Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Filter and search through 206,111 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-3106 | Blind Cross-Site Scripting (XSS) in Teampass, versions prior to 3.1.5.16, within the password manager login functionality in the 'contraseña' paramete... | 0.0 | 0 | Neutral | No |
| No |
| CVE-2026-30977 | RenderBlocking is a MediaWiki extension that allows interface administrators to specify render-blocking CSS and JavaScript. Prior to 0.1.1, there is S... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-30960 | ## Impact **Vulnerability Type**: Improper Control of Generation of Code ('Code Injection') (CWE-94) / Improper Check for Unusual or Exceptional Con... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-30924 | ### Summary The application implements an HTML5 cross-origin resource sharing (CORS) policy that allows access from any domain. While the application... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-30917 | Bucket is a MediaWiki extension to store and retrieve structured data on articles. Prior to 2.1.1, a stored XSS can be inserted into any Bucket table ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-30916 | ## Withdrawn Advisory This advisory has been withdrawn because it falls outside the https://github.com/ericcornelissen/shescape/blob/a2544a1c78cae19d... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-30896 | The installer for Qsee Client versions 1.0.1 and prior insecurely load Dynamic Link Libraries (DLLs). When a user is directed to place some malicious ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3089 | # Description Actual Sync Server allows authenticated users to upload files through `POST /sync/upload-user-file`. In versions prior to 26.3.0, impro... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-3086 | GStreamer H.266 Codec Parser Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-3085 | GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-30840 | Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, there is a server-side request forgery vulnerability in... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-3084 | GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary co... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-3083 | GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code o... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-30823 | ### Summary The Flowise platform has a critical Insecure Direct Object Reference (IDOR) vulnerability combined with a Business Logic Flaw in the PUT /... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-30822 | ## Summary **A Mass Assignment vulnerability in the `/api/v1/leads` endpoint allows any unauthenticated user to control internal entity fields (`id`,... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-3082 | GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-3081 | GStreamer H.266 Codec Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute ar... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-3076 | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-2363. Reason: This candidate is a reservation duplicate of CVE-20... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-30498 | No description available | 0.0 | 0 | Neutral | Yes | No |
| CVE-2026-30407 | Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was ... | 0.0 | 0 | Neutral | No | No |