Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Filter and search through 206,257 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-32607 | Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-la... | 0.0 | 0 | Neutral | No |
| No |
| CVE-2026-32587 | Missing Authorization vulnerability in Saad Iqbal WP EasyPay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affect... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-32586 | Missing Authorization vulnerability in Pluggabl Booster for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This i... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-32565 | Missing Authorization vulnerability in WebberZone Contextual Related Posts allows Exploiting Incorrectly Configured Access Control Security Levels.Thi... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-32493 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eyecix JobSearch wp-jobsearch allows Reflected X... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-3237 | In affected versions of Octopus Server it was possible for a low privileged user to manipulate an API request to change the signing key expiration and... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3233 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 0.0 | 0 | Neutral | No | No |
| CVE-2026-32326 | SHARP routers do not perform authentication for some web APIs. The device information may be retrieved without authentication. If the administrative p... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3227 | A command injection vulnerability was identified in TP-Link TL-WR802N v4, TL-WR841N v14, and TL-WR840N v6 due to improper neutralization of special el... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-32268 | Unauthenticated users can view a list of buckets the plugin has access to. The `DefaultController->actionLoadContainerData()` endpoint allows unauthe... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-32266 | Unauthenticated users can view a list of buckets the plugin has access to. The `DefaultController->actionLoadBucketData()` endpoint allows unauthenti... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-32265 | Unauthenticated users can view a list of buckets the plugin has access to. The `BucketsController->actionLoadBucketData()` endpoint allows unauthenti... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-32261 | The Webhooks plugin renders user-supplied template content through Twig’s `renderString()` function without sandbox protection. This allows an authent... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-32243 | Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-la... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3223 | Arbitrary file write & potential privilege escalation exploiting zip slip vulnerability in Google Web Designer. | 0.0 | 0 | Neutral | No | No |
| CVE-2026-32213 | Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network. | 0.0 | 0 | Neutral | No | No |
| CVE-2026-32211 | Missing authentication for critical function in Azure MCP Server allows an unauthorized attacker to disclose information over a network. | 0.0 | 0 | Neutral | No | No |
| CVE-2026-32173 | Improper authentication in Azure SRE Agent allows an unauthorized attacker to disclose information over a network. | 0.0 | 0 | Neutral | No | No |
| CVE-2026-32145 | No description available | 0.0 | 0 | Neutral | No | No |
| CVE-2026-32143 | Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-la... | 0.0 | 0 | Neutral | No | No |