Findings you can
actually prove.
VulntraceAI traces source to sink, scores its own confidence, and keeps the advisory locked until you've validated the proof-of-concept on your own machine.
FTP ignores --upload-only
8.5HIGHgoshs · archetype G
Disclosure locked
validate the PoC to unlock
The report stays locked until it's real.
No advisory, no CVSS, no disclosure text is generated until a human runs the PoC and confirms it. The lock is enforced in code, not in a guideline — so a finding can never ship unproven.
unlock_reporting() needs your explicit confirmation plus ≥2 independent evidence signals. Model reasoning alone can never open it.
Proven, then disclosed.
Every row is a validated, publicly-credited advisory — not a scanner hit.
Empty-username SFTP auth bypass
goshs · CVE-2026-40884
- CVE-2026-47140vm2Sandbox escape to RCEI·F10.0CRITICAL
- CVE-2026-40884goshsEmpty-username SFTP auth bypassG9.8CRITICAL
- CVE-2026-42596GotenbergUnauthenticated SSRF via deny-list bypassF9.4CRITICAL
- CVE-2026-40289PraisonAIUnauth WebSocket session hijackH9.1CRITICAL
- CVE-2026-40876goshsSFTP root escape via prefix validationG·F8.7HIGH
- CVE-2026-42221nginx-uiFirst-run installer to admin claimBOOT8.1HIGH
Five steps. One verified disclosure.
Scan a repo
Point the local Companion at owner/repo. Eight phases run on your machine — your code never leaves it.
Score & triage
Each candidate gets a multi-signal confidence score. Lone pattern hits are capped low by design.
Generate a PoC
A safe, local-only verifier with a negative control. We tell you to stop and run it yourself.
Validate
Run it, confirm the evidence, type the phrase. The lock springs open — and only then.
Disclose
Advisory, CVSS v4, and a maintainer-acceptance estimate. You file it privately. We never auto-submit.
Recon → Architecture → Intent → Advisories → Attack surface → Deep analysis → Validation → Report
Stop shipping maybes. Ship proof.
Run it from the browser, or keep everything local with the Companion.