Skip to content

Information Disclosure: Exploitable CVE

Identifier: exploitable_cve

Scanner(s) Support

GraphQL Scanner REST Scanner WebApp Scanner ASM Scanner

Description

Technologies with known CVEs that have been confirmed exploitable on the target by an AI agent.

How we test: After detecting technologies and their known CVEs, we use an AI-powered agent with browser access to interact with the target application and confirm whether each CVE is actually exploitable in context. The agent validates version applicability, checks for mitigations, and attempts proof-of-concept exploitation.

Configuration

Example

Example configuration:

---
security_tests:
  exploitable_cve:
    skip: false

Reference

skip

Type : boolean

Skip the test if true.