Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Filter and search through 206,185 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-31386 | OpenLiteSpeed and LSWS Enterprise provided by LiteSpeed Technologies contain an OS command injection vulnerability. An arbitrary OS command may be exe... | 0.0 | 0 | Neutral | No |
| No |
| CVE-2026-31354 | Multiple authenticated stored cross-site scripting (XSS) vulnerabilities in the Permissions module of Feehi CMS v2.1.1 allows attackers to execute arb... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-31353 | An authenticated stored cross-site scripting (XSS) vulnerability in the Category module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-31352 | An authenticated stored cross-site scripting (XSS) vulnerability in the Role Management module of Feehi CMS v2.1.1 allows attackers to execute arbitra... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-31350 | An authenticated stored cross-site scripting (XSS) vulnerability in Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via inj... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-31313 | An authenticated stored cross-site scripting (XSS) vulnerability in the creation/editing module of Feehi CMS v2.1.1 allows attackers to execute arbitr... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3126 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 0.0 | 0 | Neutral | No | No |
| CVE-2026-31151 | An issue in the login mechanism of Kaleris YMS v7.2.2.1 allows attackers to bypass login verification to access the application 's resources. | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3111 | Insecure Direct Object Reference (IDOR) vulnerability in Campus Educativa specifically at the endpoint '/archivos/usuarios/[ID]/[username]/thumb_AAxAA... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3110 | Insecure Direct Object Reference (IDOR) vulnerability in Campus Educativa specifically at the endpoint '/administracion/admin_usuarios.cgi?filtro_esta... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3107 | Stored Cross-Site Scripting (XSS) in Teampass versions prior to 3.1.5.16, affecting the password manager's password import functionality at the endpoi... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3106 | Blind Cross-Site Scripting (XSS) in Teampass, versions prior to 3.1.5.16, within the password manager login functionality in the 'contraseña' paramete... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-31059 | A remote command execution (RCE) vulnerability in the /goform/formDia component of UTT Aggressive HiPER 520W v3v1.7.7-180627 allows attackers to execu... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-30977 | RenderBlocking is a MediaWiki extension that allows interface administrators to specify render-blocking CSS and JavaScript. Prior to 0.1.1, there is S... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-30960 | ## Impact **Vulnerability Type**: Improper Control of Generation of Code ('Code Injection') (CWE-94) / Improper Check for Unusual or Exceptional Con... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-30924 | ### Summary The application implements an HTML5 cross-origin resource sharing (CORS) policy that allows access from any domain. While the application... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-30917 | Bucket is a MediaWiki extension to store and retrieve structured data on articles. Prior to 2.1.1, a stored XSS can be inserted into any Bucket table ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-30916 | ## Withdrawn Advisory This advisory has been withdrawn because it falls outside the https://github.com/ericcornelissen/shescape/blob/a2544a1c78cae19d... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-30896 | The installer for Qsee Client versions 1.0.1 and prior insecurely load Dynamic Link Libraries (DLLs). When a user is directed to place some malicious ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3089 | # Description Actual Sync Server allows authenticated users to upload files through `POST /sync/upload-user-file`. In versions prior to 26.3.0, impro... | 0.0 | 0 | Neutral | No | Yes |