Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Filter and search through 331 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-42897 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to p... | 6.1 | 569 | Neutral | Yes |
| Yes |
| CVE-2026-34926 | A directory traversal vulnerability in the Apex One (on-premise) server could allow a pre-authenticated local attacker to modify a key table on the se... | 6.7 | 653 | Neutral | Yes | Yes |
| CVE-2026-32202 | Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network. | 4.3 | 396 | Neutral | Yes | Yes |
| CVE-2026-32201 | Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network. | 6.5 | 598 | Neutral | Yes | Yes |
| CVE-2026-21525 | Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally. | 6.2 | 477 | Neutral | Yes | Yes |
| CVE-2026-20805 | Exposure of sensitive information to an unauthorized actor in Desktop Windows Manager allows an authorized attacker to disclose information locally. | 5.5 | 486 | Neutral | Yes | Yes |
| CVE-2025-68686 | An Exposure of Sensitive Information to an Unauthorized Actor vulnerability [CWE-200] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.1, FortiOS 7... | 5.9 | 414 | Neutral | No | Yes |
| CVE-2025-62215 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate... | 7.0 | 584 | Neutral | Yes | Yes |
| CVE-2025-61932 | Lanscope Endpoint Manager (On-Premises) (Client program (MR) and Detection agent (DA)) improperly verifies the origin of incoming requests, allowing a... | 0.0 | 0 | Neutral | Yes | Yes |
| CVE-2025-59689 | Libraesva ESG 4.5 through 5.5.x before 5.5.7 allows command injection via a compressed e-mail attachment. For ESG 5.0 a fix has been released in 5.0.3... | 6.1 | 624 | Neutral | Yes | Yes |
| CVE-2025-55177 | Incomplete authorization of linked device synchronization messages in WhatsApp for iOS prior to v2.25.21.73, WhatsApp Business for iOS v2.25.21.78, an... | 5.4 | 482 | Neutral | Yes | Yes |
| CVE-2025-48633 | In hasAccountsOnAnyUser of DevicePolicyManagerService.java, there is a possible way to add a Device Owner after provisioning due to a logic error in t... | 5.5 | 486 | Neutral | Yes | Yes |
| CVE-2025-47827 | In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a cr... | 4.6 | 405 | Neutral | Yes | Yes |
| CVE-2025-4664 | Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted H... | 4.3 | 396 | Low | Yes | Yes |
| CVE-2025-43200 | This issue was addressed with improved checks. This issue is fixed in watchOS 11.3.1, macOS Ventura 13.7.4, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 ... | 4.2 | 481 | Neutral | Yes | Yes |
| CVE-2025-40602 | A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC). | 6.6 | 638 | Neutral | Yes | Yes |
| CVE-2025-38352 | In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_... | 7.4 | 664 | Neutral | Yes | Yes |
| CVE-2025-30355 | ### Impact A malicious server can craft events with a `depth` outside the integer range allowed by Canonical JSON. When such an event is received by S... | 7.5 | 667 | Neutral | No | Yes |
| CVE-2025-27915 | An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0 and 10.1. A stored cross-site scripting (XSS) vulnerability exists in the Classic W... | 5.4 | 520 | Neutral | Yes | Yes |
| CVE-2025-24991 | Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally. | 5.5 | 508 | Neutral | Yes | Yes |