Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Filter and search through 200,231 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-5087 | PAGI::Middleware::Session::Store::Cookie versions through 0.001003 for Perl generates random bytes insecurely. PAGI::Middleware::Session::Store::Cook... | 0.0 | 0 | Neutral | No |
| No |
| CVE-2026-5059 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to ex... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5058 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to ex... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5055 | This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5054 | This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5053 | This vulnerability allows local attackers to delete arbitrary files on affected installations of NoMachine. An attacker must first obtain the ability ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5026 | The '/api/v1/files/images/{flow_id}/{file_name}' endpoint serves SVG files with the 'image/svg+xml' content type without sanitizing their content. Si... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5022 | The '/api/v1/files/images/{flow_id}/{file_name}' endpoint does not enforce any authentication or authorization checks, allowing any unauthenticated us... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5010 | A reflected Cross-Site Scripting (XSS) vulnerability has been discovered in Clickedu. This vulnerability allows an attacker to execute JavaScript code... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-4989 | No description available | 0.0 | 0 | Neutral | No | No |
| CVE-2026-4982 | A user with permission "update world" in any Venueless world is able to exfiltrate chat messages from direct messages or channels in other worlds on t... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-4927 | No description available | 0.0 | 0 | Neutral | No | No |
| CVE-2026-4925 | No description available | 0.0 | 0 | Neutral | No | No |
| CVE-2026-4924 | No description available | 0.0 | 0 | Neutral | No | No |
| CVE-2026-4829 | No description available | 0.0 | 0 | Neutral | No | No |
| CVE-2026-4828 | No description available | 0.0 | 0 | Neutral | No | No |
| CVE-2026-4821 | No description available | 0.0 | 0 | Neutral | Yes | No |
| CVE-2026-4820 | No description available | 0.0 | 0 | Neutral | No | No |
| CVE-2026-4794 | Multiple cross-site scripting (XSS) vulnerabilities in PaperCut NG/MF before 25.0.10 allow authenticated administrator users to inject arbitrary web s... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-4789 | Kyverno, versions 1.16.0 and later, are vulnerable to SSRF due to unrestricted CEL HTTP functions. | 0.0 | 0 | Neutral | No | No |