Vulnerability Intelligence Hub

Q: Where does the vulnerability data come from?

Our vulnerability data is continuously aggregated from authoritative sources including the NVD REST API, GitHub Advisory Database (OSV), and the CISA Known Exploited Vulnerabilities (KEV) Catalog, and then natively enriched by Precogs AI.

Q: How often is the vulnerability database updated?

The Precogs Vulnerability Intelligence Hub is updated 24/7 with real-time monitoring of newly disclosed CVEs and emerging AI threats.

Q: What is AI-enriched vulnerability intelligence?

AI-enriched vulnerability intelligence uses advanced machine learning models (the Precogs AI Analysis Engine) to analyze raw CVE data, providing automated remediation guidance, predicting exploitability, and generating AutoFix pull requests in under 60 seconds.

AI-enriched security intelligence for binary analysis, AI-generated code, secrets & data leaks, and compliance — by Precogs AI.

●Database Last Updated: 27 Mar 2026

Verified by Precogs Threat Research

What is the Precogs Vulnerability Intelligence Hub?

It is a continuously updated, AI-enriched database that tracks the latest Common Vulnerabilities and Exposures (CVEs) and Common Weakness Enumerations (CWEs) across AI-generated code, binary architectures, and web applications. It provides real-time remediation guidance and is powered by the Precogs AI Analysis Engine, syncing data from the NVD, GitHub Advisory Database, and CISA KEV catalog.

AI Code Binary Security Secrets & Data Leaks Compliance

Recently Disclosed

CVE-2026-4948LIVEA flaw was found in firewalld.

CVSS 5.5 · CWE-279

27 Mar 2026

CVE-2026-34353LIVEIn OCaml through 4.

CVSS 5.9 · CWE-190

27 Mar 2026

CVE-2026-33559LIVEWordPress Plugin "OpenStreetMap" provided by MiKa contains a cross-site scripting vulnerability.

CWE-79

27 Mar 2026

CVE-2026-33366LIVEMissing authentication for critical function vulnerability in BUFFALO Wi-Fi router products may allow an attacker to forcibly reboot the product without authentication.

CWE-306

27 Mar 2026

CVE-2026-33280LIVEHidden functionality issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to gain access to the product’s debugging functionality, resulting in the execution of arbitrary OS commands.

CWE-912

27 Mar 2026

CVE-2026-32678LIVEAuthentication bypass issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to alter critical configuration settings without authentication.

CWE-288

27 Mar 2026

CVE-2026-32669LIVECode injection vulnerability exists in BUFFALO Wi-Fi router products.

CWE-94

27 Mar 2026

CVE-2026-27650LIVEOS Command Injection vulnerability exists in BUFFALO Wi-Fi router products.

CWE-78

27 Mar 2026

CVE-2026-22744LIVEIn RedisFilterExpressionConverter of spring-ai-redis-store, when a user-controlled string is passed as a filter value for a TAG field, stringValue() inserts the value directly into the @field:{VALUE} RediSearch TAG block without escaping characters.

CVSS 7.5 ·

27 Mar 2026

CVE-2026-22743LIVESpring AI's spring-ai-neo4j-store contains a Cypher injection vulnerability in Neo4jVectorFilterExpressionConverter.

CVSS 7.5 ·

27 Mar 2026

Loading live feed...

Notable Vulnerabilities

View All →

Log4Shell

CRITICAL

CVE-2021-44228 · Apache Log4j 2.x < 2.15.0

Log4j DoS/RCE Bypass

CRITICAL

CVE-2021-45046 · Apache Log4j 2.x < 2.16.0

Heartbleed

HIGH

CVE-2014-0160 · OpenSSL 1.0.1 through 1.0.1f

Apache Struts 2 RCE

CRITICAL

CVE-2017-5638 · Apache Struts 2.x < 2.3.32 / 2.5.x < 2.5.10.1

EternalBlue

HIGH

CVE-2017-0144 · Microsoft Windows SMBv1

Spring4Shell

CRITICAL

CVE-2022-22965 · Spring Framework 5.3.x < 5.3.18 / 5.2.x < 5.2.20

Intelligence Modules

Binary Security

Binary analysis discovers vulnerabilities in compiled software—containers, firmware, and third-party vendor applications—without requiring access to the original source code. Precogs AI provides deep visibility into memory corruption, hardcoded secrets, and cryptographic flaws post-compilation.

27 vulnerability typesExplore →

AI-Generated Code

AI code assistants like GitHub Copilot, ChatGPT, Cursor, and Claude frequently generate code containing security vulnerabilities. Studies show up to 40% of AI-generated code contains at least one security flaw. Precogs AI pre-LLM filters detect and prevent these flaws before they enter your codebase — including injection attacks, hardcoded secrets, broken authentication, and insecure deserialization patterns.

22 vulnerability typesExplore →

Secrets & Data Leaks

Data leaks often stem from hardcoded credentials, misconfigured access controls, or unencrypted data flows. This category covers vulnerabilities leading to the exposure of Personally Identifiable Information (PII), API keys, and enterprise secrets across modern software supply chains.

18 vulnerability typesExplore →

Security Ecosystem

OWASP Top 10

Web + API →

A01Broken Access Control A02Security Misconfiguration A03Software Supply Chain Failures A04Cryptographic Failures A05Injection

Compliance

All →

PCI-DSSFinancial Services SOX / GLBAFinancial Services DORAFinancial Services ISO 21434Automotive UNECE R155/R156Automotive FDA PremarketHealthcare HIPAAHealthcare SOC 2 / ISO 27001Cross-industry

24/7

Live CVE Monitoring

Scan Categories

< 60s

AutoFix PR Generation

30+

Languages Supported

Secure Every Workflow with Precogs AI

AI-native security embedded directly into your developer tools, repos, and pipelines — so protection happens continuously.

Scan Your Code Free See AI in Action

FAQ

Answers to Our Most Frequently Asked Questions

Common questions about our Vulnerability Intelligence Hub.

Where does the vulnerability data come from?

Our vulnerability data is continuously aggregated from authoritative sources including the NVD REST API, GitHub Advisory Database (OSV), and the CISA Known Exploited Vulnerabilities (KEV) Catalog, and then natively enriched by Precogs AI.

How often is the vulnerability database updated?

What is AI-enriched vulnerability intelligence?

🛡️ Data Sources & Integrity: Vulnerability intelligence is continuously aggregated and enriched from the NVD REST API, the GitHub Advisory Database (OSV), the CISA KEV Catalog, and proprietary heuristic behavioral analysis by Precogs AI.

Vulnerability Intelligence Hub

Recently Disclosed

CVE-2026-4948LIVEA flaw was found in firewalld.

CVE-2026-34353LIVEIn OCaml through 4.

CVE-2026-33559LIVEWordPress Plugin "OpenStreetMap" provided by MiKa contains a cross-site scripting vulnerability.

CVE-2026-33366LIVEMissing authentication for critical function vulnerability in BUFFALO Wi-Fi router products may allow an attacker to forcibly reboot the product without authentication.

CVE-2026-33280LIVEHidden functionality issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to gain access to the product’s debugging functionality, resulting in the execution of arbitrary OS commands.

CVE-2026-32678LIVEAuthentication bypass issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to alter critical configuration settings without authentication.

CVE-2026-32669LIVECode injection vulnerability exists in BUFFALO Wi-Fi router products.

CVE-2026-27650LIVEOS Command Injection vulnerability exists in BUFFALO Wi-Fi router products.

CVE-2026-22744LIVEIn RedisFilterExpressionConverter of spring-ai-redis-store, when a user-controlled string is passed as a filter value for a TAG field, stringValue() inserts the value directly into the @field:{VALUE} RediSearch TAG block without escaping characters.

CVE-2026-22743LIVESpring AI's spring-ai-neo4j-store contains a Cypher injection vulnerability in Neo4jVectorFilterExpressionConverter.

Notable Vulnerabilities

Log4Shell

Log4j DoS/RCE Bypass

Heartbleed

Apache Struts 2 RCE

EternalBlue

Spring4Shell

Intelligence Modules

Binary Security

AI-Generated Code

Secrets & Data Leaks

Financial Services Security

Automotive Cybersecurity

Healthcare & Medical Device Security

Government & Defense Cybersecurity

Retail & eCommerce Security

Manufacturing & ICS Security

Telecom & 5G Infrastructure Security

Energy & Utilities Cybersecurity

LLM01: Prompt Injection

LLM02: Insecure Output Handling

LLM03: Training Data Poisoning

LLM04: Model Denial of Service

LLM05: Supply Chain Vulnerabilities

LLM06: Sensitive Information Disclosure

Security Ecosystem

OWASP Top 10

Compliance

Secure Every Workflow with Precogs AI

Answers to Our Most Frequently Asked Questions

Where does the vulnerability data come from?

How often is the vulnerability database updated?

What is AI-enriched vulnerability intelligence?

CVE-2026-4948LIVEA flaw was found in firewalld.

CVE-2026-34353LIVEIn OCaml through 4.

CVE-2026-33559LIVEWordPress Plugin "OpenStreetMap" provided by MiKa contains a cross-site scripting vulnerability.

CVE-2026-33366LIVEMissing authentication for critical function vulnerability in BUFFALO Wi-Fi router products may allow an attacker to forcibly reboot the product without authentication.

CVE-2026-33280LIVEHidden functionality issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to gain access to the product’s debugging functionality, resulting in the execution of arbitrary OS commands.

CVE-2026-32678LIVEAuthentication bypass issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to alter critical configuration settings without authentication.

CVE-2026-32669LIVECode injection vulnerability exists in BUFFALO Wi-Fi router products.

CVE-2026-27650LIVEOS Command Injection vulnerability exists in BUFFALO Wi-Fi router products.

CVE-2026-22744LIVEIn RedisFilterExpressionConverter of spring-ai-redis-store, when a user-controlled string is passed as a filter value for a TAG field, stringValue() inserts the value directly into the @field:{VALUE} RediSearch TAG block without escaping characters.

CVE-2026-22743LIVESpring AI's spring-ai-neo4j-store contains a Cypher injection vulnerability in Neo4jVectorFilterExpressionConverter.