CVE-2026-31381

• Gainsight/Assist

  cpe:2.3:a:gainsight:assist:-:*:*:*:*:*:*:*

No patches discovered yet.

AI mechanics synthesis has not run for this CVE yet.

• www.rapid7.com/blog/post/ve-cve-2026-31381-cve-2026-31382-gainsight-assist-information-disclosure-xss-fixednvdThird Party Advisory
• communities.gainsight.com/community-news-2/recent-gainsight-assist-plugin-remediations-cve-2026-31381-and-cve-2026-31382-30587nvdVendor Advisory

• Thus Spoke…The Gentlemen
  Check Point Research · May 13, 2026
• Double Canvas breach acknowledged as ShinyHunters sets new pay-or-leak deadline
  The Register Security · May 11, 2026
• BWH Hotels guests warned after reservation data checks out with cybercrooks
  The Register Security · May 11, 2026
• The questionnaire-based TPRM model is broken, and TrustCloud has a fix
  Help Net Security · May 11, 2026
• Iran cybersnoops still LARPing as ransomware crooks in espionage ops
  The Register Security · May 6, 2026
• Muddying the Tracks: The State-Sponsored Shadow Behind Chaos Ransomware
  Rapid7 Blog · May 6, 2026
• ServiceNow clears agents for landing with new AI control tower
  The Register Security · May 5, 2026
• TeamPCP Supply Chain Campaign: Update 008 - 26-Day Pause Ends with Three Concurrent Compromises (Checkmarx KICS, Bitwarden CLI Cascade, xinference PyPI), CanisterSprawl npm Worm Identified, and Tier 1 Coverage Returns, (Mon, Apr 27th)
  SANS Internet Storm Center · Apr 27, 2026
• Project Glasswing and the Next Challenge for Defenders: Turning Faster Discovery into Faster Action
  Rapid7 Blog · Apr 20, 2026
• The Increasing Role of AI in Vulnerability Research
  Wordfence Blog · Apr 10, 2026