FARION.AI
  • Home
  • Pricing
  • About
  • Contact
Sign in
Exploitability analysis for modern AppSec teams

See which vulnerabilities actually matter.

Farion evaluates vulnerabilities in the context of real application paths, data flows, and dependencies — turning scanner findings into traceable decisions, evidence, and concrete fixes.

95% fewer false positives
Hosted in Germany
Built for regulated environments
​
NameExploitabilityCVEsCWEs

Get/restaurants/:id/menu

-55

Get/orders/:id/track

-1—

Post/auth/login

-77
SQL injection in user lookup query
HIGHLine 42•AI: 0.92%
Hardcoded JWT secret detected
MEDIUMLine 58•AI: 0.88%
A03:2021 – SQL injection in user lookup query
CWE-89•SAST•HIGH

User-supplied email from req.body is concatenated directly into a raw SQL string without parameterization, allowing an attacker to inject arbitrary SQL commands.

AI Analysis by Farion
True Positive

SQL injection confirmed: user input from req.body.email is concatenated into a raw SQL query without parameterization.

Key Evidence:
•String concatenation in SQL query at line 42
•Input flows from req.body.email
DATA FLOW ANALYSIS: Shows how tainted data flows from source to exploitable sink
src/routes/auth.js → Client.query
Library sinkClient.query

DATA FLOW:

  1. →

src/lib/db.js (db.js:12 query)

12
async function query(sql) {
13
const client = await pool.connect();
14
const result = await client.query(sql);
15
client.release();
16
return result;
17
}

Post/orders

-11

Get/users/api

-77

Get/search/export

-1—

Get/restaurants/feed

-52

Put/users/:id

-53

Get/restaurants/:id

-1—

Get/orders

-1—

Get/admin/dashboard

-21

Get/users/:id/profile

-21

Post/auth/reset-password

-32

Get/health

-——

Post/payments/checkout

-32

Get/config/features

-1—

Delete/users/:id

-43

Put/orders/:id/status

-11
The problem

NIS2 and CRA require triage for every vulnerability — but around 90% are not exploitable.

Farion AI handles triage and fixes the rest automatically. Private security AI, hosted in Germany.

Typical triage funnel — with Farion
SBOM

420

findings in the SBOM

across 3,200+ dependencies incl. transitive packages

Reachable

180

findings on live code paths

after call-graph analysis against real runtime code

-57%
Tainted

58

reachable with tainted user input

after source-to-sink taint analysis

-68%
Exploitable

7

with an available exploit

after assessing real attack chains

-88%
Platform Capabilities

What makes Farion different

Concrete security insights — not abstract dashboards. Every feature is designed to answer one question: Is this finding a real risk?

Route Analysis
Find the most critical endpoints

Every relevant HTTP endpoint with its exploitability score, CVEs, and CWEs at a glance — ranked by real risk, not just severity.

Understand a finding in context

Expand an endpoint and its SCA, SAST, and DAST findings group by category — you instantly see which finding belongs to which route.

Trace the data flow to the vulnerability

From controllable input through functions and services to the critical sink. Reachability alone isn't enough — the real data flow is what counts.

Assess real-world exploitability

Only now does the AI weigh in — with a clear verdict and evidence: confirmed exploitable, needs review, or not exploitable.

Generate a fix straight away

Analysis becomes remediation: a concrete patch suggestion with a code diff and a prepared pull request.

SCA Triage

Dependency triage by real exploitability

Triage by real exploitability

Every dependency ranked by reachability, KEV, and EPSS — so you act on what is actually exploitable, not just what scores high on CVSS.

Filter the noise away

Slice the full dependency tree by severity, reachability, fixability, and license — the long tail of unreachable findings collapses out of view.

Decide without leaving the table

Open any library for its CVEs, license obligations, dependency paths, and the exact fix version — every signal in one place.

FILTERS
payment-service
main11.06.2026
​
/
​

Dependencies

Reachability
All
​
Source
All
​

Risk & Exploitation


Ecosystem & License


Saved views
KEV + Fix
Reachable + Fix
No Fix Available
Tip: click column headers to sort.
License Compliance

License analysis that goes beyond metadata

Full license text parsing

Goes beyond npm/Maven metadata by parsing actual license files from every dependency — catching mislabeled or missing licenses.

Policy violation detection

Automatically flags dependencies whose licenses conflict with your distribution model — copyleft in a closed-source product, attribution requirements you haven't fulfilled.

Static rules + AI evaluation

Combines a rule engine for known licenses with AI for ambiguous or custom license texts that automated tools usually miss.

ANALYZED LIBRARIES (5)
node-forge1.3.1
GPL-3.0
json-schema0.4.0
AFL-2.1
moment2.29.4
MIT
lodash4.17.21
MIT
express4.18.2
MIT
LICENSE TEXTPOLICY VIOLATION
GPL-3.0

node-forge@1.3.1

GPL-3.0 requires all derivative works to be released under the same terms. Incompatible with closed-source commercial distribution.
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007

Copyright (C) 2007 Free Software Foundation, Inc.
<https://fsf.org/>

TERMS AND CONDITIONS

0. Definitions.

"The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations.

To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work.

1. Source Code. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-warranty terms apply to the code; and give all recipients a copy of this License along with the Program.
AI Exploitability

Know which findings are real threats

Data flow analysis

Traces user input through your code to determine whether it can actually reach the vulnerable function — not just whether the library is imported.

Public exploit cross-reference

Cross-references EPSS scores, Metasploit modules, and public PoC availability to estimate real-world exploitation likelihood.

AI classification with evidence

Every finding gets a verdict (true positive, false positive, or needs review) with bullet-point evidence explaining the reasoning in plain language.

AI Analysis by Farion
True Positive

This CVE-2024-38816 path traversal in spring-webmvc is reachable through the /api/v1/files/upload endpoint. The vulnerable FileSystemResource is directly instantiated with user-controlled input from the request path parameter without sanitization.

Key Evidence:
•User input flows from REST controller to FileSystemResource constructor without validation
•Public exploit available (Metasploit module since Sept 2024)
•EPSS score 0.89 — actively exploited in the wild
•No WAF or input filter detected in the request chain

End manual vulnerability assessment

Farion shows which findings actually matter, explains why, and supports verification, remediation, and compliance.

FARION.AI
© 2026 Nexode Consulting GmbH. All rights reserved.
sales@farion.ai · Privacy · Imprint ·