Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Filter and search through 206,459 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-39364 | ### Summary The contents of files that are specified by [`server.fs.deny`](https://vite.dev/config/server-options#server-fs-deny) can be returned to ... | 0.0 | 0 | Neutral | No |
| Yes |
| CVE-2026-39363 | ### Summary [`server.fs`](https://vite.dev/config/server-options#server-fs-strict) check was not enforced to the `fetchModule` method that is exposed... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-39360 | RustFS contains a missing authorization check in the multipart copy path (`UploadPartCopy`). A low-privileged user who cannot read objects from a vict... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-39351 | Frappe is a full-stack web application framework. Prior to 16.14.0 and 15.104.0, Frappe allows unrestricted Doctype access via API exploit. | 0.0 | 0 | Neutral | No | No |
| CVE-2026-39349 | OrangeHRM is a comprehensive human resource management (HRM) system. From 5.0 to 5.8, OrangeHRM Open Source encrypts certain sensitive fields with AES... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-39348 | OrangeHRM is a comprehensive human resource management (HRM) system. From 5.0 to 5.8, OrangeHRM Open Source omits authorization on job specification a... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-39347 | OrangeHRM is a comprehensive human resource management (HRM) system. From 5.0 to 5.8, OrangeHRM Open Source accepts changes to self-appraisal submissi... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-39346 | OrangeHRM is a comprehensive human resource management (HRM) system. From 5.0 to 5.8, OrangeHRM Open Source allowed authenticated users to bypass disa... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-39345 | OrangeHRM is a comprehensive human resource management (HRM) system. From 5.0 to 5.8, OrangeHRM Open Source fails to restrict email template file reso... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-39344 | ChurchCRM is an open-source church management system. Prior to 7.1.0, there is a Reflected Cross-Site Scripting (XSS) vulnerability on the login page,... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-39342 | ChurchCRM is an open-source church management system. Prior to 7.1.0, the searchwhat parameter via QueryView.php with the QueryID=15 is vulnerable to ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-39338 | ChurchCRM is an open-source church management system. Prior to 7.1.0, a Blind Reflected Cross-Site Scripting vulnerability exists in the search parame... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-39324 | `Rack::Session::Cookie` incorrectly handles decryption failures when configured with `secrets:`. If cookie decryption fails, the implementation falls ... | 0.0 | 0 | Neutral | Yes | Yes |
| CVE-2026-39322 | PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, POST /api/v1/auth/sign-in creates a valid session for banned ac... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-39321 | ### Impact The login endpoint response time differs measurably depending on whether the submitted username or email exists in the database. When a us... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3912 | Injection vulnerabilities due to validation/sanitisation of user-supplied input in ActiveMatrix BusinessWorks and Enterprise Administrator allows info... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3882 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3862 | Cross-site Scripting (XSS) allows an attacker to submit specially crafted data to the application which is returned unaltered in the resulting web pag... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3839 | Unraid Authentication Request Path Traversal Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3838 | Unraid Update Request Path Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affe... | 0.0 | 0 | Neutral | No | No |