Browse 349,434+ CVEs from NVD & CNNVD with AI-powered analysis, AI-generated PoCs, KEV/EPSS tracking, and daily security intelligence. Filter by vendor, product, severity, or CWE.
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-16127 | zevorn rt-claw http_request tool_net.c claw_net_post server-side request forgery | zevorn | rt-claw | High | 7.3 | 2026-07-18 16:00:09 | Deep Dive |
| CVE-2026-16126 | zevorn rt-claw Swarm RPC Receiver swarm.c handle_rpc_request authorization | zevorn | rt-claw | High | 7.3 | 2026-07-18 15:45:09 | Deep Dive |
| CVE-2026-16125🧪 | zevorn rt-claw http_request net.c claw_net_post server-side request forgery | zevorn | rt-claw | High | 7.3 | 2026-07-18 15:15:08 | Deep Dive |
| CVE-2026-16124 | nextlevelbuilder GoClaw web_fetch web_shared.go isPrivateIP server-side request forgery | nextlevelbuilder | GoClaw | Medium | 6.3 | 2026-07-18 15:00:12 | Deep Dive |
| CVE-2026-16123 | nextlevelbuilder GoClaw Invoke Endpoint tools_invoke.go ToolsInvokeHandler.ServeHTTP authorization | nextlevelbuilder | GoClaw | Medium | 6.3 | 2026-07-18 14:45:08 | Deep Dive |
| CVE-2026-16122 | nextlevelbuilder GoClaw exec_approval.go matchesAllowlist authorization | nextlevelbuilder | GoClaw | Medium | 4.3 | 2026-07-18 14:30:09 | Deep Dive |
| CVE-2026-16121 | nextlevelbuilder GoClaw exec_approval.go isSafeBin improper authorization | nextlevelbuilder | GoClaw | Medium | 6.3 | 2026-07-18 14:15:10 | Deep Dive |
| CVE-2026-9323🧪 | Insecure PRNG and Information Exposure in urwid Web Display Backend | urwid | urwid | High | 8.1 | 2026-07-18 13:51:06 | Deep Dive |
| CVE-2026-11826🧪 | OpenPLC_v3 Heap-Based Buffer Overflow in Modbus Master getData() | openplcproject | OpenPLC_v3 | High | 8.8 | 2026-07-18 13:35:36 | Deep Dive |
| CVE-2026-16120 | nextlevelbuilder GoClaw exec_approval.go extractBin name resolution | nextlevelbuilder | GoClaw | Medium | 6.3 | 2026-07-18 13:30:10 | Deep Dive |
| CVE-2025-71398 | SurrealDB before 2.2.2 SSRF via HTTP Redirect Bypass | surrealdb | surrealdb | - | - | 2026-07-18 13:10:16 | Deep Dive |
| CVE-2025-71397 | SurrealDB before 2.2.2 CPU Exhaustion via nested FOR loops | surrealdb | surrealdb | - | - | 2026-07-18 13:10:15 | Deep Dive |
| CVE-2025-71396 | SurrealDB before 2.2.2 Denial of Service via JavaScript Scripting | surrealdb | surrealdb | - | - | 2026-07-18 13:10:14 | Deep Dive |
| CVE-2025-71395 | SurrealDB before 2.2.2 Memory Exhaustion via string::replace | surrealdb | surrealdb | - | - | 2026-07-18 13:10:14 | Deep Dive |
| CVE-2025-71394 | SurrealDB before 2.2.2 Local File Read via DEFINE ANALYZER | surrealdb | surrealdb | - | - | 2026-07-18 13:10:13 | Deep Dive |
| CVE-2025-71392 | SurrealDB before 2.2.2 SurrealQL Injection via export | surrealdb | surrealdb | - | - | 2026-07-18 13:10:12 | Deep Dive |
| CVE-2025-71393 | SurrealDB before 2.2.2 Memory Exhaustion via Nested Functions | surrealdb | surrealdb | - | - | 2026-07-18 13:10:12 | Deep Dive |
| CVE-2025-71391 | SurrealDB before 2.2.2 Denial of Service via /sql endpoint | surrealdb | surrealdb | - | - | 2026-07-18 13:10:11 | Deep Dive |
| CVE-2024-58370 | SurrealDB before 1.1.0 Uncontrolled Recursion Denial of Service | surrealdb | surrealdb | Medium | 6.5 | 2026-07-18 13:10:10 | Deep Dive |
| CVE-2025-71390 | SurrealDB before 2.3.6 deny-net Bypass via DNS Resolution | surrealdb | surrealdb | - | - | 2026-07-18 13:10:10 | Deep Dive |