Vulnerability Intelligence Hub

Q: Where does the vulnerability data come from?

Our vulnerability data is continuously aggregated from authoritative sources including the NVD REST API, GitHub Advisory Database (OSV), and the CISA Known Exploited Vulnerabilities (KEV) Catalog, and then natively enriched by Precogs AI.

Q: How often is the vulnerability database updated?

The Precogs Vulnerability Intelligence Hub is updated 24/7 with real-time monitoring of newly disclosed CVEs and emerging AI threats.

Q: What is AI-enriched vulnerability intelligence?

AI-enriched vulnerability intelligence uses advanced machine learning models (the Precogs AI Analysis Engine) to analyze raw CVE data, providing automated remediation guidance, predicting exploitability, and generating AutoFix pull requests in under 60 seconds.

AI-enriched security intelligence for binary analysis, AI-generated code, secrets & data leaks, and compliance — by Precogs AI.

●Database Last Updated: 27 Mar 2026

Verified by Precogs Threat Research

What is the Precogs Vulnerability Intelligence Hub?

It is a continuously updated, AI-enriched database that tracks the latest Common Vulnerabilities and Exposures (CVEs) and Common Weakness Enumerations (CWEs) across AI-generated code, binary architectures, and web applications. It provides real-time remediation guidance and is powered by the Precogs AI Analysis Engine, syncing data from the NVD, GitHub Advisory Database, and CISA KEV catalog.

AI Code Binary Security Secrets & Data Leaks Compliance

Recently Disclosed

CVE-2026-3457LIVEImproper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Thales Sentinel LDK Runtime on Windows allows Stored XSS.

CWE-79

27 Mar 2026

CVE-2026-27860LIVEIf auth_username_chars is empty, it is possible to inject arbitrary LDAP filter to Dovecot's LDAP authentication.

CVSS 3.7 · CWE-90

27 Mar 2026

CVE-2026-27859LIVEA mail message containing excessive amount of RFC 2231 MIME parameters causes LMTP to use too much CPU.

CVSS 5.3 · CWE-400

27 Mar 2026

CVE-2026-27858LIVEAttacker can send a specifically crafted message before authentication that causes managesieve to allocate large amount of memory.

CVSS 7.5 · CWE-400

27 Mar 2026

CVE-2026-27857LIVESending "NOOP (((.

CVSS 4.3 · CWE-400

27 Mar 2026

CVE-2026-27856LIVEDoveadm credentials are verified using direct comparison which is susceptible to timing oracle attack.

CVSS 7.4 · CWE-287

27 Mar 2026

CVE-2026-27855LIVEDovecot OTP authentication is vulnerable to replay attack under specific conditions.

CVSS 6.8 · CWE-294

27 Mar 2026

CVE-2026-24031LIVEDovecot SQL based authentication can be bypassed when auth_username_chars is cleared by admin.

CVSS 7.7 · CWE-89

27 Mar 2026

CVE-2026-0394LIVEWhen dovecot has been configured to use per-domain passwd files, and they are placed one path component above /etc, or slash has been added to allowed characters, path traversal can happen if the domain component is directory partial.

CVSS 5.3 · CWE-22

27 Mar 2026

CVE-2025-59032LIVEManageSieve AUTHENTICATE command crashes when using literal as SASL initial response.

CVSS 7.5 · CWE-20

27 Mar 2026

Loading live feed...

Notable Vulnerabilities

View All →

Log4Shell

CRITICAL

CVE-2021-44228 · Apache Log4j 2.x < 2.15.0

Log4j DoS/RCE Bypass

CRITICAL

CVE-2021-45046 · Apache Log4j 2.x < 2.16.0

Heartbleed

HIGH

CVE-2014-0160 · OpenSSL 1.0.1 through 1.0.1f

Apache Struts 2 RCE

CRITICAL

CVE-2017-5638 · Apache Struts 2.x < 2.3.32 / 2.5.x < 2.5.10.1

EternalBlue

HIGH

CVE-2017-0144 · Microsoft Windows SMBv1

Spring4Shell

CRITICAL

CVE-2022-22965 · Spring Framework 5.3.x < 5.3.18 / 5.2.x < 5.2.20

Intelligence Modules

Binary Security

Binary analysis discovers vulnerabilities in compiled software—containers, firmware, and third-party vendor applications—without requiring access to the original source code. Precogs AI provides deep visibility into memory corruption, hardcoded secrets, and cryptographic flaws post-compilation.

27 vulnerability typesExplore →

AI-Generated Code

AI code assistants like GitHub Copilot, ChatGPT, Cursor, and Claude frequently generate code containing security vulnerabilities. Studies show up to 40% of AI-generated code contains at least one security flaw. Precogs AI pre-LLM filters detect and prevent these flaws before they enter your codebase — including injection attacks, hardcoded secrets, broken authentication, and insecure deserialization patterns.

22 vulnerability typesExplore →

Secrets & Data Leaks

Data leaks often stem from hardcoded credentials, misconfigured access controls, or unencrypted data flows. This category covers vulnerabilities leading to the exposure of Personally Identifiable Information (PII), API keys, and enterprise secrets across modern software supply chains.

18 vulnerability typesExplore →

Security Ecosystem

OWASP Top 10

Web + API →

A01Broken Access Control A02Security Misconfiguration A03Software Supply Chain Failures A04Cryptographic Failures A05Injection

Compliance

All →

PCI-DSSFinancial Services SOX / GLBAFinancial Services DORAFinancial Services ISO 21434Automotive UNECE R155/R156Automotive FDA PremarketHealthcare HIPAAHealthcare SOC 2 / ISO 27001Cross-industry

24/7

Live CVE Monitoring

Scan Categories

< 60s

AutoFix PR Generation

30+

Languages Supported

Secure Every Workflow with Precogs AI

AI-native security embedded directly into your developer tools, repos, and pipelines — so protection happens continuously.

Scan Your Code Free See AI in Action

FAQ

Answers to Our Most Frequently Asked Questions

Common questions about our Vulnerability Intelligence Hub.

Where does the vulnerability data come from?

Our vulnerability data is continuously aggregated from authoritative sources including the NVD REST API, GitHub Advisory Database (OSV), and the CISA Known Exploited Vulnerabilities (KEV) Catalog, and then natively enriched by Precogs AI.

How often is the vulnerability database updated?

What is AI-enriched vulnerability intelligence?

🛡️ Data Sources & Integrity: Vulnerability intelligence is continuously aggregated and enriched from the NVD REST API, the GitHub Advisory Database (OSV), the CISA KEV Catalog, and proprietary heuristic behavioral analysis by Precogs AI.

Vulnerability Intelligence Hub

Recently Disclosed

CVE-2026-3457LIVEImproper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Thales Sentinel LDK Runtime on Windows allows Stored XSS.

CVE-2026-27860LIVEIf auth_username_chars is empty, it is possible to inject arbitrary LDAP filter to Dovecot's LDAP authentication.

CVE-2026-27859LIVEA mail message containing excessive amount of RFC 2231 MIME parameters causes LMTP to use too much CPU.

CVE-2026-27858LIVEAttacker can send a specifically crafted message before authentication that causes managesieve to allocate large amount of memory.

CVE-2026-27857LIVESending "NOOP (((.

CVE-2026-27856LIVEDoveadm credentials are verified using direct comparison which is susceptible to timing oracle attack.

CVE-2026-27855LIVEDovecot OTP authentication is vulnerable to replay attack under specific conditions.

CVE-2026-24031LIVEDovecot SQL based authentication can be bypassed when auth_username_chars is cleared by admin.

CVE-2026-0394LIVEWhen dovecot has been configured to use per-domain passwd files, and they are placed one path component above /etc, or slash has been added to allowed characters, path traversal can happen if the domain component is directory partial.

CVE-2025-59032LIVEManageSieve AUTHENTICATE command crashes when using literal as SASL initial response.

Notable Vulnerabilities

Log4Shell

Log4j DoS/RCE Bypass

Heartbleed

Apache Struts 2 RCE

EternalBlue

Spring4Shell

Intelligence Modules

Binary Security

AI-Generated Code

Secrets & Data Leaks

Financial Services Security

Automotive Cybersecurity

Healthcare & Medical Device Security

Government & Defense Cybersecurity

Retail & eCommerce Security

Manufacturing & ICS Security

Telecom & 5G Infrastructure Security

Energy & Utilities Cybersecurity

LLM01: Prompt Injection

LLM02: Insecure Output Handling

LLM03: Training Data Poisoning

LLM04: Model Denial of Service

LLM05: Supply Chain Vulnerabilities

LLM06: Sensitive Information Disclosure

Security Ecosystem

OWASP Top 10

Compliance

Secure Every Workflow with Precogs AI

Answers to Our Most Frequently Asked Questions

Where does the vulnerability data come from?

How often is the vulnerability database updated?

What is AI-enriched vulnerability intelligence?

CVE-2026-3457LIVEImproper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Thales Sentinel LDK Runtime on Windows allows Stored XSS.

CVE-2026-27860LIVEIf auth_username_chars is empty, it is possible to inject arbitrary LDAP filter to Dovecot's LDAP authentication.

CVE-2026-27859LIVEA mail message containing excessive amount of RFC 2231 MIME parameters causes LMTP to use too much CPU.

CVE-2026-27858LIVEAttacker can send a specifically crafted message before authentication that causes managesieve to allocate large amount of memory.

CVE-2026-27857LIVESending "NOOP (((.

CVE-2026-27856LIVEDoveadm credentials are verified using direct comparison which is susceptible to timing oracle attack.

CVE-2026-27855LIVEDovecot OTP authentication is vulnerable to replay attack under specific conditions.

CVE-2026-24031LIVEDovecot SQL based authentication can be bypassed when auth_username_chars is cleared by admin.

CVE-2026-0394LIVEWhen dovecot has been configured to use per-domain passwd files, and they are placed one path component above /etc, or slash has been added to allowed characters, path traversal can happen if the domain component is directory partial.

CVE-2025-59032LIVEManageSieve AUTHENTICATE command crashes when using literal as SASL initial response.