Netlas Python SDK & CLI v0.8.2 is now available via
This release adds SDK and CLI support for the new Private Scanner Reports feature introduced in Netlas v1.7.
Details at https://docs.netlas.io/changelog/
pip and brew.This release adds SDK and CLI support for the new Private Scanner Reports feature introduced in Netlas v1.7.
Details at https://docs.netlas.io/changelog/
docs.netlas.io
Changelog - Netlas Docs
Explore the latest updates, enhancements, and fixes on the Netlas platform. Stay informed with our Changelog for all product and feature developments.
🔥8
🚧 Planned Maintenance
Netlas will be unavailable for up to two hours on the weekend of April 26, 2026, starting at 08:00 UTC.
We will be reconfiguring our network. We expect the downtime to be no longer than two hours and will work to complete it as quickly as possible.
Thank you for your understanding and patience. We are sorry for any inconvenience this may cause.
Netlas will be unavailable for up to two hours on the weekend of April 26, 2026, starting at 08:00 UTC.
We will be reconfiguring our network. We expect the downtime to be no longer than two hours and will work to complete it as quickly as possible.
Thank you for your understanding and patience. We are sorry for any inconvenience this may cause.
😢2❤1👍1🥰1
CVE-2026-3844: Unrestricted Arbitrary File Upload in Breeze WordPress plugin, 9.8 rating 🔥
Unrestricted Arbitrary File Upload in Breeze WordPress plugin allows an unauthenticated attacker to upload web shell and execute it remotely. This vulnerability is already being actively exploited in the wild!
Search at Netlas.io:
👉 https://nt.ls/61VeQ
👉 Dork: http.body:"plugins/breeze"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/breeze/breeze-cache-244-unauthenticated-arbitrary-file-upload-via-fetch-gravatar-from-remote
Unrestricted Arbitrary File Upload in Breeze WordPress plugin allows an unauthenticated attacker to upload web shell and execute it remotely. This vulnerability is already being actively exploited in the wild!
Search at Netlas.io:
👉 https://nt.ls/61VeQ
👉 Dork: http.body:"plugins/breeze"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/breeze/breeze-cache-244-unauthenticated-arbitrary-file-upload-via-fetch-gravatar-from-remote
🔥4👍2❤1
CVE-2026-42231 and CVE-2026-42232: Two Prototype Pollution vulnerabilities in n8n, 9.4 & 10.0 rating 🔥🔥
Two recently disclosed Prototype Pollution vulnerabilities in n8n allow an authenticated attacker to execute arbitrary code on the server.
Search at Netlas.io:
👉 https://nt.ls/beZWa
👉 Dork: http.title:"n8n.io - Workflow Automation"
Read more: https://github.com/n8n-io/n8n/security
Two recently disclosed Prototype Pollution vulnerabilities in n8n allow an authenticated attacker to execute arbitrary code on the server.
Search at Netlas.io:
👉 https://nt.ls/beZWa
👉 Dork: http.title:"n8n.io - Workflow Automation"
Read more: https://github.com/n8n-io/n8n/security
❤4👍2🔥2
CVE-2026-42208: SQL Injection in LiteLLM, 9.3 rating 🔥
Pre-authentication SQL Injection in LiteLLM allows an attacker to read data from the proxy's database and modify it. This vulnerability is already being actively exploited in the wild!
Search at Netlas.io:
👉 https://nt.ls/4MNkt
👉 Dork: http.title:LiteLLM OR http.favicon.hash_sha256:26e3e882e76c2dc171b1bda49455641e812b3524f1692729b1fde849b7d52a6f
Read more: https://webflow.sysdig.com/blog/cve-2026-42208-targeted-sql-injection-against-litellms-authentication-path-discovered-36-hours-following-vulnerability-disclosure
Pre-authentication SQL Injection in LiteLLM allows an attacker to read data from the proxy's database and modify it. This vulnerability is already being actively exploited in the wild!
Search at Netlas.io:
👉 https://nt.ls/4MNkt
👉 Dork: http.title:LiteLLM OR http.favicon.hash_sha256:26e3e882e76c2dc171b1bda49455641e812b3524f1692729b1fde849b7d52a6f
Read more: https://webflow.sysdig.com/blog/cve-2026-42208-targeted-sql-injection-against-litellms-authentication-path-discovered-36-hours-following-vulnerability-disclosure
❤2👍2🥰2🔥1
This media is not supported in your browser
VIEW IN TELEGRAM
🚀 Introducing the Netlas Docs MCP Server
We believe most of you already use AI agents in your daily work, so we decided to make Netlas easier to use with them.
Meet the Netlas Docs MCP Server — a simple way to give AI assistants direct access to the latest Netlas documentation and reference data.
Now your assistant can:
• find exact field names for queries
• explain how data is indexed and searched
• check API endpoints and formats
• pull up-to-date plan and feature details
If you rely on Netlas for research, automation, or bug bounty work, this helps your AI tools stay accurate and up to date.
👉 Get started: https://docs.netlas.io/knowledge-base/mcp-server/
We believe most of you already use AI agents in your daily work, so we decided to make Netlas easier to use with them.
Meet the Netlas Docs MCP Server — a simple way to give AI assistants direct access to the latest Netlas documentation and reference data.
Now your assistant can:
• find exact field names for queries
• explain how data is indexed and searched
• check API endpoints and formats
• pull up-to-date plan and feature details
If you rely on Netlas for research, automation, or bug bounty work, this helps your AI tools stay accurate and up to date.
👉 Get started: https://docs.netlas.io/knowledge-base/mcp-server/
🔥7❤🔥2👍2❤1
CVE-2026-0204 and other: Several vulnerabilities in SonicWall SonicOS, up to 8.0 rating 🔥
Several vulnerabilities in SonicWall SonicOS allow attacker to bypass access controls, to interact with usually restricted services, or to crash a firewall.
Search at Netlas.io:
👉 Link: https://nt.ls/H8DoW
👉 Dork: http.favicon.hash_sha256:6bb6f64adaa6a7ed4da10a2fe4edf4cb4d9914aa742c7ad607ca4ca678dcd3f1 OR certificate.subject_dn:"HTTPS Management Certificate for SonicWALL (self-signed)"
Vendor's advisory: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0004
Several vulnerabilities in SonicWall SonicOS allow attacker to bypass access controls, to interact with usually restricted services, or to crash a firewall.
Search at Netlas.io:
👉 Link: https://nt.ls/H8DoW
👉 Dork: http.favicon.hash_sha256:6bb6f64adaa6a7ed4da10a2fe4edf4cb4d9914aa742c7ad607ca4ca678dcd3f1 OR certificate.subject_dn:"HTTPS Management Certificate for SonicWALL (self-signed)"
Vendor's advisory: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0004
🔥4❤2👍2
CVE-2026-23918 and other: Several vulnerabilities in Apache HTTP Server, up to 8.8 rating 🔥
Several vulnerabilities in Apache HTTP Server allow attacker to achieve RCE on the server, to bypass authentication, or escalate privileges.
Search at Netlas.io:
👉 Link: https://nt.ls/I4fYP
👉 Dork: tag.name:"apache_http_server"
Vendor's advisory: https://httpd.apache.org/security/vulnerabilities_24.html
Several vulnerabilities in Apache HTTP Server allow attacker to achieve RCE on the server, to bypass authentication, or escalate privileges.
Search at Netlas.io:
👉 Link: https://nt.ls/I4fYP
👉 Dork: tag.name:"apache_http_server"
Vendor's advisory: https://httpd.apache.org/security/vulnerabilities_24.html
🔥5❤1👍1
CVE-2026-23870: DoS in React Server Components, 7.5 rating 🔥
DoS vulnerability in React Server Components allows an attacker to disable the web application by exhausting server resources. This vulnerability requires a specific architectural setup to be exploited.
Search at Netlas.io:
👉 Link: https://nt.ls/akCFc
👉 Dork: tag.name:"react"
Vendor's advisory: https://github.com/facebook/react/security/advisories/GHSA-rv78-f8rc-xrxh
DoS vulnerability in React Server Components allows an attacker to disable the web application by exhausting server resources. This vulnerability requires a specific architectural setup to be exploited.
Search at Netlas.io:
👉 Link: https://nt.ls/akCFc
👉 Dork: tag.name:"react"
Vendor's advisory: https://github.com/facebook/react/security/advisories/GHSA-rv78-f8rc-xrxh
🔥5👍2❤1
CVE-2026-29202 & CVE-2026-29203: Two vulnerabilities in cPanel, 8.8 rating 🔥
The first vulnerability in cPanel allows an attacker to execute arbitrary commands directly on the server via Perl injection (CVE-2026-29202). The second one (CVE-2026-29203) leads to denial of service and possible privilege escalation.
Search at Netlas.io:
👉 Link: https://nt.ls/2en2n
👉 Dork: http.title:cpanel OR http.headers.set_cookie:"cprelogin" OR http.headers.set_cookie:"cpsession"
Vendor's advisory: https://support.cpanel.net/hc/en-us/articles/40311426610327-Security-CVE-2026-29202-cPanel-WHM-WP2-Security-Update-May-08-2026
https://support.cpanel.net/hc/en-us/articles/40311543760407-Security-CVE-2026-29203-cPanel-WHM-WP2-Security-Update-May-08-2026
The first vulnerability in cPanel allows an attacker to execute arbitrary commands directly on the server via Perl injection (CVE-2026-29202). The second one (CVE-2026-29203) leads to denial of service and possible privilege escalation.
Search at Netlas.io:
👉 Link: https://nt.ls/2en2n
👉 Dork: http.title:cpanel OR http.headers.set_cookie:"cprelogin" OR http.headers.set_cookie:"cpsession"
Vendor's advisory: https://support.cpanel.net/hc/en-us/articles/40311426610327-Security-CVE-2026-29202-cPanel-WHM-WP2-Security-Update-May-08-2026
https://support.cpanel.net/hc/en-us/articles/40311543760407-Security-CVE-2026-29203-cPanel-WHM-WP2-Security-Update-May-08-2026
🔥5❤1👍1
CVE-2026-43640: Missing authentication in JetBrains TeamCity, 8.2 rating 🔥
Vulnerability in JetBrains TeamCity allows an authenticated user to expose server API to unauthorized access.
Search at Netlas.io:
👉 Link: https://nt.ls/7tWNf
👉 Dork: http.headers.set_cookie:TCSESSIONID OR http.title:"teamcity" OR http.unknown_headers.key:"teamcity_node_id" OR http.meta:"teamcity"
Read more:
https://www.jetbrains.com/privacy-security/issues-fixed/
Vulnerability in JetBrains TeamCity allows an authenticated user to expose server API to unauthorized access.
Search at Netlas.io:
👉 Link: https://nt.ls/7tWNf
👉 Dork: http.headers.set_cookie:TCSESSIONID OR http.title:"teamcity" OR http.unknown_headers.key:"teamcity_node_id" OR http.meta:"teamcity"
Read more:
https://www.jetbrains.com/privacy-security/issues-fixed/
🔥3❤1👍1