ZeroPath

# ZeroPath

> AI-powered application security platform that finds more vulnerabilities with fewer false positives. Trusted by engineering teams to secure code without slowing down development.

## Products

- [SAST](https://zeropath.com/products/sast): AI-native static analysis finding logic bugs and security flaws
- [SAST Autofix](https://zeropath.com/products/sast-autofix): One-click fixes for validated vulnerabilities
- [SCA](https://zeropath.com/products/sca): Dependency security with exploitability analysis
- [Secret Detection](https://zeropath.com/products/secrets): Find and validate exposed credentials
- [IaC Security](https://zeropath.com/products/iac): Infrastructure misconfigurations before deployment
- [PR Reviews](https://zeropath.com/products/pr-reviews): Automated security reviews for every pull request
- [Risk Management](https://zeropath.com/products/risk): Security analytics and vulnerability tracking
- [Policy Engine](https://zeropath.com/products/policy-engine): Custom security rules in natural language
- [Developer Tools](https://zeropath.com/products/dev-tools): IDE plugins and CLI tools
- [Enterprise](https://zeropath.com/products/enterprise): Advanced features for large organizations
- [Integrations](https://zeropath.com/products/integrations): Connect with your existing tools
- [White Label](https://zeropath.com/products/whitelabel): Branded security solutions
- [Managed AppSec](https://zeropath.com/products/managed-appsec): Full-service application security
- [Penetration Testing](https://zeropath.com/products/penetration-tests): Manual security assessments

## Solutions

- [For Security Teams](https://zeropath.com/solutions/security-teams): Centralized vulnerability management
- [For Enterprises](https://zeropath.com/solutions/enterprise): Scale security across large organizations
- [For DevOps](https://zeropath.com/solutions/dev-ops): Security integrated into CI/CD pipelines
- [For Developers](https://zeropath.com/solutions/application-security): Security that doesn't slow you down
- [Supply Chain Security](https://zeropath.com/solutions/supply-chain-security): Secure your dependencies
- [For MSSPs](https://zeropath.com/solutions/mssp): Multi-tenant security management
- [GRC & Compliance](https://zeropath.com/solutions/grc): Meet regulatory requirements
- [AI Code Review](https://zeropath.com/solutions/ai-code-review): Intelligent security analysis
- [AI AppSec](https://zeropath.com/solutions/ai-appsec): Next-gen application security
- [AI SAST](https://zeropath.com/solutions/ai-sast): Smart static analysis
- [DevSecOps](https://zeropath.com/solutions/dev-sec-ops): Shift security left
- [API Security](https://zeropath.com/solutions/api-security): Protect your APIs
- [Automate Compliance](https://zeropath.com/solutions/automate-compliance): Streamline compliance processes
- [Fintech](https://zeropath.com/solutions/fintech): Security for financial services
- [Healthcare](https://zeropath.com/solutions/healthcare): HIPAA-compliant security
- [Secure AI Code](https://zeropath.com/solutions/secure-ai-generated-code): Validate AI-generated code
- [Security Research](https://zeropath.com/solutions/security-research): Advanced threat detection

## Developer Tools

- [API Documentation](https://zeropath.com/docs): RESTful API for custom integrations
- [CLI Tool](https://github.com/ZeroPathAI/zeropath-cli): Command-line scanner for local testing
- [TypeScript SDK](https://www.npmjs.com/package/zeropath): Official SDK for JavaScript/TypeScript
- [MCP Server](https://github.com/ZeroPathAI/zeropath-mcp-server): AI assistant integration

## Resources

- [Blog](https://zeropath.com/blog): Security research and product updates
- [Insights](https://zeropath.com/blog/insights): Industry insights and best practices
- [CVE Analysis](https://zeropath.com/blog/cve-analysis): Vulnerability deep dives
- [Research](https://zeropath.com/blog/research): Security research findings
- [Product Updates](https://zeropath.com/blog/product): New features and improvements
- [Pricing](https://zeropath.com/pricing): Free tier available, paid plans from $200/month
- [Demo](https://calendly.com/d/z84-748-3wp/ZeroPath-product-demo): Schedule a personalized demo
- [Trust Center](https://zeropath.com/trust-center): SOC 2 Type II certified
- [Compare](https://zeropath.com/compare): See how we stack against alternatives
- [Wall of Fame](https://zeropath.com/wall): Vulnerabilities found using ZeroPath
- [RSS Feed](https://zeropath.com/blog/rss.xml): Subscribe to our blog updates

## Blog Posts

*Note: Showing all 509 published blog posts. For the latest updates, visit https://zeropath.com/blog*

### Product

- [Introducing ZeroPath: The Security Platform That Actually Understands Your Code](https://zeropath.com/blog/introducing-zeropath-v1) - Aug 12, 2025
- [How ZeroPath Works](https://zeropath.com/blog/how-zeropath-works) - Jul 6, 2025
- [Introducing ZeroPath’s Open-Source MCP Server](https://zeropath.com/blog/chat-with-your-appsec-scans) - Mar 27, 2025
- [How ZeroPath Compares](https://zeropath.com/blog/benchmarking-zeropath) - Nov 13, 2024

### CVE Analysis

- [Oracle E-Business Suite CVE-2025-61882: Brief Summary of a Critical Unauthenticated Remote Compromise](https://zeropath.com/blog/cve-2025-61882-oracle-ebs-critical-vulnerability) - Oct 4, 2025
- [WPRecovery Plugin CVE-2025-10726: SQL Injection and Arbitrary File Deletion – Brief Summary and Technical Review](https://zeropath.com/blog/cve-2025-10726-wprecovery-sql-injection-arbitrary-file-deletion) - Oct 3, 2025
- [Redis CVE-2025-49844: Brief Summary of Critical Lua Use-After-Free RCE Vulnerability](https://zeropath.com/blog/cve-2025-49844-redis-lua-use-after-free-rce) - Oct 3, 2025
- [Spirit Framework WordPress Plugin CVE-2025-6388: Brief Summary of a Critical Authentication Bypass](https://zeropath.com/blog/cve-2025-6388-spirit-framework-authentication-bypass) - Oct 3, 2025
- [JoomSport WordPress Plugin CVE-2025-7721: Brief Summary of Critical Local File Inclusion Vulnerability](https://zeropath.com/blog/cve-2025-7721-joomsport-wordpress-plugin-lfi-summary) - Oct 3, 2025
- [RestroPress WordPress Plugin CVE-2025-9209: Brief Summary of Critical Authentication Bypass](https://zeropath.com/blog/cve-2025-9209) - Oct 3, 2025
- [TextBuilder WordPress Plugin CVE-2025-9213: Brief Summary of a High-Severity CSRF Vulnerability](https://zeropath.com/blog/cve-2025-9213-textbuilder-csrf-summary) - Oct 3, 2025
- [Brief Summary of CVE-2025-9286: Privilege Escalation in Appy Pie Connect for WooCommerce Plugin](https://zeropath.com/blog/cve-2025-9286-appy-pie-connect-woocommerce-privilege-escalation) - Oct 3, 2025
- [OAuth SSO WordPress Plugin CVE-2025-9485: Brief Summary of Critical JWT Signature Verification Bypass](https://zeropath.com/blog/cve-2025-9485-oauth-sso-wordpress-plugin-jwt-bypass) - Oct 3, 2025
- [Redis CVE-2025-46817 Integer Overflow: Brief Summary and Technical Review](https://zeropath.com/blog/redis-cve-2025-46817-integer-overflow-summary) - Oct 3, 2025
- [Unity Editor CVE-2025-59489: Brief Summary of Untrusted Search Path and LFI Vulnerability](https://zeropath.com/blog/unity-cve-2025-59489-summary) - Oct 3, 2025
- [Rancher Manager SAML Authentication Token Phishing – Brief Summary of CVE-2024-58267](https://zeropath.com/blog/cve-2024-58267-rancher-saml-phishing-summary) - Oct 2, 2025
- [Splunk Enterprise CVE-2025-20371: Brief Summary of Unauthenticated Blind SSRF Vulnerability](https://zeropath.com/blog/cve-2025-20371-splunk-blind-ssrf-summary) - Oct 1, 2025
- [Suricata CVE-2025-59147: Brief Summary of TCP Detection Bypass in Network IDS/IPS](https://zeropath.com/blog/cve-2025-59147-suricata-tcp-detection-bypass-summary) - Oct 1, 2025
- [Argo CD CVE-2025-59531: Brief Summary of a Denial of Service Vulnerability in Webhook Handler](https://zeropath.com/blog/cve-2025-59531-argo-cd-dos-webhook-summary) - Oct 1, 2025
- [Argo CD CVE-2025-59537: Brief Summary of a NULL Pointer Dereference Vulnerability in Webhook Handler](https://zeropath.com/blog/cve-2025-59537-argo-cd-null-pointer-dereference-summary) - Oct 1, 2025
- [Argo CD CVE-2025-59538: Brief Summary of a Remote DoS Vulnerability in Azure DevOps Webhook Handler](https://zeropath.com/blog/cve-2025-59538-argo-cd-dos-azuredevops-webhook-summary) - Oct 1, 2025
- [Django CVE-2025-59681: Brief Summary of a High-Severity SQL Injection Vulnerability in QuerySet Methods](https://zeropath.com/blog/django-cve-2025-59681-sql-injection-summary) - Oct 1, 2025
- [Brief Summary of CVE-2025-10659: Command Injection in MegaSys Telenium Online Web Application](https://zeropath.com/blog/cve-2025-10659-telenium-command-injection) - Sep 30, 2025
- [Red Hat OpenShift AI CVE-2025-10725 Privilege Escalation: Brief Summary and Technical Review](https://zeropath.com/blog/cve-2025-10725-redhat-openshift-ai-privilege-escalation) - Sep 30, 2025
- [LatePoint WordPress Plugin CVE-2025-7038 Authentication Bypass: Brief Summary and Technical Review](https://zeropath.com/blog/cve-2025-7038-latepoint-authentication-bypass-summary) - Sep 30, 2025
- [LatePoint WordPress Plugin CVE-2025-7052: Brief Summary of a Critical CSRF Vulnerability](https://zeropath.com/blog/cve-2025-7052-latepoint-csrf-summary) - Sep 30, 2025
- [Copypress Rest API WordPress Plugin CVE-2025-8625: Brief Summary of Critical Remote Code Execution Vulnerability](https://zeropath.com/blog/cve-2025-8625-copypress-rest-api-rce-summary) - Sep 30, 2025
- [Post By Email WordPress Plugin CVE-2025-9762 Arbitrary File Upload: Brief Summary and Technical Review](https://zeropath.com/blog/cve-2025-9762-wordpress-post-by-email-arbitrary-file-upload) - Sep 30, 2025
- [FreeIPA CVE-2025-7493: Brief Summary of a Critical Host-to-Domain Admin Privilege Escalation Flaw](https://zeropath.com/blog/freeipa-cve-2025-7493-brief-summary) - Sep 30, 2025