Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Filter and search through 243,351 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-7860 | A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment va... | 0.0 | 0 | Neutral | No |
| Yes |
| CVE-2026-7824 | An issue was discovered in the PaperCut Hive Ricoh embedded application. When the "Deep Logging" (diagnostic) mode is enabled, the application inadver... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-7805 | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-3258. Reason: This candidate is a reservation duplicate of CVE-20... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-7774 | tarfile.data_filter could be bypassed using crafted link entries, including symlinks with empty or directory-like names, to redirect later archive mem... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-7766 | Kenik Camera management Panel is vulnerable to Path Traversal vulnerability. An unauthenticated attacker can send GET request with arbitrary file path... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-7570 | Quest NetVault Backup NVBUDashboard SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-7569 | Quest NetVault Backup viewclient Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authen... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-7539 | A potential security vulnerability has been identified in the HP Accessory WMI Provider installer for some HP Docking Stations, which might allow esca... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-7532 | iPAddress name constraints bypass when WOLFSSL_IP_ALT_NAME is not defined. IP address name constraints are not enforced in that configuration, allowin... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-7531 | Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 (released in 5.9.1): a malicious TLS 1.3 server ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-7511 | PKCS7_verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged signa... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-7480 | An Incorrect Permission Assignment for Critical Resource vulnerability in ASUS System Control Interface allows a local user to elevate privileges to S... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-7460 | mailcow-dockerized contains a stored cross-site scripting vulnerability in the administrator Queue Manager. The Queue Manager fetches mail queue entri... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-7448 | The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'first_n... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-7428 | Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-7373 | Rapid7 Metasploit Pro is vulnerable to a local privilege escalation attack that allows users to gain SYSTEM level control of a Windows host. Upon star... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-7310 | A heap-based buffer overflow vulnerability exists in XML parser functionality in the HiDraw. An authenticated malicious user with local access can exp... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-7308 | An authenticated user with upload permission to a hosted repository can store content that causes arbitrary JavaScript to execute in the browser of an... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-7300 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Web Integration Service) allows Filt... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-7182 | Diagram's export module is vulnerable to Path Traversal in src attribute due to lack of HTML sanitization. An unauthenticated user could craft the htm... | 0.0 | 0 | Neutral | No | No |