Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Filter and search through 206,357 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-3690 | This vulnerability allows remote attackers to bypass authentication on affected installations of OpenClaw. Authentication is not required to exploit t... | 0.0 | 0 | Neutral | No |
| No |
| CVE-2026-3689 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of OpenClaw. Authentication is required to expl... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3653 | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3644 | The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update(), |= operator, and unpickling ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-3562 | Philips Hue Bridge hk_hap Ed25519 Signature Verification Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3561 | Philips Hue Bridge hk_hap characteristics Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent a... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3560 | Philips Hue Bridge HomeKit hk_hap_pair_storage_put Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-a... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3559 | Philips Hue Bridge HomeKit Accessory Protocol Static Nonce Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers t... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3558 | Philips Hue Bridge HomeKit Accessory Protocol Transient Pairing Mode Authentication Bypass Vulnerability. This vulnerability allows network-adjacent a... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3557 | Philips Hue Bridge hap_pair_verify_handler Sub-TLV Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows n... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3556 | Philips Hue Bridge HomeKit Pair-Setup Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attac... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3555 | Philips Hue Bridge Zigbee Stack Custom Command Handler Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows netwo... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3548 | Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser when parsing CRL numbers: a heap-based buffer overflow could occur when improper... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-35467 | The stored API keys in temporary browser client is not marked as protected allowing for JavScript console or other errors to allow for extraction of t... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-35466 | XSS vulnerability in cveInterface.js allows for inject HTML to be passed to display, as cveInterface trusts input from CVE API services | 0.0 | 0 | Neutral | No | No |
| CVE-2026-35393 | ### Summary * POST multipart upload directory not sanitized | `httpserver/updown.go:71-174` This finding affect the default configuration, no flags o... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-35392 | ### Summary * PUT upload has no path sanitization | `httpserver/updown.go:20-69` This finding affects the default configuration, no flags or authenti... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-35175 | ### Impact An authenticated user (using the `auth_users` plugin authentication method) could install a custom package even if this user is not superu... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-35171 | ### Impact This is a **critical Remote Code Execution (RCE)** vulnerability caused by unsafe use of `logging.config.dictConfig()` with user-controlle... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-35167 | ### Impact The `_get_versioned_path()` method in kedro/io/core.py constructs filesystem paths by directly interpolating user-supplied version strings ... | 0.0 | 0 | Neutral | No | No |