Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Filter and search through 199,984 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-42318 | GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to versions 10.0.25 and 11.0.7, low privilege users with ... | 0.0 | 0 | Neutral | No |
| No |
| CVE-2026-42317 | GLPI is a free asset and IT management software package. Starting in version 0.78 and prior to versions 10.0.25 and 11.0.7, a technician can delete ar... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-42306 | ## Summary A race condition during `docker cp` mount setup allows a malicious container to redirect a bind mount target to an arbitrary host path, po... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-42305 | ## Impact Arbitrary file write leading to remote code execution when cloning or checking out a malicious Git repository on Windows. Dulwich's path-e... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-42303 | ### Summary Fides deployments that enable both subject identity verification and duplicate privacy request detection are affected by a vulnerability ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-42300 | ### Impact The `SessionMiddleware` accepts a client-supplied `X-Admin-Token` HTTP request header and uses its raw string value as the authenticated `u... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-42287 | Emlog is an open source website building system. Prior to version 2.6.11, direct SQL injection in article creation and update functions allows attacke... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-42286 | Emlog is an open source website building system. Prior to version 2.6.11, missing CSRF protection in critical admin functions allows attackers to tric... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-42278 | UltraDAG is a minimal DAG-BFT blockchain in Rust. Prior to commit fb6ef59, the UltraDAG StateEngine implementation of SmartTransferTx contains a criti... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-42274 | ### Summary Heimdall performs rule matching on the raw (non-normalized) request path, while downstream components may normalize dot-segments accordin... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-42273 | ### Summary Heimdall performs host matching in a case-sensitive manner, while HTTP hostnames are case-insensitive. This discrepancy can result in hei... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-42272 | ### Summary Heimdall handles URL-encoded slashes (`%2F`) in a case-sensitive manner, while percent-encoding is defined to be case-insensitive. As a r... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-42259 | ### Summary Saltcorn validates the post-login `dest` parameter with a string check that only blocks `:/` and `//`. Because all WHATWG-compliant browse... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-42251 | Use of hard-coded credentials in KS-SOMED allowed an unauthorized attacker access to FTP server that hosted the application's update packages. The att... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-42250 | bzip2 contains an off‑by‑one error in the bzip2recover utility. When processing a specially crafted file, the application performs an out‑of‑bounds wr... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-42213 | SolidCAM-GPPL-IDE is an unofficial, independently developed extension, Postprocessor IDE for SolidCAM. From version 1.0.0 to before version 1.0.2, the... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-42212 | SolidCAM-GPPL-IDE is an unofficial, independently developed extension, Postprocessor IDE for SolidCAM. From version 1.0.0 to before version 1.0.2, Ope... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-42206 | ### Summary The `roadiz/openid` package generates an OIDC nonce in `OAuth2LinkGenerator::generate()` and includes it in the authorization request sent... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-42196 | ### Impact `S3FileMiddleware` is vulnerable to relative path traversal attacks, where an attacker can use a modified request to escape pre-signed uplo... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-42160 | Data Space Portal is an open-source Software as a Service (SaaS) solution designed to streamline Dataspace management. From version 2.1.1 to before ve... | 0.0 | 0 | Neutral | No | No |