Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Filter and search through 206,560 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-5327 | A security flaw has been discovered in efforthye fast-filesystem-mcp up to 3.5.1. The affected element is the function handleGetDiskUsage of the file ... | 0.0 | 0 | Neutral | No |
| No |
| CVE-2026-5326 | A vulnerability was identified in SourceCodester Leave Application System 1.0. Impacted is an unknown function of the file /index.php?page=manage_user... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5325 | A vulnerability was determined in SourceCodester Simple Customer Relationship Management System 1.0. This issue affects some unknown processing of the... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5323 | A vulnerability was found in priyankark a11y-mcp up to 1.0.5. This vulnerability affects the function A11yServer of the file src/index.js. The manipul... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-5271 | pymanager included the current working directory in sys.path meaning modules could be shadowed by modules in the current working directory. As a resul... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5246 | A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mg_tls_verify_cert_signature of the file mongoose.c of the com... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-5245 | A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function handle_mdns_record of the file mongoose.c of the component mDNS Re... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-5244 | A vulnerability has been found in Cesanta Mongoose up to 7.20. This affects the function mg_tls_recv_cert of the file mongoose.c of the component TLS ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-5199 | A writer role user in an attacker-controlled namespace could signal, delete, and reset workflows or activities in a victim namespace on the same clust... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-5128 | A sensitive information exposure vulnerability exists in ArthurFiorette steam-trader 2.1.1. An unauthenticated attacker can send a request to the /use... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5115 | The PaperCut NG/MF (specifically, the embedded application for Konica Minolta devices) is vulnerable to session hijacking. The PaperCut NG/MF Embedded... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5059 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to ex... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5058 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to ex... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5055 | This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5054 | This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5053 | This vulnerability allows local attackers to delete arbitrary files on affected installations of NoMachine. An attacker must first obtain the ability ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5032 | The W3 Total Cache plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 2.9.3. This is due to the plugin b... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5026 | The '/api/v1/files/images/{flow_id}/{file_name}' endpoint serves SVG files with the 'image/svg+xml' content type without sanitizing their content. Si... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5022 | The '/api/v1/files/images/{flow_id}/{file_name}' endpoint does not enforce any authentication or authorization checks, allowing any unauthenticated us... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5010 | A reflected Cross-Site Scripting (XSS) vulnerability has been discovered in Clickedu. This vulnerability allows an attacker to execute JavaScript code... | 0.0 | 0 | Neutral | No | No |