Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Filter and search through 200,345 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-45682 | ### Summary The custom `CappedConcurrentHashMap` introduced for Java TLS state tracking never removes keys from its insertion-order queue when entrie... | 0.0 | 0 | Neutral | No |
| Yes |
| CVE-2026-45681 | ### Summary The per-CPU message-buffer fallback path uses a 256-byte backup buffer but preserves the original payload size, which can be up to 8KB. I... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-45680 | ### Summary OBI replays BPF probe hits into histogram observations by looping once per recorded run count. On busy systems, the run-count delta can b... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-45679 | ### Summary OBI exports raw Redis error text as the span status message. Because Redis error replies can contain attacker-controlled or sensitive val... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-45678 | ### Summary The Postgres protocol parser assumes `BIND` message payloads contain a valid NUL-terminated portal name. A crafted empty or unterminated ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-45676 | ### Summary OBI's replacement ELF parser trusts section offsets, counts, and string offsets from the executable file. A crafted local ELF can make OB... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-45670 | ### Summary This is an incomplete fix for [GHSA-4gf7-ff8x-hq99](https://github.com/nuxt/nuxt/security/advisories/GHSA-4gf7-ff8x-hq99). Source code may... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-45669 | ### Summary `navigateTo()` with `external: true` generates a server-side HTML redirect body containing a `<meta http-equiv="refresh">` tag. The destin... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-45664 | Because of a missing check in the MNG coder it would be possible to read more images than the list limit policy would allow resulting in excessive res... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-45660 | ### Impact The Glide image proxy's URL validation could be bypassed using an IP representation that wasn't normalized before the public-IP check. An ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-45627 | ## Summary The unauthenticated `GET /api/app-images/logo` endpoint reflects a user-supplied `color` query parameter into the body of an SVG document ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-45626 | ## Summary `GET /environments/{id}/volumes/{volumeName}/browse` accepts a `path` query parameter that is passed to a shell command (`sh -c "find … | ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-45625 | ## Summary Arcane's huma-based REST API exposes nine endpoints under `/api/customize/git-repositories` and `/api/git-repositories/sync` for managing ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-45624 | When performing a polynomial distortion an out of bounds over-read of 24 bytes can occur when specifying specific arguments. | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-45622 | Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, there is an unauthenticated ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-45620 | CVE-2026-43881 fix `d9cdc7024` patched `users.json.php` only. The same anti-pattern survives at master HEAD in: ``` objects/mention.json.php:17 $... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-45619 | CVE-2026-43884 fix `603e7bf` patched `EpgParser.php` and `plugin/AI/receiveAsync.json.php` to use `url_get_contents` (redirect-safe). Neither uses the... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-45618 | ### Summary It is possible to execute arbitrary code with crafted templates ### Details <details> <summary> `1|valueOf` -> `this` when evaluating ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-45617 | ## Summary The built-in `strip_html` filter in liquidjs uses a regex containing four lazy-quantified alternatives. When the input contains many `<scr... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-45616 | Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, This vulnerability is fixed... | 0.0 | 0 | Neutral | No | No |