handler Sub-TLV Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows n... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3556 | Philips Hue Bridge HomeKit Pair-Setup Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attac... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3555 | Philips Hue Bridge Zigbee Stack Custom Command Handler Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows netwo... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3548 | Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser when parsing CRL numbers: a heap-based buffer overflow could occur when improper... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-35168 | No description available | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3503 | Protection mechanism failure in wolfCrypt post-quantum implementations (ML-KEM and ML-DSA) in wolfSSL on ARM Cortex-M microcontrollers allows a physic... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-35002 | Agno versions prior to 2.3.24 contain an arbitrary code execution vulnerability in the model execution component that allows attackers to execute arbi... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34974 | ### Summary The regex-based SVG sanitizer in phpMyFAQ (`SvgSanitizer.php`) can be bypassed using HTML entity encoding in `javascript:` URLs within SVG... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34973 | ### Summary The `searchCustomPages()` method in `phpmyfaq/src/phpMyFAQ/Search.php` uses `real_escape_string()` (via `escape()`) to sanitize the searc... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3497 | Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linu... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34969 | # Refresh Token Leaked via URL Query Parameter in OAuth Provider Callback ## Summary The auth service's OAuth provider callback flow places the refr... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34955 | ### Summary `SubprocessSandbox` in all modes (BASIC, STRICT, NETWORK_ISOLATED) calls `subprocess.run()` with `shell=True` and relies solely on string... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34954 | ### Summary `FileTools.download_file()` in `praisonaiagents` validates the destination path but performs no validation on the `url` parameter, passin... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34953 | ### Summary `OAuthManager.validate_token()` returns `True` for any token not found in its internal store, which is empty by default. Any HTTP request... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-34952 | ### Summary The PraisonAI Gateway server accepts WebSocket connections at `/ws` and serves agent topology at `/info` with no authentication. Any netw... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-34940 | ## CHAMP: Description ### Summary The `ollamaStartupProbeScript()` function in `internal/modelcontroller/engine_ollama.go` constructs a shell comman... | 0.0 | 0 | Neutral | No | Yes |