Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Filter and search through 321,511 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-9151 | An OS command injection vulnerability exists in the VPN module of TP-Link Archer AX12 v1, AX17 v1. AX18 v1, and AX1300 v1.6 routers. This vulnerabilit... | 0.0 | 0 | Neutral | No |
| No |
| CVE-2026-9129 | A path traversal vulnerability exists in the Altium Enterprise Server Viewer StorageController due to improper handling of file path route parameters.... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-9102 | A path traversal vulnerability exists in the Altium Enterprise Server ComparisonService due to missing filename sanitization in the Gerber file upload... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-9084 | MISP’s OIDC authentication plugin allowed automatic linking of an OIDC identity to an existing local user account based on the email claim when the lo... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-9065 | SureCart version prior to 4.2.1 are vulnerable to authenticated SQL injection via multiple parameters ('model_name', 'model_id', 'integration_id', 'pr... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-9059 | NextGEN Gallery version prior to 4.2.1 are vulnerable to authenticated SQL injection via the 'orderby' parameter on the REST API endpoints '/imagely/v... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-9058 | Szafir SDK returns a success status code from the cryptographic digital signature verification process (i.e. /VerifyingTaskItem/Signature/Verification... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-9054 | An attacker sending tcp, il, rudp, rudp, or gre packets with a length less than the header size would trigger a kernel panic. | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-9053 | Mothra would respect a default value given by a website for HTML file upload forms. An attacker could craft a website with a malicious default file pa... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-9039 | A configuration weakness in the device’s remote management service allows an authenticated session to be established over a communication channel inte... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-9038 | A stack-based buffer overflow vulnerability in the charging controller’s signal-processing logic allows an attacker with physical access to the chargi... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-9037 | A firmware update mechanism in the affected charging controller fails to validate the authenticity of firmware packages delivered through the device's... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-8997 | vifm is vulnerable to a heap buffer overflow during the history merge process when saving the state file (vifminfo.json). This flaw occurs because the... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-8990 | A user with physical access to a smartphone can bypass authentication mechanism of Kidsview mobile application and grant himself full access to the de... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-8980 | The Mennekes Amtron series (firmware versions ≤ 5.22.3) is vulnerable to privilege escalation. An authenticated low-privileged user can change the pas... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-8979 | The Mennekes Amtron series (firmware versions ≤ 5.22.3) is vulnerable to an authentication bypass. An unauthenticated remote attacker can change the p... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-8936 | Fixed a VM panic caused by unbounded recursion in the grpcfuse kernel module when a container created deeply nested directories on a bind-mounted host... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-8934 | A Missing Authorization vulnerability in a GraphQL private API operation of the Google App Engine section of the Cloud Console allows an unauthenticat... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-8931 | A critical Remote Code Execution (RCE) vulnerability exists in Disig Web Signer versions 2.0.3 through 2.5.3. | 0.0 | 0 | Neutral | No | No |
| CVE-2026-8918 | A permissive list of allowed inputs in ASUS Armoury Crate allows a local administrator to perform arbitrary memory read/write operations or cause a sy... | 0.0 | 0 | Neutral | No | No |