Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Filter and search through 200,004 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-42517 | This vulnerability exists in e-Sushrut due to the use of reversible Base64 encoding for protecting sensitive data. An authenticated attacker could exp... | 0.0 | 0 | Neutral | No |
| No |
| CVE-2026-42516 | This vulnerability exists in e-Sushrut due to improper authorization checks during resource access. An authenticated attacker could exploit this vulne... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-42515 | This vulnerability exists in e-Sushrut due to improper access control in resource access validation. An authenticated attacker could exploit this vuln... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-42514 | This vulnerability exists in e-Sushrut due to exposure of OTPs in plaintext within API responses. A remote attacker could exploit this vulnerability b... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-42513 | This vulnerability exists in e-Sushrut due to improper authentication logic that relies on client-side response parameters to determine authentication... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-42462 | ### Summary An attacker can make use of JSON-LD features to restructure a JSON-LD document that would change how Fedify interprets it without changin... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-42458 | A reflected XSS vulnerability was found under admin panel -> System -> Import/Export -> Dataflow - Profiles. ## Steps to produce + Login to the a... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-42455 | Linkwarden is a self-hosted, open-source collaborative bookmark manager to collect, organize and archive webpages. In versions 2.14.0 and prior, the a... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-42453 | Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.1.0, the extractArchi... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-42350 | Kargo manages and automates the promotion of software artifacts. Prior to versions 1.7.10, 1.8.13, 1.9.8, and 1.10.2, Kargo is vulnerable to open redi... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-42347 | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-28496. Reason: This candidate is a duplicate of CVE-2026-28496. N... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-42343 | FastGPT is an AI Agent building platform. In versions 4.14.13 and prior, the code-sandbox component suffers from insufficient resource isolation and u... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-42337 | MaxKB is an open-source AI assistant for enterprise. MaxKB 2.8.0 and prior are vulnerable to a broken access control vulnerability in the OSS file ser... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-42336 | MaxKB is an open-source AI assistant for enterprise. MaxKB 2.8.0 and prior are vulnerable to a server-side request forgery (SSRF) bypass in the OSS fi... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-42335 | MaxKB is an open-source AI assistant for enterprise. Prior to 2.8.1, MaxKB v2.8.0 and prior are vulnerable to a server-side request forgery (SSRF) byp... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-42333 | ### Summary The generated authentication filter matches OpenAPI path templates too broadly when deciding whether to attach credentials. A security sc... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-42327 | `X509Ref::ocsp_responders` returns OCSP responder URLs from a certificate's AIA extension as `OpensslString`, whose `Deref<Target = str>` wraps the ra... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-42326 | When writing an IPTC output file a malicious input file could cause an out of bounds read of a single byte. | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-42321 | GLPI is a free asset and IT management software package. Starting in version 10.0.4 and prior to version 10.0.25, a technician can store an XSS payloa... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-42320 | GLPI is a free asset and IT management software package. Starting in version 0.50 and prior to versions 10.0.25 and 11.0.7, a technician can read arbi... | 0.0 | 0 | Neutral | No | No |