Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Filter and search through 200,262 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-6221 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 0.0 | 0 | Neutral | No |
| No |
| CVE-2026-6179 | Stored Cross Site Scripting in NightWolf Penetration Testing Platform allows attack trigger and run malicious script in user's browser | 0.0 | 0 | Neutral | No | No |
| CVE-2026-6175 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 0.0 | 0 | Neutral | No | No |
| CVE-2026-6100 | Use-after-free (UAF) was possible in the `lzma.LZMADecompressor`, `bz2.BZ2Decompressor`, and `gzip.GzipFile` when a memory allocation fails with a `Me... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-6074 | A path traversal condition in Intrado 911 Emergency Gateway could allow an attacker with existing network access the ability to access the EGW managem... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-6056 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 0.0 | 0 | Neutral | No | No |
| CVE-2026-6043 | P4 Server versions prior to 2026.1 are configured with insecure default settings that, when exposed to untrusted networks, allow unauthenticated attac... | 0.0 | 0 | Neutral | Yes | No |
| CVE-2026-6019 | http.cookies.Morsel.js_output() returns an inline <script> snippet and only escapes " for JavaScript string context. It does not neutralize the HTML p... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-6018 | No description available | 0.0 | 0 | Neutral | Yes | No |
| CVE-2026-5968 | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5958 | When sed is invoked with both -i (in-place edit) and --follow-symlinks, the function open_next_file() performs two separate, non-atomic filesystem ope... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-5822 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5794 | A vulnerability affecting the detailed versions of Cryptobox allows a legitimate user to prevent another to login by triggering an account lockout via... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5781 | An authorization vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/moUser/update' endpoint, could allow an authenticated user wit... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5780 | An insecure direct object reference (IDOR) vulnerability in MphRx's Minerva V3.6.0, specifically in the endpoint '/minerva/moUser/show/'. If this vuln... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5779 | An insecure direct object reference (IDOR) vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/user/updateUserProfile' endpoint. Th... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5777 | This vulnerability exists in the Atom 3x Projector due to improper exposure of the Android Debug Bridge (ADB) service over the local network without a... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5762 | Allocation of resources without limits or throttling vulnerability in Wikimedia Foundation MediaWiki - ReportIncident Extension allows HTTP DoS.This i... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5750 | An insecure direct object reference (IDOR) vulnerability in the Fullstep V5 registration process allows authenticated users to access data belonging t... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-5749 | Inadequate access control in the registration process in Fullstep V5, which could allow unauthenticated users to obtain a valid JWT token with which t... | 0.0 | 0 | Neutral | No | No |