CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

303 matches found

GithubExploit•added 3 days ago•58 views

snyk-agentic-appsec-poc

Snyk Agentic AppSec POC Proof of concept demonstrating autono...

5.9AI score

Exploits0

Packet Storm News•added 2026/05/20 12:0 a.m.•3 views

Quality and Security Signals in AI-Generated Python Refactoring Pull Requests

As AI agents increasingly contribute to code development and maintenance, there is still limited empirical evidence on the quality and risk characteristics of their changes in real-world projects, particularly for refactoring-oriented contributions. It remains unclear how agent-authored refactori...

5.9AI score

Exploits0

GithubExploit•added 2026/05/19 11:42 p.m.•54 views

eip-mcp

Exploit Intel Platform MCP Server Package/command: eip-mcp...

6.1AI score

Exploits0

GithubExploit•added 2026/05/14 9:29 a.m.•39 views

offsec-skills

offsec-exploit-research Elite adaptive whitebox exploit resea...

5.9AI score

Exploits0

GithubExploit•added 2026/05/14 2:16 a.m.•44 views

Windows-pentest-lab

Windows-pentest-lab Penetration testing and vulnerability asse...

10CVSS7.1AI score0.94454EPSS

Exploits123

Packet Storm News•added 2026/05/14 12:0 a.m.•7 views

PickleFuzzer: A Case Study in Fuzzing for Discrepancies between Python Pickle Implementations

Python's native serialization protocol, pickle, is a powerful but insecure format for transferring untrusted data. It is frequently used, especially for saving machine learning models, despite known security challenges. While developers sometimes mitigate this risk by restricting imports during...

5.9AI score

Exploits0

The Hacker News•added 2026/05/13 1:46 p.m.•18 views

Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday

Microsoft has unveiled a new multi-model artificial intelligence AI-driven system called MDASH to facilitate vulnerability discovery and remediation at scale, adding that it's being tested by some customers as part of a limited private preview. MDASH, short for m ulti-mod el a gentic s canning h...

9.8CVSS7.1AI score0.00088EPSS

Exploits3

Wiz blog•added 2026/05/12 1:24 p.m.•3 views

Introducing Wiz Audit History: Track Every Change Across your Environment

Wiz Audit History is now GA, providing a continuous, cross-cloud timeline of changes to resource configurations and findings to accelerate incident response and simplify compliance...

5.8AI score

Exploits0

Qualys Blog•added 2026/05/11 2:0 p.m.•6 views

Bringing AI Code Security into Qualys ETM

A first-class data model for the next generation of findings AI-driven code security is becoming a real category. Anthropic's Claude Code Security and OpenAI's Codex Security are the leading examples, and more will follow. These tools reason about source code at a depth that traditional SAST cann...

5.7AI score

Exploits0

Packet Storm News•added 2026/05/11 12:0 a.m.•4 views

Continuous Discovery of Vulnerabilities in LLM Serving Systems with Fuzzing

LLM inference and serving systems have become security-critical infrastructure; however, many of their most concerning failures arise from the serving layer rather than from model behavior alone. Modern inference engines combine KV cache, batching, prefix sharing, speculative decoding, adapters,...

5.8AI score

Exploits0

Packet Storm News•added 2026/05/08 12:0 a.m.•2 views

On the Security of Research Artifacts

Research artifacts are widely shared to support reproducibility, and artifact evaluation AE has become common at many leading conferences. However, AE mainly checks whether artifacts work as claimed and can be reproduced. It largely overlooks potential security risks. Since these artifacts are...

6AI score

Exploits0

Wiz blog•added 2026/05/07 1:0 p.m.•9 views

Build Fast, Build Secure: Wiz findings are now in Lovable

With Wiz in Lovable, every builder can catch and fix risks in real time, keeping apps secure as they’re created...

5.8AI score

Exploits0

Wiz blog•added 2026/05/05 1:0 p.m.•5 views

Introducing Penetration Test Findings: Unified Offensive Security in Wiz

Streamline pen-testing by unifying findings from bug bounties, manual audits, and Wiz Red Agent into a single, context-rich view...

5.8AI score

Exploits0

GithubExploit•added 2026/04/30 9:50 a.m.•46 views

Exploit for Embedded Malicious Code in Tukaani Xz

Security Review: CVE-2024-3094 XZ Utils Backdoor Автор:...

10CVSS8.9AI score0.85058EPSS

Exploits38

GithubExploit•added 2026/04/28 11:8 p.m.•65 views

ExploitSense

ExploitSense ExploitSense is a local-first vulnerability anal...

5.6AI score

Exploits0

NVD•added 2026/04/24 9:16 p.m.•1 views

CVE-2026-41472

CyberPanel versions prior to 2.4.4 contain a stored cross-site scripting vulnerability in the AI Scanner dashboard where the POST /api/ai-scanner/callback endpoint lacks authentication and allows unauthenticated attackers to inject malicious JavaScript by overwriting the findingsjson field of...

6.1CVSS0.00216EPSS

Exploits1References3

EUVD•added 2026/04/24 8:40 p.m.•1 views

EUVD-2026-25630

5.3CVSS6.1AI score0.00216EPSS

Exploits1References3

CNNVD•added 2026/04/24 12:0 a.m.•3 views

CyberPanel 跨站脚本漏洞

CyberPanel is a virtual hosting control panel developed by Usman Nasir, which includes DNS and email servers. Versions of CyberPanel prior to 2.4.4 had a cross-site scripting vulnerability. This vulnerability originated from a storage-based cross-site scripting vulnerability in the AI Scanner...

6.1CVSS5.6AI score0.00216EPSS

Exploits1References1

GithubExploit•added 2026/04/22 9:54 p.m.•60 views

Web-Application-Pentest-Report

Web-Application-Pentest-Report OWASP methodology penetration t...

5.8AI score

Exploits0

GithubExploit•added 2026/04/21 12:15 p.m.•58 views

BuildReview2

BuildReview2 - Attack-Path-Driven Windows Host Review A rewri...

5.8AI score

Exploits0