{"year":2026,"cves":[{"cve_id":"CVE-2026-000","repositories":[{"id":1197017415,"name":"biotime-CVE-2026-000-Auth-rce","full_name":"r3m0t3nu11/biotime-CVE-2026-000-Auth-rce","html_url":"https://github.com/r3m0t3nu11/biotime-CVE-2026-000-Auth-rce","description":"Biotime 9.5 auth rce ","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-13T18:58:53Z","pushed_at":"2026-04-13T18:58:48Z","created_at":"2026-03-31T08:54:01Z","topics":[],"owner":{"login":"r3m0t3nu11","html_url":"https://github.com/r3m0t3nu11"},"clone_url":"https://github.com/r3m0t3nu11/biotime-CVE-2026-000-Auth-rce.git"}]},{"cve_id":"CVE-2026-00001","repositories":[{"id":1125767932,"name":"POC-CVE-2026-00001","full_name":"sufnir/POC-CVE-2026-00001","html_url":"https://github.com/sufnir/POC-CVE-2026-00001","description":"FIRST NAH","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-26T18:37:23Z","pushed_at":"2026-02-26T18:37:05Z","created_at":"2025-12-31T10:19:44Z","topics":[],"owner":{"login":"sufnir","html_url":"https://github.com/sufnir"},"clone_url":"https://github.com/sufnir/POC-CVE-2026-00001.git"}]},{"cve_id":"CVE-2026-0006","repositories":[{"id":1214609049,"name":"CVE-2026-0006-openapv-poc","full_name":"mobilehackinglab/CVE-2026-0006-openapv-poc","html_url":"https://github.com/mobilehackinglab/CVE-2026-0006-openapv-poc","description":"CVE-2026-0006: Heap buffer overflow PoC for libopenapv (Android APV codec) - CVSS 9.8","stargazers_count":4,"forks_count":2,"language":"C","updated_at":"2026-04-28T22:29:31Z","pushed_at":"2026-04-22T10:09:20Z","created_at":"2026-04-18T20:05:22Z","topics":[],"owner":{"login":"mobilehackinglab","html_url":"https://github.com/mobilehackinglab"},"clone_url":"https://github.com/mobilehackinglab/CVE-2026-0006-openapv-poc.git"},{"id":1162121179,"name":"cve-2026-0006","full_name":"aydin5245/cve-2026-0006","html_url":"https://github.com/aydin5245/cve-2026-0006","description":"şuan yok","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-20T00:08:35Z","pushed_at":"2026-02-20T00:08:31Z","created_at":"2026-02-19T22:25:23Z","topics":[],"owner":{"login":"aydin5245","html_url":"https://github.com/aydin5245"},"clone_url":"https://github.com/aydin5245/cve-2026-0006.git"}]},{"cve_id":"CVE-2026-0227","repositories":[{"id":1138099737,"name":"CVE-2026-0227-Palo-Alto","full_name":"TeeyaR/CVE-2026-0227-Palo-Alto","html_url":"https://github.com/TeeyaR/CVE-2026-0227-Palo-Alto","description":"A lightweight, non-destructive Python script to scan for exposed Palo Alto Networks GlobalProtect portals/gateways and fingerprint potential PAN-OS versions. Designed primarily to help identify systems potentially vulnerable to CVE-2026-0227 (unauthenticated DoS in GlobalProtect, disclosed January 2026).","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-04-10T21:34:47Z","pushed_at":"2026-01-20T09:31:04Z","created_at":"2026-01-20T08:41:59Z","topics":[],"owner":{"login":"TeeyaR","html_url":"https://github.com/TeeyaR"},"clone_url":"https://github.com/TeeyaR/CVE-2026-0227-Palo-Alto.git"},{"id":1136579232,"name":"CVE-2026-0227-Advanced-Scanner","full_name":"CkAbhijit/CVE-2026-0227-Advanced-Scanner","html_url":"https://github.com/CkAbhijit/CVE-2026-0227-Advanced-Scanner","description":"CVE-2026-0227 Advanced Scanner","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-01-18T00:07:26Z","pushed_at":"2026-01-18T00:07:22Z","created_at":"2026-01-18T00:07:04Z","topics":[],"owner":{"login":"CkAbhijit","html_url":"https://github.com/CkAbhijit"},"clone_url":"https://github.com/CkAbhijit/CVE-2026-0227-Advanced-Scanner.git"}]},{"cve_id":"CVE-2026-0547","repositories":[{"id":1126334668,"name":"CVE-2026-0547","full_name":"rsecroot/CVE-2026-0547","html_url":"https://github.com/rsecroot/CVE-2026-0547","description":"","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-03-10T15:07:09Z","pushed_at":"2026-01-01T17:26:32Z","created_at":"2026-01-01T17:26:32Z","topics":[],"owner":{"login":"rsecroot","html_url":"https://github.com/rsecroot"},"clone_url":"https://github.com/rsecroot/CVE-2026-0547.git"}]},{"cve_id":"CVE-2026-0594","repositories":[{"id":1140080544,"name":"CVE-2026-0594-ListSiteContributors-Plugin-Exploit","full_name":"m4sh-wacker/CVE-2026-0594-ListSiteContributors-Plugin-Exploit","html_url":"https://github.com/m4sh-wacker/CVE-2026-0594-ListSiteContributors-Plugin-Exploit","description":"CVE-2026-0594 List Site Contributors Plugin Exploit","stargazers_count":3,"forks_count":0,"language":"Go","updated_at":"2026-02-05T11:38:36Z","pushed_at":"2026-01-22T20:06:20Z","created_at":"2026-01-22T19:58:18Z","topics":[],"owner":{"login":"m4sh-wacker","html_url":"https://github.com/m4sh-wacker"},"clone_url":"https://github.com/m4sh-wacker/CVE-2026-0594-ListSiteContributors-Plugin-Exploit.git"}]},{"cve_id":"CVE-2026-0603","repositories":[{"id":1218658171,"name":"CVE-2026-0603","full_name":"EQSTLab/CVE-2026-0603","html_url":"https://github.com/EQSTLab/CVE-2026-0603","description":"","stargazers_count":1,"forks_count":0,"language":"HTML","updated_at":"2026-04-27T01:50:56Z","pushed_at":"2026-04-27T01:50:52Z","created_at":"2026-04-23T05:01:19Z","topics":[],"owner":{"login":"EQSTLab","html_url":"https://github.com/EQSTLab"},"clone_url":"https://github.com/EQSTLab/CVE-2026-0603.git"}]},{"cve_id":"CVE-2026-0622","repositories":[{"id":1139569247,"name":"CYBERDUDEBIVASH-5G-Core-Key-Rotation-Ghost-Admin-Auditor","full_name":"cyberdudebivash/CYBERDUDEBIVASH-5G-Core-Key-Rotation-Ghost-Admin-Auditor","html_url":"https://github.com/cyberdudebivash/CYBERDUDEBIVASH-5G-Core-Key-Rotation-Ghost-Admin-Auditor","description":"Production-grade tool for detecting \u0026 remediating CVE-2026-0622 (Ghost Admin privilege escalation \u0026 master key exposure in 5G core software).","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-22T06:05:48Z","pushed_at":"2026-01-22T06:04:07Z","created_at":"2026-01-22T06:03:37Z","topics":["5gsecurity","cve20260622","cyberdudebivash","cyberdudebivashecosystem","cybersecurity","networksecurity","private5g","zerotrust"],"owner":{"login":"cyberdudebivash","html_url":"https://github.com/cyberdudebivash"},"clone_url":"https://github.com/cyberdudebivash/CYBERDUDEBIVASH-5G-Core-Key-Rotation-Ghost-Admin-Auditor.git"}]},{"cve_id":"CVE-2026-0628","repositories":[{"id":1146636584,"name":"Dissecting-CVE-2026-0628-Chromium-Extension-Privilege-Escalation","full_name":"sastraadiwiguna-purpleeliteteaming/Dissecting-CVE-2026-0628-Chromium-Extension-Privilege-Escalation","html_url":"https://github.com/sastraadiwiguna-purpleeliteteaming/Dissecting-CVE-2026-0628-Chromium-Extension-Privilege-Escalation","description":"Origin CyberAnatomy Spoofing via Malicious WebView - Dissecting CVE-2026-0628 Chromium Extension Privilege Escalation This research provides a comprehensive technical dissection of CVE-2026-0628, a high-severity privilege escalation vulnerability (CVSS v3.1: 8.8) in Chromium's WebView policy enforcement mechanism. ","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-01-31T14:07:45Z","pushed_at":"2026-01-31T12:35:20Z","created_at":"2026-01-31T12:31:00Z","topics":[],"owner":{"login":"sastraadiwiguna-purpleeliteteaming","html_url":"https://github.com/sastraadiwiguna-purpleeliteteaming"},"clone_url":"https://github.com/sastraadiwiguna-purpleeliteteaming/Dissecting-CVE-2026-0628-Chromium-Extension-Privilege-Escalation.git"},{"id":1129927025,"name":"CVE-2026-0628-POC","full_name":"fevar54/CVE-2026-0628-POC","html_url":"https://github.com/fevar54/CVE-2026-0628-POC","description":"Prueba de concepto (PoC) para CVE-2026-0628, que demuestra la inyección de scripts en páginas privilegiadas mediante el uso de la etiqueta \u003cwebview\u003e en Google Chrome. Esta vulnerabilidad, clasificada como CWE-862 (Missing Authorization), permite a una extensión maliciosa eludir políticas de seguridad en versiones anteriores a la 143.0.7499.192.","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-01-07T19:35:37Z","pushed_at":"2026-01-07T19:35:33Z","created_at":"2026-01-07T19:29:28Z","topics":[],"owner":{"login":"fevar54","html_url":"https://github.com/fevar54"},"clone_url":"https://github.com/fevar54/CVE-2026-0628-POC.git"}]},{"cve_id":"CVE-2026-0651","repositories":[{"id":1174605544,"name":"tapo-c260-rce","full_name":"l0lsec/tapo-c260-rce","html_url":"https://github.com/l0lsec/tapo-c260-rce","description":"PoC exploit chain for TP-Link Tapo C260 camera — CVE-2026-0651/0652/0653. Research by @spaceraccoon.","stargazers_count":0,"forks_count":1,"language":"Python","updated_at":"2026-03-06T16:26:07Z","pushed_at":"2026-03-06T16:26:03Z","created_at":"2026-03-06T16:26:00Z","topics":[],"owner":{"login":"l0lsec","html_url":"https://github.com/l0lsec"},"clone_url":"https://github.com/l0lsec/tapo-c260-rce.git"}]},{"cve_id":"CVE-2026-0709","repositories":[{"id":1177524746,"name":"CVE-2026-0709","full_name":"SnipersMaster/CVE-2026-0709","html_url":"https://github.com/SnipersMaster/CVE-2026-0709","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-10T05:37:58Z","pushed_at":"2026-03-10T05:37:55Z","created_at":"2026-03-10T05:27:09Z","topics":[],"owner":{"login":"SnipersMaster","html_url":"https://github.com/SnipersMaster"},"clone_url":"https://github.com/SnipersMaster/CVE-2026-0709.git"}]},{"cve_id":"CVE-2026-0730","repositories":[{"id":1177981422,"name":"CVE-2026-0730","full_name":"rsecroot/CVE-2026-0730","html_url":"https://github.com/rsecroot/CVE-2026-0730","description":"Executing a manipulation of the argument profile_pic can lead to cross site scripting. The attack can be executed remotely. The exploit has been published and may be used.","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-03-10T15:10:53Z","pushed_at":"2026-03-10T15:10:30Z","created_at":"2026-03-10T15:10:29Z","topics":[],"owner":{"login":"rsecroot","html_url":"https://github.com/rsecroot"},"clone_url":"https://github.com/rsecroot/CVE-2026-0730.git"}]},{"cve_id":"CVE-2026-0740","repositories":[{"id":1213101182,"name":"CVE-2026-0740","full_name":"0xgh057r3c0n/CVE-2026-0740","html_url":"https://github.com/0xgh057r3c0n/CVE-2026-0740","description":"Ninja Forms File Uploads \u003c= 3.3.26 - Unauthenticated Arbitrary File Upload","stargazers_count":18,"forks_count":4,"language":"Python","updated_at":"2026-04-23T08:25:42Z","pushed_at":"2026-04-17T03:34:54Z","created_at":"2026-04-17T03:32:02Z","topics":[],"owner":{"login":"0xgh057r3c0n","html_url":"https://github.com/0xgh057r3c0n"},"clone_url":"https://github.com/0xgh057r3c0n/CVE-2026-0740.git"},{"id":1221225062,"name":"CVE-2026-0740","full_name":"murrez/CVE-2026-0740","html_url":"https://github.com/murrez/CVE-2026-0740","description":"CVE-2026-0740","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-27T23:30:48Z","pushed_at":"2026-04-25T23:14:52Z","created_at":"2026-04-25T23:12:47Z","topics":[],"owner":{"login":"murrez","html_url":"https://github.com/murrez"},"clone_url":"https://github.com/murrez/CVE-2026-0740.git"},{"id":1204152679,"name":"CVE-2026-0740","full_name":"whattheslime/CVE-2026-0740","html_url":"https://github.com/whattheslime/CVE-2026-0740","description":"Ninja Forms File Uploads \u003c= 3.3.26 - Unauthenticated Arbitrary File Upload to RCE (CVE-2026-0740)","stargazers_count":1,"forks_count":2,"language":"Python","updated_at":"2026-04-29T07:32:20Z","pushed_at":"2026-04-10T08:42:04Z","created_at":"2026-04-07T18:34:14Z","topics":["cve","cve-2026-0740","exploit","file-upload","ninja-forms-uploads","plugin","poc","premium","rce","vulnerability","wordpress"],"owner":{"login":"whattheslime","html_url":"https://github.com/whattheslime"},"clone_url":"https://github.com/whattheslime/CVE-2026-0740.git"},{"id":1204400610,"name":"CVE-2026-0740","full_name":"xShadow-Here/CVE-2026-0740","html_url":"https://github.com/xShadow-Here/CVE-2026-0740","description":"POC ","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-21T13:54:10Z","pushed_at":"2026-04-08T15:27:08Z","created_at":"2026-04-08T01:20:50Z","topics":[],"owner":{"login":"xShadow-Here","html_url":"https://github.com/xShadow-Here"},"clone_url":"https://github.com/xShadow-Here/CVE-2026-0740.git"}]},{"cve_id":"CVE-2026-0745","repositories":[{"id":1214857061,"name":"CVE-2026-0745","full_name":"NetVanguard-cmd/CVE-2026-0745","html_url":"https://github.com/NetVanguard-cmd/CVE-2026-0745","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-19T06:21:52Z","pushed_at":"2026-04-19T06:21:48Z","created_at":"2026-04-19T06:21:48Z","topics":[],"owner":{"login":"NetVanguard-cmd","html_url":"https://github.com/NetVanguard-cmd"},"clone_url":"https://github.com/NetVanguard-cmd/CVE-2026-0745.git"}]},{"cve_id":"CVE-2026-0766","repositories":[{"id":1194555261,"name":"CVE-2026-0766","full_name":"bitt0n/CVE-2026-0766","html_url":"https://github.com/bitt0n/CVE-2026-0766","description":"Educational security research: OpenWebUI RCE via tool code injection (CVE-2026-0766  - ZDI-26-032)","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-28T15:22:32Z","pushed_at":"2026-03-28T15:22:29Z","created_at":"2026-03-28T14:14:23Z","topics":[],"owner":{"login":"bitt0n","html_url":"https://github.com/bitt0n"},"clone_url":"https://github.com/bitt0n/CVE-2026-0766.git"}]},{"cve_id":"CVE-2026-0770","repositories":[{"id":1152475632,"name":"CVE-2026-0770-PoC","full_name":"affix/CVE-2026-0770-PoC","html_url":"https://github.com/affix/CVE-2026-0770-PoC","description":"Proof of Concept for CVE-2026-0770 - Langflow Remote Code Execution","stargazers_count":4,"forks_count":1,"language":"Python","updated_at":"2026-04-16T05:40:52Z","pushed_at":"2026-02-18T21:51:27Z","created_at":"2026-02-07T23:31:48Z","topics":["cve","cve-2026-0770","exploit","poc","rce"],"owner":{"login":"affix","html_url":"https://github.com/affix"},"clone_url":"https://github.com/affix/CVE-2026-0770-PoC.git"},{"id":1200233816,"name":"CVE-2026-0770","full_name":"0xBlackash/CVE-2026-0770","html_url":"https://github.com/0xBlackash/CVE-2026-0770","description":"CVE-2026-0770","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-15T10:37:53Z","pushed_at":"2026-04-03T07:46:34Z","created_at":"2026-04-03T07:15:10Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-0770.git"},{"id":1166046683,"name":"CVE-2026-0770","full_name":"0xgh057r3c0n/CVE-2026-0770","html_url":"https://github.com/0xgh057r3c0n/CVE-2026-0770","description":"Langflow Remote Code Execution (RCE) Proof-of-Concept","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-03-02T14:10:01Z","pushed_at":"2026-02-24T20:32:20Z","created_at":"2026-02-24T20:28:03Z","topics":[],"owner":{"login":"0xgh057r3c0n","html_url":"https://github.com/0xgh057r3c0n"},"clone_url":"https://github.com/0xgh057r3c0n/CVE-2026-0770.git"},{"id":1175883223,"name":"CVE-2026-0770","full_name":"Yetazyyy/CVE-2026-0770","html_url":"https://github.com/Yetazyyy/CVE-2026-0770","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-09T17:03:18Z","pushed_at":"2026-03-09T17:03:14Z","created_at":"2026-03-08T10:07:18Z","topics":[],"owner":{"login":"Yetazyyy","html_url":"https://github.com/Yetazyyy"},"clone_url":"https://github.com/Yetazyyy/CVE-2026-0770.git"}]},{"cve_id":"CVE-2026-0827","repositories":[{"id":1212038125,"name":"CVE-2026-0827","full_name":"ZeroMemoryEx/CVE-2026-0827","html_url":"https://github.com/ZeroMemoryEx/CVE-2026-0827","description":"CVE-2026-0827 PoC","stargazers_count":18,"forks_count":3,"language":"C#","updated_at":"2026-04-22T02:51:31Z","pushed_at":"2026-04-16T15:26:25Z","created_at":"2026-04-16T02:10:56Z","topics":[],"owner":{"login":"ZeroMemoryEx","html_url":"https://github.com/ZeroMemoryEx"},"clone_url":"https://github.com/ZeroMemoryEx/CVE-2026-0827.git"}]},{"cve_id":"CVE-2026-0828","repositories":[{"id":1157847378,"name":"STProcessMonitorBYOVD","full_name":"ANYLNK/STProcessMonitorBYOVD","html_url":"https://github.com/ANYLNK/STProcessMonitorBYOVD","description":"The PoC for CVE-2025-70795 / CVE-2026-0828 and updated driver","stargazers_count":43,"forks_count":7,"language":"C++","updated_at":"2026-04-16T19:33:33Z","pushed_at":"2026-03-13T09:52:10Z","created_at":"2026-02-14T11:50:08Z","topics":[],"owner":{"login":"ANYLNK","html_url":"https://github.com/ANYLNK"},"clone_url":"https://github.com/ANYLNK/STProcessMonitorBYOVD.git"},{"id":1149330493,"name":"0xKern3lCrush-Foreverday-BYOVD-CVE-2026-0828","full_name":"DeathShotXD/0xKern3lCrush-Foreverday-BYOVD-CVE-2026-0828","html_url":"https://github.com/DeathShotXD/0xKern3lCrush-Foreverday-BYOVD-CVE-2026-0828","description":"Advanced PoC \u0026 Research for CVE-2026-0828 (Safetica) and CVE-2025-7771 (ThrottleStop). Analysis of BYOVD (Bring Your Own Vulnerable Driver) TTPs for Ring 0 process termination and physical memory R/W. Researching EDR-Killer patterns, PPL bypasses, and kernel-mode primitives used by MedusaLocker and other threat actors.","stargazers_count":37,"forks_count":2,"language":"C","updated_at":"2026-04-25T09:32:04Z","pushed_at":"2026-02-04T02:20:21Z","created_at":"2026-02-04T01:47:36Z","topics":[],"owner":{"login":"DeathShotXD","html_url":"https://github.com/DeathShotXD"},"clone_url":"https://github.com/DeathShotXD/0xKern3lCrush-Foreverday-BYOVD-CVE-2026-0828.git"},{"id":1199617169,"name":"KillChain","full_name":"oxfemale/KillChain","html_url":"https://github.com/oxfemale/KillChain","description":"Kernel Process Termination Tool ( CVE-2026-0828 exploit)","stargazers_count":22,"forks_count":5,"language":"C","updated_at":"2026-04-28T10:12:13Z","pushed_at":"2026-04-02T14:32:56Z","created_at":"2026-04-02T14:28:37Z","topics":[],"owner":{"login":"oxfemale","html_url":"https://github.com/oxfemale"},"clone_url":"https://github.com/oxfemale/KillChain.git"},{"id":1076535240,"name":"BYOVD-Research","full_name":"KOSEC-LLC/BYOVD-Research","html_url":"https://github.com/KOSEC-LLC/BYOVD-Research","description":"BYOVD research performed by KOSEC. Includes vulnerable drivers and writeups (CVE-2026-0828).","stargazers_count":4,"forks_count":0,"language":"C","updated_at":"2026-03-18T08:14:01Z","pushed_at":"2026-03-18T00:25:06Z","created_at":"2025-10-15T02:11:59Z","topics":[],"owner":{"login":"KOSEC-LLC","html_url":"https://github.com/KOSEC-LLC"},"clone_url":"https://github.com/KOSEC-LLC/BYOVD-Research.git"},{"id":789262768,"name":"STProcessMonitorBYOVD","full_name":"wutang700/STProcessMonitorBYOVD","html_url":"https://github.com/wutang700/STProcessMonitorBYOVD","description":"🛠 Exploit and control Windows processes using CVE-2025-70795 and CVE-2026-0828 with driver-based termination tools.","stargazers_count":2,"forks_count":0,"language":"C++","updated_at":"2026-04-29T11:59:31Z","pushed_at":"2026-04-29T11:59:28Z","created_at":"2024-04-20T04:18:24Z","topics":["automation","byovd","component","devops","ifttt","keras","linux","machine-learning","process","python","pytorch","rust","sre","st-gcn","st2","symfony","terminal-app","w3c","workflows","xresources"],"owner":{"login":"wutang700","html_url":"https://github.com/wutang700"},"clone_url":"https://github.com/wutang700/STProcessMonitorBYOVD.git"}]},{"cve_id":"CVE-2026-0834","repositories":[{"id":1133072036,"name":"CVE-2026-0834","full_name":"mattgsys/CVE-2026-0834","html_url":"https://github.com/mattgsys/CVE-2026-0834","description":"Proof of Concept (PoC) for the TP-Link Device Debug Protocol (TDDP) Authentication Bypass (CVE-2026-0834)","stargazers_count":1,"forks_count":1,"language":"Python","updated_at":"2026-04-15T07:38:26Z","pushed_at":"2026-01-19T23:05:10Z","created_at":"2026-01-12T21:01:13Z","topics":[],"owner":{"login":"mattgsys","html_url":"https://github.com/mattgsys"},"clone_url":"https://github.com/mattgsys/CVE-2026-0834.git"}]},{"cve_id":"CVE-2026-0842","repositories":[{"id":1126407015,"name":"smart-sketcher-upload","full_name":"davidrxchester/smart-sketcher-upload","html_url":"https://github.com/davidrxchester/smart-sketcher-upload","description":"CVE-2026-0842","stargazers_count":3,"forks_count":0,"language":"Python","updated_at":"2026-02-17T20:26:16Z","pushed_at":"2026-01-10T15:50:04Z","created_at":"2026-01-01T21:07:07Z","topics":[],"owner":{"login":"davidrxchester","html_url":"https://github.com/davidrxchester"},"clone_url":"https://github.com/davidrxchester/smart-sketcher-upload.git"}]},{"cve_id":"CVE-2026-0847","repositories":[{"id":1195096200,"name":"CVE-2026-0847","full_name":"HyperPS/CVE-2026-0847","html_url":"https://github.com/HyperPS/CVE-2026-0847","description":"A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader.","stargazers_count":0,"forks_count":1,"language":"","updated_at":"2026-03-29T08:13:49Z","pushed_at":"2026-03-29T08:13:46Z","created_at":"2026-03-29T08:00:18Z","topics":[],"owner":{"login":"HyperPS","html_url":"https://github.com/HyperPS"},"clone_url":"https://github.com/HyperPS/CVE-2026-0847.git"}]},{"cve_id":"CVE-2026-0848","repositories":[{"id":1197424178,"name":"CVE-2026-0848-Scanner---Herramienta-de-Detecci-n","full_name":"fevar54/CVE-2026-0848-Scanner---Herramienta-de-Detecci-n","html_url":"https://github.com/fevar54/CVE-2026-0848-Scanner---Herramienta-de-Detecci-n","description":"Herramienta de detección para CVE-2026-0848 que escanea sistemas locales y remotos en busca de instalaciones vulnerables de NLTK ≤ 3.9.2. Realiza escaneo por SSH, detección en red, genera reportes JSON/HTML/CSV y calcula nivel de riesgo basado en presencia de modelos StanfordSegmenter comprometidos.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-31T16:04:14Z","pushed_at":"2026-03-31T16:03:39Z","created_at":"2026-03-31T15:12:27Z","topics":[],"owner":{"login":"fevar54","html_url":"https://github.com/fevar54"},"clone_url":"https://github.com/fevar54/CVE-2026-0848-Scanner---Herramienta-de-Detecci-n.git"},{"id":1197378555,"name":"CVE-2026-0848-PoC-Improper-Input-Validation","full_name":"fevar54/CVE-2026-0848-PoC-Improper-Input-Validation","html_url":"https://github.com/fevar54/CVE-2026-0848-PoC-Improper-Input-Validation","description":"Este PoC compila código Java malicioso en un JAR con bloque estático, lo carga mediante StanfordSegmenter de NLTK, y al ser cargado por el JVM ejecuta automáticamente el payload, creando el archivo /tmp/pwned_cve_2026_0848 como prueba tangible de ejecución de código arbitrario.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-31T14:45:08Z","pushed_at":"2026-03-31T14:45:04Z","created_at":"2026-03-31T14:34:02Z","topics":[],"owner":{"login":"fevar54","html_url":"https://github.com/fevar54"},"clone_url":"https://github.com/fevar54/CVE-2026-0848-PoC-Improper-Input-Validation.git"},{"id":1195105956,"name":"CVE-2026-0848","full_name":"HyperPS/CVE-2026-0848","html_url":"https://github.com/HyperPS/CVE-2026-0848","description":"nltk.tokenize.StanfordSegmenter dynamically loads external Java .jar files without verification or sandboxing. If an attacker can supply or replace the JAR (e.g., a poisoned model download, MITM package swap, or dependency poisoning), arbitrary Java bytecode executes at import time.","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-29T08:30:02Z","pushed_at":"2026-03-29T08:29:59Z","created_at":"2026-03-29T08:20:30Z","topics":[],"owner":{"login":"HyperPS","html_url":"https://github.com/HyperPS"},"clone_url":"https://github.com/HyperPS/CVE-2026-0848.git"}]},{"cve_id":"CVE-2026-0866","repositories":[{"id":1181439564,"name":"zombieguard","full_name":"mdshoaibuddinchanda/zombieguard","html_url":"https://github.com/mdshoaibuddinchanda/zombieguard","description":"ML-based detection of Zombie ZIP archive header evasion attacks (CVE-2026-0866)","stargazers_count":3,"forks_count":0,"language":"Python","updated_at":"2026-03-25T13:06:30Z","pushed_at":"2026-03-25T13:06:26Z","created_at":"2026-03-14T06:15:49Z","topics":["archive-evasion","archive-security","cve-2026-0866","cybersecurity","entropy-analysis","machine-learning","malware-detection","malware-research","zip-format","zip-security"],"owner":{"login":"mdshoaibuddinchanda","html_url":"https://github.com/mdshoaibuddinchanda"},"clone_url":"https://github.com/mdshoaibuddinchanda/zombieguard.git"}]},{"cve_id":"CVE-2026-0897","repositories":[{"id":1195118577,"name":"CVE-2026-0897","full_name":"HyperPS/CVE-2026-0897","html_url":"https://github.com/HyperPS/CVE-2026-0897","description":"Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service (DoS) through memory exhaustion and a crash of the Python interpreter via a crafted .keras ","stargazers_count":0,"forks_count":1,"language":"","updated_at":"2026-03-29T09:27:44Z","pushed_at":"2026-03-29T09:27:41Z","created_at":"2026-03-29T08:44:34Z","topics":[],"owner":{"login":"HyperPS","html_url":"https://github.com/HyperPS"},"clone_url":"https://github.com/HyperPS/CVE-2026-0897.git"}]},{"cve_id":"CVE-2026-0911","repositories":[{"id":1222020441,"name":"CVE-2026-0911","full_name":"murrez/CVE-2026-0911","html_url":"https://github.com/murrez/CVE-2026-0911","description":"CVE-2026-0911 için kimlik doğrulamalı test aracı: Hustle eklentisinde modül içe aktarma üzerinden zayıf dosya yükleme ve “yetim dosya” davranışını kontrol eder; yalnızca izinli ortamlarda ve geçerli WordPress oturumuyla kullanılmalıdır.","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-27T23:19:29Z","pushed_at":"2026-04-27T01:02:27Z","created_at":"2026-04-27T01:00:21Z","topics":[],"owner":{"login":"murrez","html_url":"https://github.com/murrez"},"clone_url":"https://github.com/murrez/CVE-2026-0911.git"}]},{"cve_id":"CVE-2026-0915","repositories":[{"id":1160963120,"name":"CVE-2026-0915-json-Patch.-V2.0","full_name":"cyberwulfy200-dev/CVE-2026-0915-json-Patch.-V2.0","html_url":"https://github.com/cyberwulfy200-dev/CVE-2026-0915-json-Patch.-V2.0","description":"Patch the Bug - glibc ","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-02-18T15:53:38Z","pushed_at":"2026-02-18T15:53:34Z","created_at":"2026-02-18T15:22:33Z","topics":[],"owner":{"login":"cyberwulfy200-dev","html_url":"https://github.com/cyberwulfy200-dev"},"clone_url":"https://github.com/cyberwulfy200-dev/CVE-2026-0915-json-Patch.-V2.0.git"}]},{"cve_id":"CVE-2026-0920","repositories":[{"id":1144464188,"name":"CVE-2026-0920","full_name":"John-doe-code-a11/CVE-2026-0920","html_url":"https://github.com/John-doe-code-a11/CVE-2026-0920","description":"Explanation and payload of the recent vulnerability in the LA-Studio Element WordPress plugin.","stargazers_count":7,"forks_count":0,"language":"Python","updated_at":"2026-04-12T18:34:46Z","pushed_at":"2026-01-28T18:56:35Z","created_at":"2026-01-28T17:57:09Z","topics":[],"owner":{"login":"John-doe-code-a11","html_url":"https://github.com/John-doe-code-a11"},"clone_url":"https://github.com/John-doe-code-a11/CVE-2026-0920.git"},{"id":1140067162,"name":"CVE-2026-0920-WordPress-LA-Studio-Exploit","full_name":"Galaxy-sc/CVE-2026-0920-WordPress-LA-Studio-Exploit","html_url":"https://github.com/Galaxy-sc/CVE-2026-0920-WordPress-LA-Studio-Exploit","description":"","stargazers_count":3,"forks_count":0,"language":"Go","updated_at":"2026-03-19T02:28:51Z","pushed_at":"2026-01-22T19:57:13Z","created_at":"2026-01-22T19:33:23Z","topics":[],"owner":{"login":"Galaxy-sc","html_url":"https://github.com/Galaxy-sc"},"clone_url":"https://github.com/Galaxy-sc/CVE-2026-0920-WordPress-LA-Studio-Exploit.git"},{"id":1141830592,"name":"By-Poloss..-..CVE-2026-0920","full_name":"O99099O/By-Poloss..-..CVE-2026-0920","html_url":"https://github.com/O99099O/By-Poloss..-..CVE-2026-0920","description":"CVE-2026-0920 — Unauthenticated admin account creation in LA-Studio Element Kit for Elementor (≤ 1.5.6.3) via improper role validation in ajax_register_handle.","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-02-06T04:05:15Z","pushed_at":"2026-01-25T14:11:22Z","created_at":"2026-01-25T14:04:26Z","topics":[],"owner":{"login":"O99099O","html_url":"https://github.com/O99099O"},"clone_url":"https://github.com/O99099O/By-Poloss..-..CVE-2026-0920.git"},{"id":1214597462,"name":"CVE-2026-0920-","full_name":"Nxploited/CVE-2026-0920-","html_url":"https://github.com/Nxploited/CVE-2026-0920-","description":"LA-Studio Element Kit for Elementor \u003c= 1.5.6.3 - Unauthenticated Privilege Escalation via Backdoor to Administrative User Creation via lakit_bkrole parameter","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-19T23:44:41Z","pushed_at":"2026-04-18T19:44:23Z","created_at":"2026-04-18T19:43:07Z","topics":[],"owner":{"login":"Nxploited","html_url":"https://github.com/Nxploited"},"clone_url":"https://github.com/Nxploited/CVE-2026-0920-.git"}]},{"cve_id":"CVE-2026-1056","repositories":[{"id":1144292826,"name":"CVE-2026-1056-POC","full_name":"ch4r0nn/CVE-2026-1056-POC","html_url":"https://github.com/ch4r0nn/CVE-2026-1056-POC","description":"Snow Monkey Forms \u003c= 12.0.3 - Unauthenticated Arbitrary File Deletion via Path Traversal (CVE-2026-1056)","stargazers_count":6,"forks_count":0,"language":"Python","updated_at":"2026-02-24T09:16:44Z","pushed_at":"2026-01-28T15:03:34Z","created_at":"2026-01-28T14:29:36Z","topics":[],"owner":{"login":"ch4r0nn","html_url":"https://github.com/ch4r0nn"},"clone_url":"https://github.com/ch4r0nn/CVE-2026-1056-POC.git"}]},{"cve_id":"CVE-2026-1107","repositories":[{"id":1136632618,"name":"CVE-2026-1107","full_name":"Iniivan13/CVE-2026-1107","html_url":"https://github.com/Iniivan13/CVE-2026-1107","description":"A weakness has been identified in EyouCMS up to 1.7.1/5.0. Impacted is the function check_userinfo of the file Diyajax.php of the component Member Avatar Handler. Executing a manipulation of the argument viewfile can lead to unrestricted upload. The attack may be performed from remote.","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-01-18T03:32:44Z","pushed_at":"2026-01-18T03:32:41Z","created_at":"2026-01-18T03:30:08Z","topics":[],"owner":{"login":"Iniivan13","html_url":"https://github.com/Iniivan13"},"clone_url":"https://github.com/Iniivan13/CVE-2026-1107.git"}]},{"cve_id":"CVE-2026-1207","repositories":[{"id":1221306764,"name":"CVE-2026-1207","full_name":"sw0rd1ight/CVE-2026-1207","html_url":"https://github.com/sw0rd1ight/CVE-2026-1207","description":"Django 框架在使用 PostGIS 查询地理栅格（raster）数据时，若将未经验证的用户输入直接作为 band index（波段索引）参数，会引发 SQL 注入","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-26T03:12:49Z","pushed_at":"2026-04-26T03:12:45Z","created_at":"2026-04-26T02:54:10Z","topics":[],"owner":{"login":"sw0rd1ight","html_url":"https://github.com/sw0rd1ight"},"clone_url":"https://github.com/sw0rd1ight/CVE-2026-1207.git"}]},{"cve_id":"CVE-2026-1208","repositories":[{"id":1140851057,"name":"CVE-2026-1208","full_name":"SnailSploit/CVE-2026-1208","html_url":"https://github.com/SnailSploit/CVE-2026-1208","description":"Friendly Functions for Welcart \u003c= 1.2.5 - Cross-Site Request Forgery to Settings Update","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-23T20:53:52Z","pushed_at":"2026-01-23T20:53:47Z","created_at":"2026-01-23T20:51:35Z","topics":[],"owner":{"login":"SnailSploit","html_url":"https://github.com/SnailSploit"},"clone_url":"https://github.com/SnailSploit/CVE-2026-1208.git"}]},{"cve_id":"CVE-2026-1281","repositories":[{"id":1152108206,"name":"CVE-2026-1281-Ivanti-EPMM-RCE","full_name":"MehdiLeDeaut/CVE-2026-1281-Ivanti-EPMM-RCE","html_url":"https://github.com/MehdiLeDeaut/CVE-2026-1281-Ivanti-EPMM-RCE","description":"Proof of Concept for CVE-2026-1281 \u0026 CVE-2026-1340 - Ivanti EPMM Pre-Auth RCE via Bash Arithmetic Expansion","stargazers_count":4,"forks_count":1,"language":"Python","updated_at":"2026-03-27T12:41:10Z","pushed_at":"2026-02-07T14:27:13Z","created_at":"2026-02-07T11:28:47Z","topics":[],"owner":{"login":"MehdiLeDeaut","html_url":"https://github.com/MehdiLeDeaut"},"clone_url":"https://github.com/MehdiLeDeaut/CVE-2026-1281-Ivanti-EPMM-RCE.git"},{"id":1162091212,"name":"CVE-2026-1281-CVE-2026-1340-Ivanti-EPMM-RCE","full_name":"YunfeiGE18/CVE-2026-1281-CVE-2026-1340-Ivanti-EPMM-RCE","html_url":"https://github.com/YunfeiGE18/CVE-2026-1281-CVE-2026-1340-Ivanti-EPMM-RCE","description":"A simple demo application that shows how to reproduce the Ivanti EPMM pre-auth RCE vulnerability (CVE-2026-1281 / CVE-2026-1340) for educational and security research purposes.","stargazers_count":3,"forks_count":0,"language":"Shell","updated_at":"2026-04-09T02:40:26Z","pushed_at":"2026-02-19T21:36:19Z","created_at":"2026-02-19T21:29:39Z","topics":[],"owner":{"login":"YunfeiGE18","html_url":"https://github.com/YunfeiGE18"},"clone_url":"https://github.com/YunfeiGE18/CVE-2026-1281-CVE-2026-1340-Ivanti-EPMM-RCE.git"}]},{"cve_id":"CVE-2026-1306","repositories":[{"id":1223767424,"name":"CVE-2026-1306","full_name":"murrez/CVE-2026-1306","html_url":"https://github.com/murrez/CVE-2026-1306","description":"PoC list runner for CVE-2026-1306 (WordPress midi-Synth ≤1.1.0): fetches exposed midiSynth_nonce, POSTs export AJAX to drop files under sound/. Authorized security testing only.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-28T16:28:06Z","pushed_at":"2026-04-28T16:28:02Z","created_at":"2026-04-28T16:27:13Z","topics":[],"owner":{"login":"murrez","html_url":"https://github.com/murrez"},"clone_url":"https://github.com/murrez/CVE-2026-1306.git"}]},{"cve_id":"CVE-2026-1312","repositories":[{"id":1163180071,"name":"CVE-2026-1312","full_name":"sw0rd1ight/CVE-2026-1312","html_url":"https://github.com/sw0rd1ight/CVE-2026-1312","description":"Analysis and reproduction of CVE-2026-1312","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-04-04T02:50:32Z","pushed_at":"2026-02-21T08:33:36Z","created_at":"2026-02-21T08:07:29Z","topics":[],"owner":{"login":"sw0rd1ight","html_url":"https://github.com/sw0rd1ight"},"clone_url":"https://github.com/sw0rd1ight/CVE-2026-1312.git"},{"id":1206499607,"name":"CVE-2026-1312-Testing","full_name":"alpinine/CVE-2026-1312-Testing","html_url":"https://github.com/alpinine/CVE-2026-1312-Testing","description":"","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-04-10T01:34:35Z","pushed_at":"2026-04-10T01:34:28Z","created_at":"2026-04-10T01:21:46Z","topics":[],"owner":{"login":"alpinine","html_url":"https://github.com/alpinine"},"clone_url":"https://github.com/alpinine/CVE-2026-1312-Testing.git"}]},{"cve_id":"CVE-2026-1337","repositories":[{"id":1150557425,"name":"CVE-2026-1337","full_name":"JoakimBulow/CVE-2026-1337","html_url":"https://github.com/JoakimBulow/CVE-2026-1337","description":"CVE-2026-1337 - Neo4j - Log Injection","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-21T09:28:38Z","pushed_at":"2026-02-05T13:12:05Z","created_at":"2026-02-05T12:24:04Z","topics":[],"owner":{"login":"JoakimBulow","html_url":"https://github.com/JoakimBulow"},"clone_url":"https://github.com/JoakimBulow/CVE-2026-1337.git"}]},{"cve_id":"CVE-2026-1340","repositories":[{"id":1152108206,"name":"CVE-2026-1281-Ivanti-EPMM-RCE","full_name":"MehdiLeDeaut/CVE-2026-1281-Ivanti-EPMM-RCE","html_url":"https://github.com/MehdiLeDeaut/CVE-2026-1281-Ivanti-EPMM-RCE","description":"Proof of Concept for CVE-2026-1281 \u0026 CVE-2026-1340 - Ivanti EPMM Pre-Auth RCE via Bash Arithmetic Expansion","stargazers_count":4,"forks_count":1,"language":"Python","updated_at":"2026-03-27T12:41:10Z","pushed_at":"2026-02-07T14:27:13Z","created_at":"2026-02-07T11:28:47Z","topics":[],"owner":{"login":"MehdiLeDeaut","html_url":"https://github.com/MehdiLeDeaut"},"clone_url":"https://github.com/MehdiLeDeaut/CVE-2026-1281-Ivanti-EPMM-RCE.git"},{"id":1162091212,"name":"CVE-2026-1281-CVE-2026-1340-Ivanti-EPMM-RCE","full_name":"YunfeiGE18/CVE-2026-1281-CVE-2026-1340-Ivanti-EPMM-RCE","html_url":"https://github.com/YunfeiGE18/CVE-2026-1281-CVE-2026-1340-Ivanti-EPMM-RCE","description":"A simple demo application that shows how to reproduce the Ivanti EPMM pre-auth RCE vulnerability (CVE-2026-1281 / CVE-2026-1340) for educational and security research purposes.","stargazers_count":3,"forks_count":0,"language":"Shell","updated_at":"2026-04-09T02:40:26Z","pushed_at":"2026-02-19T21:36:19Z","created_at":"2026-02-19T21:29:39Z","topics":[],"owner":{"login":"YunfeiGE18","html_url":"https://github.com/YunfeiGE18"},"clone_url":"https://github.com/YunfeiGE18/CVE-2026-1281-CVE-2026-1340-Ivanti-EPMM-RCE.git"}]},{"cve_id":"CVE-2026-1357","repositories":[{"id":1155497494,"name":"POC-CVE-2026-1357","full_name":"LucasM0ntes/POC-CVE-2026-1357","html_url":"https://github.com/LucasM0ntes/POC-CVE-2026-1357","description":"POC-CVE-2026-1357","stargazers_count":13,"forks_count":4,"language":"","updated_at":"2026-04-25T03:50:58Z","pushed_at":"2026-02-11T16:01:44Z","created_at":"2026-02-11T15:26:14Z","topics":[],"owner":{"login":"LucasM0ntes","html_url":"https://github.com/LucasM0ntes"},"clone_url":"https://github.com/LucasM0ntes/POC-CVE-2026-1357.git"},{"id":1156967397,"name":"CVE-2026-1357","full_name":"halilkirazkaya/CVE-2026-1357","html_url":"https://github.com/halilkirazkaya/CVE-2026-1357","description":"CVE-2026-1357 — WPvivid Backup \u0026 Migration ≤ 0.9.123 Unauthenticated RCE Exploit","stargazers_count":10,"forks_count":2,"language":"Python","updated_at":"2026-03-07T19:11:38Z","pushed_at":"2026-02-26T08:41:37Z","created_at":"2026-02-13T09:12:39Z","topics":["cve-2026-1357"],"owner":{"login":"halilkirazkaya","html_url":"https://github.com/halilkirazkaya"},"clone_url":"https://github.com/halilkirazkaya/CVE-2026-1357.git"},{"id":1157661113,"name":"CVE-2026-1357-POC","full_name":"cybertechajju/CVE-2026-1357-POC","html_url":"https://github.com/cybertechajju/CVE-2026-1357-POC","description":"","stargazers_count":9,"forks_count":2,"language":"Python","updated_at":"2026-03-25T18:59:50Z","pushed_at":"2026-02-14T05:34:13Z","created_at":"2026-02-14T05:15:19Z","topics":[],"owner":{"login":"cybertechajju","html_url":"https://github.com/cybertechajju"},"clone_url":"https://github.com/cybertechajju/CVE-2026-1357-POC.git"},{"id":1178298056,"name":"CVE-2026-1357","full_name":"Nxploited/CVE-2026-1357","html_url":"https://github.com/Nxploited/CVE-2026-1357","description":"Migration, Backup, Staging \u003c= 0.9.123 - Unauthenticated Arbitrary File Upload","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-03-13T08:56:22Z","pushed_at":"2026-03-11T01:26:24Z","created_at":"2026-03-10T22:23:22Z","topics":[],"owner":{"login":"Nxploited","html_url":"https://github.com/Nxploited"},"clone_url":"https://github.com/Nxploited/CVE-2026-1357.git"},{"id":1154797663,"name":"Exploit-CVE-2026-1357","full_name":"itsismarcos/Exploit-CVE-2026-1357","html_url":"https://github.com/itsismarcos/Exploit-CVE-2026-1357","description":"Exploit CVE-2026-1357","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-02-18T00:13:45Z","pushed_at":"2026-02-10T19:40:36Z","created_at":"2026-02-10T19:38:36Z","topics":[],"owner":{"login":"itsismarcos","html_url":"https://github.com/itsismarcos"},"clone_url":"https://github.com/itsismarcos/Exploit-CVE-2026-1357.git"},{"id":1170451926,"name":"CVE-2026-1357","full_name":"CVEs-Labs/CVE-2026-1357","html_url":"https://github.com/CVEs-Labs/CVE-2026-1357","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-22T13:16:46Z","pushed_at":"2026-04-22T13:16:39Z","created_at":"2026-03-02T06:14:06Z","topics":[],"owner":{"login":"CVEs-Labs","html_url":"https://github.com/CVEs-Labs"},"clone_url":"https://github.com/CVEs-Labs/CVE-2026-1357.git"},{"id":1211125179,"name":"PoC-CVE-2026-1357","full_name":"masterwok/PoC-CVE-2026-1357","html_url":"https://github.com/masterwok/PoC-CVE-2026-1357","description":" Proof-of-concept exploit for POC-CVE-2026-1357. WPvivid Backup \u0026 Migration plugin for WordPress \u003c= 0.9.123.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-15T05:35:22Z","pushed_at":"2026-04-15T05:35:19Z","created_at":"2026-04-15T05:02:07Z","topics":[],"owner":{"login":"masterwok","html_url":"https://github.com/masterwok"},"clone_url":"https://github.com/masterwok/PoC-CVE-2026-1357.git"},{"id":1184801382,"name":"CVE-2026-1357","full_name":"0xBlackash/CVE-2026-1357","html_url":"https://github.com/0xBlackash/CVE-2026-1357","description":"CVE-2026-1357","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-18T01:00:31Z","pushed_at":"2026-03-18T01:00:28Z","created_at":"2026-03-18T00:18:20Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-1357.git"},{"id":1166387734,"name":"CVE-2026-1357-Lab","full_name":"rootdirective-sec/CVE-2026-1357-Lab","html_url":"https://github.com/rootdirective-sec/CVE-2026-1357-Lab","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-25T07:04:34Z","pushed_at":"2026-02-25T07:04:31Z","created_at":"2026-02-25T07:02:33Z","topics":[],"owner":{"login":"rootdirective-sec","html_url":"https://github.com/rootdirective-sec"},"clone_url":"https://github.com/rootdirective-sec/CVE-2026-1357-Lab.git"}]},{"cve_id":"CVE-2026-1375","repositories":[{"id":1206217758,"name":"CVE-2026-1375","full_name":"d3kc4rt1/CVE-2026-1375","html_url":"https://github.com/d3kc4rt1/CVE-2026-1375","description":"Authenticated IDOR / Broken Access Control in Tutor LMS Plugin","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-09T17:38:14Z","pushed_at":"2026-04-09T17:38:08Z","created_at":"2026-04-09T17:37:39Z","topics":[],"owner":{"login":"d3kc4rt1","html_url":"https://github.com/d3kc4rt1"},"clone_url":"https://github.com/d3kc4rt1/CVE-2026-1375.git"}]},{"cve_id":"CVE-2026-1405","repositories":[{"id":1162943554,"name":"CVE-2026-1405","full_name":"Nxploited/CVE-2026-1405","html_url":"https://github.com/Nxploited/CVE-2026-1405","description":"Slider Future \u003c= 1.0.5 - Unauthenticated Arbitrary File Upload","stargazers_count":4,"forks_count":0,"language":"Python","updated_at":"2026-03-13T08:56:25Z","pushed_at":"2026-02-20T22:14:48Z","created_at":"2026-02-20T22:12:03Z","topics":[],"owner":{"login":"Nxploited","html_url":"https://github.com/Nxploited"},"clone_url":"https://github.com/Nxploited/CVE-2026-1405.git"},{"id":1213853314,"name":"Mass-Scanner-CVE-2026-1405","full_name":"AnggaTechI/Mass-Scanner-CVE-2026-1405","html_url":"https://github.com/AnggaTechI/Mass-Scanner-CVE-2026-1405","description":"WordPress mass scanner for detecting CVE-2026-1405 exposure.","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-04-17T21:14:46Z","pushed_at":"2026-04-17T20:54:38Z","created_at":"2026-04-17T20:43:07Z","topics":[],"owner":{"login":"AnggaTechI","html_url":"https://github.com/AnggaTechI"},"clone_url":"https://github.com/AnggaTechI/Mass-Scanner-CVE-2026-1405.git"}]},{"cve_id":"CVE-2026-1424","repositories":[{"id":1177975148,"name":"CVE-2026-1424","full_name":"rsecroot/CVE-2026-1424","html_url":"https://github.com/rsecroot/CVE-2026-1424","description":"A vulnerability was identified in PHPGurukul News Portal 1.0. This affects an unknown part of the component Profile Pic Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-03-10T15:07:03Z","pushed_at":"2026-03-10T15:03:40Z","created_at":"2026-03-10T15:03:39Z","topics":[],"owner":{"login":"rsecroot","html_url":"https://github.com/rsecroot"},"clone_url":"https://github.com/rsecroot/CVE-2026-1424.git"}]},{"cve_id":"CVE-2026-1434","repositories":[{"id":1208065785,"name":"CVE-2026-1434","full_name":"lukasz-rybak/CVE-2026-1434","html_url":"https://github.com/lukasz-rybak/CVE-2026-1434","description":"CVE-2026-1434 - Omega-PSIR is vulnerable to Reflected XSS via the lang parameter. An attacker can craft a...","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-11T19:22:55Z","pushed_at":"2026-04-11T19:22:47Z","created_at":"2026-04-11T19:15:34Z","topics":[],"owner":{"login":"lukasz-rybak","html_url":"https://github.com/lukasz-rybak"},"clone_url":"https://github.com/lukasz-rybak/CVE-2026-1434.git"}]},{"cve_id":"CVE-2026-1457","repositories":[{"id":1146419073,"name":"CVE-2026-1457","full_name":"ii4gsp/CVE-2026-1457","html_url":"https://github.com/ii4gsp/CVE-2026-1457","description":"CVE-2026-1457 is an authenticated buffer overflow vulnerability in the web API of TP-Link VIGI C385 V1. This vulnerability allows authenticated attackers to perform remote code execution (RCE).","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-01-31T04:11:46Z","pushed_at":"2026-01-31T04:11:42Z","created_at":"2026-01-31T04:11:25Z","topics":[],"owner":{"login":"ii4gsp","html_url":"https://github.com/ii4gsp"},"clone_url":"https://github.com/ii4gsp/CVE-2026-1457.git"}]},{"cve_id":"CVE-2026-1459","repositories":[{"id":1219479827,"name":"CVE-2026-1459-POC","full_name":"Toouch67/CVE-2026-1459-POC","html_url":"https://github.com/Toouch67/CVE-2026-1459-POC","description":"POC for the CVE-2026-1459 which payload changes root SSH password.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-23T23:23:34Z","pushed_at":"2026-04-23T23:23:30Z","created_at":"2026-04-23T23:22:16Z","topics":[],"owner":{"login":"Toouch67","html_url":"https://github.com/Toouch67"},"clone_url":"https://github.com/Toouch67/CVE-2026-1459-POC.git"}]},{"cve_id":"CVE-2026-1492","repositories":[{"id":1214219593,"name":"CVE-2026-1492","full_name":"Nxploited/CVE-2026-1492","html_url":"https://github.com/Nxploited/CVE-2026-1492","description":"User Registration \u0026 Membership \u003c= 5.1.2 - Unauthenticated Privilege Escalation via Membership Registration","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-18T09:20:33Z","pushed_at":"2026-04-18T09:20:28Z","created_at":"2026-04-18T09:18:57Z","topics":[],"owner":{"login":"Nxploited","html_url":"https://github.com/Nxploited"},"clone_url":"https://github.com/Nxploited/CVE-2026-1492.git"},{"id":1187520015,"name":"CVE-2026-1492","full_name":"the8frust/CVE-2026-1492","html_url":"https://github.com/the8frust/CVE-2026-1492","description":"Exploit for CVE-2026-1492 affecting the WordPress User Registration plugin, allowing unauthenticated attackers to register accounts and escalate privileges to administrator via a logic flaw in membership handling.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-20T23:09:34Z","pushed_at":"2026-03-20T23:09:30Z","created_at":"2026-03-20T20:27:18Z","topics":[],"owner":{"login":"the8frust","html_url":"https://github.com/the8frust"},"clone_url":"https://github.com/the8frust/CVE-2026-1492.git"},{"id":1175219479,"name":"CVE-2026-1492-POC","full_name":"imad-z1/CVE-2026-1492-POC","html_url":"https://github.com/imad-z1/CVE-2026-1492-POC","description":"User Registration \u0026 Membership \u003c= 5.1.2 - Unauthenticated Privilege Escalation via Membership Registration","stargazers_count":0,"forks_count":0,"language":"PHP","updated_at":"2026-03-07T12:03:41Z","pushed_at":"2026-03-07T12:03:38Z","created_at":"2026-03-07T12:01:53Z","topics":[],"owner":{"login":"imad-z1","html_url":"https://github.com/imad-z1"},"clone_url":"https://github.com/imad-z1/CVE-2026-1492-POC.git"}]},{"cve_id":"CVE-2026-1529","repositories":[{"id":1155119337,"name":"CVE-2026-1529","full_name":"0x240x23elu/CVE-2026-1529","html_url":"https://github.com/0x240x23elu/CVE-2026-1529","description":"Keycloak: Unauthorized organization registration via improper invitation token validation","stargazers_count":1,"forks_count":2,"language":"Python","updated_at":"2026-02-12T09:36:14Z","pushed_at":"2026-02-11T06:59:10Z","created_at":"2026-02-11T06:24:21Z","topics":[],"owner":{"login":"0x240x23elu","html_url":"https://github.com/0x240x23elu"},"clone_url":"https://github.com/0x240x23elu/CVE-2026-1529.git"},{"id":1156718921,"name":"CVE-2026-1529-PoC-keycloak-unauthorized-registration-via-improper-invitation-token-validation","full_name":"ackemed/CVE-2026-1529-PoC-keycloak-unauthorized-registration-via-improper-invitation-token-validation","html_url":"https://github.com/ackemed/CVE-2026-1529-PoC-keycloak-unauthorized-registration-via-improper-invitation-token-validation","description":"CVE-2026-1529 (PoC) is a critical vulnerability in Keycloak that allows unauthorized organization registration through improper invitation token validation. This exploit tool demonstrates the vulnerability by manipulating JWT tokens to register users in unauthorized organizations.","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-13T01:07:15Z","pushed_at":"2026-02-10T14:35:09Z","created_at":"2026-02-13T01:07:15Z","topics":[],"owner":{"login":"ackemed","html_url":"https://github.com/ackemed"},"clone_url":"https://github.com/ackemed/CVE-2026-1529-PoC-keycloak-unauthorized-registration-via-improper-invitation-token-validation.git"},{"id":1154563956,"name":"CVE-2026-1529-PoC-keycloak-unauthorized-registration-via-improper-invitation-token-validation","full_name":"ninjazan420/CVE-2026-1529-PoC-keycloak-unauthorized-registration-via-improper-invitation-token-validation","html_url":"https://github.com/ninjazan420/CVE-2026-1529-PoC-keycloak-unauthorized-registration-via-improper-invitation-token-validation","description":"CVE-2026-1529 (PoC) is a critical vulnerability in Keycloak that allows unauthorized organization registration through improper invitation token validation. This exploit tool demonstrates the vulnerability by manipulating JWT tokens to register users in unauthorized organizations.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-25T05:35:21Z","pushed_at":"2026-02-10T14:35:09Z","created_at":"2026-02-10T14:31:22Z","topics":["concept","cve","cve-2026-1529","keycloak","keycloak-poc","of","poc","proof","proofofconcept"],"owner":{"login":"ninjazan420","html_url":"https://github.com/ninjazan420"},"clone_url":"https://github.com/ninjazan420/CVE-2026-1529-PoC-keycloak-unauthorized-registration-via-improper-invitation-token-validation.git"}]},{"cve_id":"CVE-2026-1550","repositories":[{"id":1177977706,"name":"CVE-2026-1550","full_name":"rsecroot/CVE-2026-1550","html_url":"https://github.com/rsecroot/CVE-2026-1550","description":"A security flaw has been discovered in PHPGurukul Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /hms/hospital/docappsystem/adminviews.py of the component Admin Dashboard Page.","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-03-10T15:07:05Z","pushed_at":"2026-03-10T15:06:31Z","created_at":"2026-03-10T15:06:30Z","topics":[],"owner":{"login":"rsecroot","html_url":"https://github.com/rsecroot"},"clone_url":"https://github.com/rsecroot/CVE-2026-1550.git"}]},{"cve_id":"CVE-2026-1555","repositories":[{"id":1213896724,"name":"CVE-2026-1555","full_name":"Nxploited/CVE-2026-1555","html_url":"https://github.com/Nxploited/CVE-2026-1555","description":"WebStack \u003c= 1.2024 - Unauthenticated Arbitrary File Upload","stargazers_count":6,"forks_count":0,"language":"Python","updated_at":"2026-04-27T08:02:35Z","pushed_at":"2026-04-17T22:05:09Z","created_at":"2026-04-17T22:03:58Z","topics":[],"owner":{"login":"Nxploited","html_url":"https://github.com/Nxploited"},"clone_url":"https://github.com/Nxploited/CVE-2026-1555.git"}]},{"cve_id":"CVE-2026-1560","repositories":[{"id":1154859399,"name":"CVE-2026-1560-Authenticated-Remote-Code-Execution-in-Lazy-Blocks-4.2.0","full_name":"Z3YR0xX/CVE-2026-1560-Authenticated-Remote-Code-Execution-in-Lazy-Blocks-4.2.0","html_url":"https://github.com/Z3YR0xX/CVE-2026-1560-Authenticated-Remote-Code-Execution-in-Lazy-Blocks-4.2.0","description":"","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-03-03T07:10:02Z","pushed_at":"2026-02-10T21:38:55Z","created_at":"2026-02-10T21:19:32Z","topics":[],"owner":{"login":"Z3YR0xX","html_url":"https://github.com/Z3YR0xX"},"clone_url":"https://github.com/Z3YR0xX/CVE-2026-1560-Authenticated-Remote-Code-Execution-in-Lazy-Blocks-4.2.0.git"}]},{"cve_id":"CVE-2026-1581","repositories":[{"id":1168528859,"name":"CVE-2026-1581-Analysis-Lab","full_name":"rootdirective-sec/CVE-2026-1581-Analysis-Lab","html_url":"https://github.com/rootdirective-sec/CVE-2026-1581-Analysis-Lab","description":"","stargazers_count":1,"forks_count":0,"language":"Shell","updated_at":"2026-03-12T11:35:53Z","pushed_at":"2026-02-27T13:59:08Z","created_at":"2026-02-27T13:52:57Z","topics":[],"owner":{"login":"rootdirective-sec","html_url":"https://github.com/rootdirective-sec"},"clone_url":"https://github.com/rootdirective-sec/CVE-2026-1581-Analysis-Lab.git"}]},{"cve_id":"CVE-2026-1657","repositories":[{"id":1206230626,"name":"CVE-2026-1657","full_name":"d3kc4rt1/CVE-2026-1657","html_url":"https://github.com/d3kc4rt1/CVE-2026-1657","description":"Unauthenticated Arbitrary File Upload in EventPrime Plugin","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-09T17:53:36Z","pushed_at":"2026-04-09T17:53:32Z","created_at":"2026-04-09T17:53:07Z","topics":[],"owner":{"login":"d3kc4rt1","html_url":"https://github.com/d3kc4rt1"},"clone_url":"https://github.com/d3kc4rt1/CVE-2026-1657.git"},{"id":1194351819,"name":"-CVE-2026-1657","full_name":"Vimash-Dilsara/-CVE-2026-1657","html_url":"https://github.com/Vimash-Dilsara/-CVE-2026-1657","description":" CVE-2026-1657 exploit Unauthenticated Image Upload via 'ep_upload_file_media' AJAX Endpoint","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-28T08:34:52Z","pushed_at":"2026-03-28T08:34:49Z","created_at":"2026-03-28T08:30:11Z","topics":[],"owner":{"login":"Vimash-Dilsara","html_url":"https://github.com/Vimash-Dilsara"},"clone_url":"https://github.com/Vimash-Dilsara/-CVE-2026-1657.git"}]},{"cve_id":"CVE-2026-1668","repositories":[{"id":1202523948,"name":"cve-2026-1668-poc","full_name":"tangrs/cve-2026-1668-poc","html_url":"https://github.com/tangrs/cve-2026-1668-poc","description":"Proof-of-concept exploit for CVE-2026-1668.","stargazers_count":1,"forks_count":0,"language":"C","updated_at":"2026-04-22T18:57:48Z","pushed_at":"2026-04-06T05:48:10Z","created_at":"2026-04-06T05:36:54Z","topics":[],"owner":{"login":"tangrs","html_url":"https://github.com/tangrs"},"clone_url":"https://github.com/tangrs/cve-2026-1668-poc.git"}]},{"cve_id":"CVE-2026-1729","repositories":[{"id":1156248769,"name":"CVE-2026-1729-PoC-AdForest-WordPress-Authentication-Bypass","full_name":"ninjazan420/CVE-2026-1729-PoC-AdForest-WordPress-Authentication-Bypass","html_url":"https://github.com/ninjazan420/CVE-2026-1729-PoC-AdForest-WordPress-Authentication-Bypass","description":"The AdForest theme for WordPress is vulnerable to authentication bypass in all versions including, 6.0.12. This is due to the plugin not properly verifying a user's identity prior to authenticating them through the 'sb_login_user_with_otp_fun' function. This makes it possible for unauthenticated attackers to log in, including admin","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-25T05:35:11Z","pushed_at":"2026-02-12T12:43:07Z","created_at":"2026-02-12T12:40:22Z","topics":["adforest","admin","auth","exploit","poc","proof-of-concept","wordpress"],"owner":{"login":"ninjazan420","html_url":"https://github.com/ninjazan420"},"clone_url":"https://github.com/ninjazan420/CVE-2026-1729-PoC-AdForest-WordPress-Authentication-Bypass.git"}]},{"cve_id":"CVE-2026-1731","repositories":[{"id":1155228248,"name":"CVE-2026-1731","full_name":"win3zz/CVE-2026-1731","html_url":"https://github.com/win3zz/CVE-2026-1731","description":"CVE-2026-1731 - Critical command injection vulnerability in BeyondTrust Remote Support and Privileged Remote Access due to unsafe Bash arithmetic evaluation in a WebSocket-reachable script","stargazers_count":31,"forks_count":8,"language":"Python","updated_at":"2026-04-24T12:47:12Z","pushed_at":"2026-02-11T12:46:15Z","created_at":"2026-02-11T09:18:33Z","topics":["beyondtrust","cve-2026-1731","remote-access","vulnerability-detection"],"owner":{"login":"win3zz","html_url":"https://github.com/win3zz"},"clone_url":"https://github.com/win3zz/CVE-2026-1731.git"},{"id":1160593788,"name":"CVE-2026-1731","full_name":"jakubie07/CVE-2026-1731","html_url":"https://github.com/jakubie07/CVE-2026-1731","description":"CVE-2026-1731 PoC","stargazers_count":5,"forks_count":0,"language":"Rust","updated_at":"2026-03-03T13:41:41Z","pushed_at":"2026-02-18T17:26:54Z","created_at":"2026-02-18T06:05:46Z","topics":["beyondtrust","cve-2026","cve-2026-1731","poc","rce"],"owner":{"login":"jakubie07","html_url":"https://github.com/jakubie07"},"clone_url":"https://github.com/jakubie07/CVE-2026-1731.git"},{"id":1157417567,"name":"cve-2026-1731-scanner","full_name":"cybrdude/cve-2026-1731-scanner","html_url":"https://github.com/cybrdude/cve-2026-1731-scanner","description":"Passive vulnerability scanner for CVE-2026-1731 — BeyondTrust RS/PRA pre-auth RCE (CVSS 9.9). Educational \u0026 defensive use only.","stargazers_count":4,"forks_count":0,"language":"Python","updated_at":"2026-02-19T23:55:38Z","pushed_at":"2026-02-16T23:54:19Z","created_at":"2026-02-13T19:48:13Z","topics":["beyondtrust","cve-2026-1731","infosec","passive-scanner","privileged-remote-access","security-tools","vulnerability-scanner"],"owner":{"login":"cybrdude","html_url":"https://github.com/cybrdude"},"clone_url":"https://github.com/cybrdude/cve-2026-1731-scanner.git"},{"id":1163886939,"name":"CVE-2026-1731","full_name":"hexissam/CVE-2026-1731","html_url":"https://github.com/hexissam/CVE-2026-1731","description":"CVE-2026-1731 — BeyondTrust Remote Code Execution Vulnerability","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-22T10:10:25Z","pushed_at":"2026-02-22T10:10:22Z","created_at":"2026-02-22T10:05:02Z","topics":[],"owner":{"login":"hexissam","html_url":"https://github.com/hexissam"},"clone_url":"https://github.com/hexissam/CVE-2026-1731.git"}]},{"cve_id":"CVE-2026-1844","repositories":[{"id":1158636119,"name":"CVE-2026-1844","full_name":"adamshaikhma/CVE-2026-1844","html_url":"https://github.com/adamshaikhma/CVE-2026-1844","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-19T10:49:07Z","pushed_at":"2026-02-15T18:06:10Z","created_at":"2026-02-15T17:34:40Z","topics":[],"owner":{"login":"adamshaikhma","html_url":"https://github.com/adamshaikhma"},"clone_url":"https://github.com/adamshaikhma/CVE-2026-1844.git"}]},{"cve_id":"CVE-2026-1880","repositories":[{"id":1212395845,"name":"CVE-2026-1880","full_name":"seokjohn/CVE-2026-1880","html_url":"https://github.com/seokjohn/CVE-2026-1880","description":"ASUS DriverHub Driver Update Process TOCTOU Vulnerability Leading to LPE","stargazers_count":2,"forks_count":0,"language":"C++","updated_at":"2026-04-27T04:30:13Z","pushed_at":"2026-04-16T11:53:46Z","created_at":"2026-04-16T10:37:12Z","topics":[],"owner":{"login":"seokjohn","html_url":"https://github.com/seokjohn"},"clone_url":"https://github.com/seokjohn/CVE-2026-1880.git"}]},{"cve_id":"CVE-2026-1937","repositories":[{"id":1214223462,"name":"CVE-2026-1937","full_name":"Nxploited/CVE-2026-1937","html_url":"https://github.com/Nxploited/CVE-2026-1937","description":"YayMail \u003c= 4.3.2 - Missing Authorization to Authenticated (Shop Manager+) Arbitrary Options Update via 'yaymail_import_state' AJAX Action","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-18T09:32:18Z","pushed_at":"2026-04-18T09:32:14Z","created_at":"2026-04-18T09:25:31Z","topics":[],"owner":{"login":"Nxploited","html_url":"https://github.com/Nxploited"},"clone_url":"https://github.com/Nxploited/CVE-2026-1937.git"}]},{"cve_id":"CVE-2026-1953","repositories":[{"id":1150325410,"name":"CVE-2026-1953-Disclosure","full_name":"carlosbudiman/CVE-2026-1953-Disclosure","html_url":"https://github.com/carlosbudiman/CVE-2026-1953-Disclosure","description":"Stored cross-site scripting (XSS) vulnerability in the edit profile feature at Nukegraphic CMS V3.1.2","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-03-18T15:28:34Z","pushed_at":"2026-02-05T11:57:16Z","created_at":"2026-02-05T06:25:43Z","topics":[],"owner":{"login":"carlosbudiman","html_url":"https://github.com/carlosbudiman"},"clone_url":"https://github.com/carlosbudiman/CVE-2026-1953-Disclosure.git"}]},{"cve_id":"CVE-2026-1999","repositories":[{"id":1182620364,"name":"automerge-test","full_name":"jwde/automerge-test","html_url":"https://github.com/jwde/automerge-test","description":"Testing auto-merge CVE-2026-1999 variant","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-15T21:15:56Z","pushed_at":"2026-03-15T21:15:53Z","created_at":"2026-03-15T18:59:19Z","topics":[],"owner":{"login":"jwde","html_url":"https://github.com/jwde"},"clone_url":"https://github.com/jwde/automerge-test.git"}]},{"cve_id":"CVE-2026-20045","repositories":[{"id":1141525190,"name":"Ashwesker-CVE-2026-20045","full_name":"dkstar11q/Ashwesker-CVE-2026-20045","html_url":"https://github.com/dkstar11q/Ashwesker-CVE-2026-20045","description":"CVE-2026-20045","stargazers_count":5,"forks_count":2,"language":"","updated_at":"2026-04-14T02:31:09Z","pushed_at":"2026-01-22T13:01:22Z","created_at":"2026-01-25T01:01:31Z","topics":[],"owner":{"login":"dkstar11q","html_url":"https://github.com/dkstar11q"},"clone_url":"https://github.com/dkstar11q/Ashwesker-CVE-2026-20045.git"}]},{"cve_id":"CVE-2026-20079","repositories":[{"id":1194511254,"name":"CVE-2026-20079","full_name":"0xBlackash/CVE-2026-20079","html_url":"https://github.com/0xBlackash/CVE-2026-20079","description":"CVE-2026-20079","stargazers_count":0,"forks_count":2,"language":"Python","updated_at":"2026-03-28T13:39:29Z","pushed_at":"2026-03-28T13:39:26Z","created_at":"2026-03-28T13:08:16Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-20079.git"}]},{"cve_id":"CVE-2026-20127","repositories":[{"id":1172134172,"name":"CVE-2026-20127---Cisco-SD-WAN-Preauth-RCE","full_name":"zerozenxlabs/CVE-2026-20127---Cisco-SD-WAN-Preauth-RCE","html_url":"https://github.com/zerozenxlabs/CVE-2026-20127---Cisco-SD-WAN-Preauth-RCE","description":"","stargazers_count":31,"forks_count":10,"language":"Python","updated_at":"2026-03-23T05:02:53Z","pushed_at":"2026-03-04T01:36:00Z","created_at":"2026-03-04T01:20:17Z","topics":[],"owner":{"login":"zerozenxlabs","html_url":"https://github.com/zerozenxlabs"},"clone_url":"https://github.com/zerozenxlabs/CVE-2026-20127---Cisco-SD-WAN-Preauth-RCE.git"},{"id":1176945391,"name":"CVE-2026-20127","full_name":"sfewer-r7/CVE-2026-20127","html_url":"https://github.com/sfewer-r7/CVE-2026-20127","description":"An exploit for the Cisco Catalyst SD-WAN Controller authentication bypass vulnerability, CVE-2026-20127","stargazers_count":23,"forks_count":1,"language":"Ruby","updated_at":"2026-04-24T08:38:59Z","pushed_at":"2026-03-09T15:17:31Z","created_at":"2026-03-09T14:38:24Z","topics":[],"owner":{"login":"sfewer-r7","html_url":"https://github.com/sfewer-r7"},"clone_url":"https://github.com/sfewer-r7/CVE-2026-20127.git"},{"id":1173633761,"name":"CVE-2026-20127_EXP","full_name":"BugFor-Pings/CVE-2026-20127_EXP","html_url":"https://github.com/BugFor-Pings/CVE-2026-20127_EXP","description":"Cisco Catalyst SD-WAN 身份验证绕过漏洞(CVE-2026-20127)利用EXP","stargazers_count":4,"forks_count":2,"language":"Python","updated_at":"2026-03-31T13:50:52Z","pushed_at":"2026-03-05T15:36:00Z","created_at":"2026-03-05T15:28:31Z","topics":[],"owner":{"login":"BugFor-Pings","html_url":"https://github.com/BugFor-Pings"},"clone_url":"https://github.com/BugFor-Pings/CVE-2026-20127_EXP.git"},{"id":1175143169,"name":"CVE-2026-20127-Cisco-SD-WAN-Preauth-RCE","full_name":"yonathanpy/CVE-2026-20127-Cisco-SD-WAN-Preauth-RCE","html_url":"https://github.com/yonathanpy/CVE-2026-20127-Cisco-SD-WAN-Preauth-RCE","description":"","stargazers_count":2,"forks_count":1,"language":"Python","updated_at":"2026-03-19T16:14:54Z","pushed_at":"2026-03-07T09:49:31Z","created_at":"2026-03-07T09:39:29Z","topics":[],"owner":{"login":"yonathanpy","html_url":"https://github.com/yonathanpy"},"clone_url":"https://github.com/yonathanpy/CVE-2026-20127-Cisco-SD-WAN-Preauth-RCE.git"},{"id":1211684149,"name":"cve-2026-20127","full_name":"gigachadusers/cve-2026-20127","html_url":"https://github.com/gigachadusers/cve-2026-20127","description":"","stargazers_count":0,"forks_count":0,"language":"C++","updated_at":"2026-04-15T16:40:53Z","pushed_at":"2026-04-15T16:40:49Z","created_at":"2026-04-15T16:35:46Z","topics":[],"owner":{"login":"gigachadusers","html_url":"https://github.com/gigachadusers"},"clone_url":"https://github.com/gigachadusers/cve-2026-20127.git"},{"id":1175850534,"name":"sdwan-scanner-CVE-2026-20127","full_name":"abrahamsurf/sdwan-scanner-CVE-2026-20127","html_url":"https://github.com/abrahamsurf/sdwan-scanner-CVE-2026-20127","description":"Cisco SD-WAN Exposure \u0026 Potential Vulnerability Scanner (Passive Fingerprinting) 2026","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-08T09:24:09Z","pushed_at":"2026-03-08T09:21:05Z","created_at":"2026-03-08T09:04:34Z","topics":[],"owner":{"login":"abrahamsurf","html_url":"https://github.com/abrahamsurf"},"clone_url":"https://github.com/abrahamsurf/sdwan-scanner-CVE-2026-20127.git"},{"id":1172198312,"name":"CVE-2026-20127","full_name":"randeepajayasekara/CVE-2026-20127","html_url":"https://github.com/randeepajayasekara/CVE-2026-20127","description":"Walkthrough of the CVSS 10.0 authentication bypass in Cisco Catalyst SD-WAN from first malformed peering request to root on the management plane.","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-12T06:34:04Z","pushed_at":"2026-03-04T05:19:18Z","created_at":"2026-03-04T03:25:57Z","topics":["authentication-bypass","cve","vulnerability"],"owner":{"login":"randeepajayasekara","html_url":"https://github.com/randeepajayasekara"},"clone_url":"https://github.com/randeepajayasekara/CVE-2026-20127.git"}]},{"cve_id":"CVE-2026-20131","repositories":[{"id":1178394917,"name":"CVE-2026-20131","full_name":"sak110/CVE-2026-20131","html_url":"https://github.com/sak110/CVE-2026-20131","description":"","stargazers_count":3,"forks_count":1,"language":"Python","updated_at":"2026-04-28T18:14:25Z","pushed_at":"2026-03-11T02:17:15Z","created_at":"2026-03-11T01:30:51Z","topics":[],"owner":{"login":"sak110","html_url":"https://github.com/sak110"},"clone_url":"https://github.com/sak110/CVE-2026-20131.git"},{"id":1203445056,"name":"Cisco-FMC-honeypot","full_name":"Hassan-Pouladi/Cisco-FMC-honeypot","html_url":"https://github.com/Hassan-Pouladi/Cisco-FMC-honeypot","description":"Originally a Honeypot for CVE-2026-20131","stargazers_count":0,"forks_count":1,"language":"Python","updated_at":"2026-04-07T06:11:18Z","pushed_at":"2026-04-07T06:11:14Z","created_at":"2026-04-07T03:35:37Z","topics":["cve","honeypot","poc","threat-hunting","threat-intelligence"],"owner":{"login":"Hassan-Pouladi","html_url":"https://github.com/Hassan-Pouladi"},"clone_url":"https://github.com/Hassan-Pouladi/Cisco-FMC-honeypot.git"},{"id":1174197428,"name":"CVE-2026-20131-POC","full_name":"p3Nt3st3r-sTAr/CVE-2026-20131-POC","html_url":"https://github.com/p3Nt3st3r-sTAr/CVE-2026-20131-POC","description":"","stargazers_count":0,"forks_count":3,"language":"Python","updated_at":"2026-03-18T00:51:59Z","pushed_at":"2026-03-18T00:51:56Z","created_at":"2026-03-06T07:06:56Z","topics":[],"owner":{"login":"p3Nt3st3r-sTAr","html_url":"https://github.com/p3Nt3st3r-sTAr"},"clone_url":"https://github.com/p3Nt3st3r-sTAr/CVE-2026-20131-POC.git"}]},{"cve_id":"CVE-2026-20180","repositories":[{"id":1217134177,"name":"CVE-2026-20180","full_name":"kaleth4/CVE-2026-20180","html_url":"https://github.com/kaleth4/CVE-2026-20180","description":"","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-04-22T03:45:40Z","pushed_at":"2026-04-21T15:27:18Z","created_at":"2026-04-21T15:21:56Z","topics":[],"owner":{"login":"kaleth4","html_url":"https://github.com/kaleth4"},"clone_url":"https://github.com/kaleth4/CVE-2026-20180.git"}]},{"cve_id":"CVE-2026-20404","repositories":[{"id":1154018176,"name":"CVE-2026-20404-MediaTek-modem-remote-DoS-rogue-base-station-scenario-","full_name":"George0Papasotiriou/CVE-2026-20404-MediaTek-modem-remote-DoS-rogue-base-station-scenario-","html_url":"https://github.com/George0Papasotiriou/CVE-2026-20404-MediaTek-modem-remote-DoS-rogue-base-station-scenario-","description":"A MediaTek modem input validation issue can cause a system crash (remote DoS) when a UE connects to a rogue base station controlled by an attacker with no user interaction required.","stargazers_count":1,"forks_count":0,"language":"Shell","updated_at":"2026-02-10T00:13:50Z","pushed_at":"2026-02-10T00:13:47Z","created_at":"2026-02-09T23:32:38Z","topics":[],"owner":{"login":"George0Papasotiriou","html_url":"https://github.com/George0Papasotiriou"},"clone_url":"https://github.com/George0Papasotiriou/CVE-2026-20404-MediaTek-modem-remote-DoS-rogue-base-station-scenario-.git"}]},{"cve_id":"CVE-2026-2058","repositories":[{"id":1179427088,"name":"CVE-2026-2058-PoC","full_name":"carlosalbertotuma/CVE-2026-2058-PoC","html_url":"https://github.com/carlosalbertotuma/CVE-2026-2058-PoC","description":"","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-03-12T14:01:32Z","pushed_at":"2026-03-12T14:01:25Z","created_at":"2026-03-12T02:38:59Z","topics":[],"owner":{"login":"carlosalbertotuma","html_url":"https://github.com/carlosalbertotuma"},"clone_url":"https://github.com/carlosalbertotuma/CVE-2026-2058-PoC.git"}]},{"cve_id":"CVE-2026-20637","repositories":[{"id":1133350075,"name":"CVE-2026-20637-AppleSEPKeyStore-UAF","full_name":"zeroxjf/CVE-2026-20637-AppleSEPKeyStore-UAF","html_url":"https://github.com/zeroxjf/CVE-2026-20637-AppleSEPKeyStore-UAF","description":"CVE-2026-20637: AppleSEPKeyStore Use-After-Free — iOS/macOS kernel vulnerability (patched in 26.4)","stargazers_count":51,"forks_count":6,"language":"Objective-C","updated_at":"2026-04-18T11:35:43Z","pushed_at":"2026-04-06T20:26:26Z","created_at":"2026-01-13T08:21:42Z","topics":["cve-2026-20637","ios","kernel","macos","security-research","use-after-free"],"owner":{"login":"zeroxjf","html_url":"https://github.com/zeroxjf"},"clone_url":"https://github.com/zeroxjf/CVE-2026-20637-AppleSEPKeyStore-UAF.git"},{"id":1218257970,"name":"CVE-2026-20637-AppleSEPKeyStore-UAF","full_name":"enfilade-labs/CVE-2026-20637-AppleSEPKeyStore-UAF","html_url":"https://github.com/enfilade-labs/CVE-2026-20637-AppleSEPKeyStore-UAF","description":"CVE-2026-20637: AppleSEPKeyStore Use-After-Free — iOS/macOS kernel vulnerability (patched in 26.4)","stargazers_count":1,"forks_count":0,"language":"Objective-C","updated_at":"2026-04-28T11:47:09Z","pushed_at":"2026-04-22T17:47:45Z","created_at":"2026-04-22T17:36:14Z","topics":[],"owner":{"login":"enfilade-labs","html_url":"https://github.com/enfilade-labs"},"clone_url":"https://github.com/enfilade-labs/CVE-2026-20637-AppleSEPKeyStore-UAF.git"}]},{"cve_id":"CVE-2026-20643","repositories":[{"id":1184679169,"name":"WebKit-NavigationAPI-SOP-Bypass","full_name":"zeroxjf/WebKit-NavigationAPI-SOP-Bypass","html_url":"https://github.com/zeroxjf/WebKit-NavigationAPI-SOP-Bypass","description":"WebKit NavigateEvent.canIntercept SOP bypass via cross-port interception — iOS 26.3.1 BSI (CVE-2026-20643)","stargazers_count":15,"forks_count":2,"language":"HTML","updated_at":"2026-04-16T02:41:27Z","pushed_at":"2026-03-17T22:32:54Z","created_at":"2026-03-17T20:32:03Z","topics":[],"owner":{"login":"zeroxjf","html_url":"https://github.com/zeroxjf"},"clone_url":"https://github.com/zeroxjf/WebKit-NavigationAPI-SOP-Bypass.git"},{"id":1186931045,"name":"CVE-2026-20643","full_name":"Fliv/CVE-2026-20643","html_url":"https://github.com/Fliv/CVE-2026-20643","description":"CVE-2026-20643 test page","stargazers_count":1,"forks_count":1,"language":"JavaScript","updated_at":"2026-03-25T15:37:25Z","pushed_at":"2026-03-20T07:42:18Z","created_at":"2026-03-20T06:29:30Z","topics":[],"owner":{"login":"Fliv","html_url":"https://github.com/Fliv"},"clone_url":"https://github.com/Fliv/CVE-2026-20643.git"}]},{"cve_id":"CVE-2026-20660","repositories":[{"id":1182965689,"name":"CVE-2026-20660","full_name":"retX0/CVE-2026-20660","html_url":"https://github.com/retX0/CVE-2026-20660","description":"","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-04-26T21:05:25Z","pushed_at":"2026-03-20T06:20:57Z","created_at":"2026-03-16T06:13:35Z","topics":[],"owner":{"login":"retX0","html_url":"https://github.com/retX0"},"clone_url":"https://github.com/retX0/CVE-2026-20660.git"}]},{"cve_id":"CVE-2026-20687","repositories":[{"id":1153842616,"name":"CVE-2026-20687-AppleJPEGDriver-UAF","full_name":"zeroxjf/CVE-2026-20687-AppleJPEGDriver-UAF","html_url":"https://github.com/zeroxjf/CVE-2026-20687-AppleJPEGDriver-UAF","description":"CVE-2026-20687: AppleJPEGDriver startDecoder Timeout UAF — iOS/macOS kernel vulnerability leading to deferred panic (A19 Pro, iOS 26.3 RC)","stargazers_count":17,"forks_count":3,"language":"Objective-C","updated_at":"2026-04-18T11:35:39Z","pushed_at":"2026-04-06T20:22:19Z","created_at":"2026-02-09T18:21:45Z","topics":["apple","arm64","cve-2026-20687","ios","kernel","poc","security","use-after-free","vulnerability"],"owner":{"login":"zeroxjf","html_url":"https://github.com/zeroxjf"},"clone_url":"https://github.com/zeroxjf/CVE-2026-20687-AppleJPEGDriver-UAF.git"},{"id":1218258012,"name":"CVE-2026-20687-AppleJPEGDriver-UAF","full_name":"enfilade-labs/CVE-2026-20687-AppleJPEGDriver-UAF","html_url":"https://github.com/enfilade-labs/CVE-2026-20687-AppleJPEGDriver-UAF","description":"CVE-2026-20687: AppleJPEGDriver startDecoder Timeout UAF — iOS/macOS kernel vulnerability leading to deferred panic (A19 Pro, iOS 26.3 RC)","stargazers_count":1,"forks_count":0,"language":"Objective-C","updated_at":"2026-04-28T11:47:07Z","pushed_at":"2026-04-22T17:47:46Z","created_at":"2026-04-22T17:36:17Z","topics":[],"owner":{"login":"enfilade-labs","html_url":"https://github.com/enfilade-labs"},"clone_url":"https://github.com/enfilade-labs/CVE-2026-20687-AppleJPEGDriver-UAF.git"}]},{"cve_id":"CVE-2026-20698","repositories":[{"id":1196614265,"name":"CVE-2026-20698-PF_ROUTE-Heap-Overflow","full_name":"Somisomair/CVE-2026-20698-PF_ROUTE-Heap-Overflow","html_url":"https://github.com/Somisomair/CVE-2026-20698-PF_ROUTE-Heap-Overflow","description":"CVE-2026-20698: XNU kernel heap overflow via PF_ROUTE RTA_GENMASK. PoC and analysis. Independently discovered.","stargazers_count":3,"forks_count":1,"language":"C","updated_at":"2026-04-09T15:25:51Z","pushed_at":"2026-03-30T21:46:38Z","created_at":"2026-03-30T21:44:45Z","topics":[],"owner":{"login":"Somisomair","html_url":"https://github.com/Somisomair"},"clone_url":"https://github.com/Somisomair/CVE-2026-20698-PF_ROUTE-Heap-Overflow.git"}]},{"cve_id":"CVE-2026-20805","repositories":[{"id":1134257964,"name":"CVE-2026-20805-POC","full_name":"fevar54/CVE-2026-20805-POC","html_url":"https://github.com/fevar54/CVE-2026-20805-POC","description":"# CVE-2026-20805 PoC  Prueba de concepto para la vulnerabilidad de divulgación de información en **Desktop Windows Manager (dwm.exe)** de Microsoft.  ## 📋 Resumen de la Vulnerabilidad  - **ID:** CVE-2026-20805 - **Producto:** Microsoft Windows","stargazers_count":7,"forks_count":2,"language":"","updated_at":"2026-04-09T17:05:00Z","pushed_at":"2026-01-14T13:34:08Z","created_at":"2026-01-14T13:26:26Z","topics":[],"owner":{"login":"fevar54","html_url":"https://github.com/fevar54"},"clone_url":"https://github.com/fevar54/CVE-2026-20805-POC.git"},{"id":1137741233,"name":"CVE-2026-20805-PoC","full_name":"Uzair-Baig0900/CVE-2026-20805-PoC","html_url":"https://github.com/Uzair-Baig0900/CVE-2026-20805-PoC","description":"The PoC of information disclosure in Microsoft Desktop Windows Management.","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-01-26T04:22:11Z","pushed_at":"2026-01-19T19:35:18Z","created_at":"2026-01-19T19:16:25Z","topics":["alpc","cve","dwm","exploits","information-disclosure","kaslr","poc","red-team","vapt","windows","windows-kernal"],"owner":{"login":"Uzair-Baig0900","html_url":"https://github.com/Uzair-Baig0900"},"clone_url":"https://github.com/Uzair-Baig0900/CVE-2026-20805-PoC.git"},{"id":1146483268,"name":"SCTT-2026-33-0002-DWM-Visual-Field-Singularity","full_name":"SimoesCTT/SCTT-2026-33-0002-DWM-Visual-Field-Singularity","html_url":"https://github.com/SimoesCTT/SCTT-2026-33-0002-DWM-Visual-Field-Singularity","description":"Microsoft just patched CVE-2026-20805 and CVE-2026-20871 in January 2026 to stop \"Information Disclosure\" and \"Use-After-Free\" bugs in DWM. They think they've secured the \"Visual Boundary.\" We are about to prove that a 33-layer resonance can turn those visual buffers into a liquid pipeline for SCTT-2026-33-0002.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-31T07:01:00Z","pushed_at":"2026-01-31T07:00:56Z","created_at":"2026-01-31T06:52:17Z","topics":[],"owner":{"login":"SimoesCTT","html_url":"https://github.com/SimoesCTT"},"clone_url":"https://github.com/SimoesCTT/SCTT-2026-33-0002-DWM-Visual-Field-Singularity.git"},{"id":1146478346,"name":"-SCTT-2026-33-0002-DWM-Visual-Field-Singularity","full_name":"SimoesCTT/-SCTT-2026-33-0002-DWM-Visual-Field-Singularity","html_url":"https://github.com/SimoesCTT/-SCTT-2026-33-0002-DWM-Visual-Field-Singularity","description":"### 📡 Theoretical Classification **ID:** SCTT-2026-33-0002   **Researcher:** Americo Simoes (SimoesCTT)   **Physics:** Theorem 4.2 - Turbulent Phase Transition (TPT)   **Constant:** α = 0.0302011   **Target:** Desktop Window Manager (dwm.exe) / Windows Graphics Component   **Obsoletes:** CVE-2026-20805 \u0026 CVE-2026-20871 (Visual-Latch Patches)","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-31T06:45:09Z","pushed_at":"2026-01-31T06:45:05Z","created_at":"2026-01-31T06:40:56Z","topics":[],"owner":{"login":"SimoesCTT","html_url":"https://github.com/SimoesCTT"},"clone_url":"https://github.com/SimoesCTT/-SCTT-2026-33-0002-DWM-Visual-Field-Singularity.git"},{"id":1143878229,"name":"Inside-CVE-2026-20805-How-a-Windows-DWM-Flaw-Exposed-Sensitive-Data","full_name":"mrk336/Inside-CVE-2026-20805-How-a-Windows-DWM-Flaw-Exposed-Sensitive-Data","html_url":"https://github.com/mrk336/Inside-CVE-2026-20805-How-a-Windows-DWM-Flaw-Exposed-Sensitive-Data","description":"CVE‑2026‑20805: A Windows Desktop Window Manager flaw causing local information disclosure. Requires low privileges, no user interaction. Rated CVSS 5.5 (Medium). Actively exploited and listed in CISA KEV; patch released January 2026.","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-01-28T04:01:24Z","pushed_at":"2026-01-28T04:01:19Z","created_at":"2026-01-28T03:50:36Z","topics":[],"owner":{"login":"mrk336","html_url":"https://github.com/mrk336"},"clone_url":"https://github.com/mrk336/Inside-CVE-2026-20805-How-a-Windows-DWM-Flaw-Exposed-Sensitive-Data.git"}]},{"cve_id":"CVE-2026-20817","repositories":[{"id":1160896503,"name":"CVE-2026-20817","full_name":"oxfemale/CVE-2026-20817","html_url":"https://github.com/oxfemale/CVE-2026-20817","description":"Windows Error Reporting ALPC Elevation of Privilege (CVE-2026-20817) - Proof-of-Concept exploit demonstrating local privilege escalation via WER service. ","stargazers_count":118,"forks_count":19,"language":"C++","updated_at":"2026-04-28T19:56:03Z","pushed_at":"2026-02-19T13:37:06Z","created_at":"2026-02-18T13:56:17Z","topics":[],"owner":{"login":"oxfemale","html_url":"https://github.com/oxfemale"},"clone_url":"https://github.com/oxfemale/CVE-2026-20817.git"}]},{"cve_id":"CVE-2026-20820","repositories":[{"id":1184956932,"name":"CVE-2026-20820","full_name":"uname1able/CVE-2026-20820","html_url":"https://github.com/uname1able/CVE-2026-20820","description":"","stargazers_count":0,"forks_count":0,"language":"C++","updated_at":"2026-03-18T05:06:04Z","pushed_at":"2026-03-18T05:06:01Z","created_at":"2026-03-18T05:05:56Z","topics":[],"owner":{"login":"uname1able","html_url":"https://github.com/uname1able"},"clone_url":"https://github.com/uname1able/CVE-2026-20820.git"}]},{"cve_id":"CVE-2026-20833","repositories":[{"id":1182365361,"name":"cve-2026-20833-rc4-kerberos","full_name":"v-jfanca/cve-2026-20833-rc4-kerberos","html_url":"https://github.com/v-jfanca/cve-2026-20833-rc4-kerberos","description":"Kerberos RC4 deprecation: detection, remediation and guidance (CVE-2026-20833)","stargazers_count":2,"forks_count":0,"language":"PowerShell","updated_at":"2026-04-13T18:28:03Z","pushed_at":"2026-03-17T12:45:50Z","created_at":"2026-03-15T12:25:58Z","topics":[],"owner":{"login":"v-jfanca","html_url":"https://github.com/v-jfanca"},"clone_url":"https://github.com/v-jfanca/cve-2026-20833-rc4-kerberos.git"}]},{"cve_id":"CVE-2026-20841","repositories":[{"id":1155006903,"name":"CVE-2026-20841-PoC","full_name":"BTtea/CVE-2026-20841-PoC","html_url":"https://github.com/BTtea/CVE-2026-20841-PoC","description":"PoC","stargazers_count":141,"forks_count":22,"language":"","updated_at":"2026-04-22T06:46:34Z","pushed_at":"2026-02-11T05:56:43Z","created_at":"2026-02-11T02:39:30Z","topics":[],"owner":{"login":"BTtea","html_url":"https://github.com/BTtea"},"clone_url":"https://github.com/BTtea/CVE-2026-20841-PoC.git"},{"id":1155924757,"name":"CVE-2026-20841","full_name":"patchpoint/CVE-2026-20841","html_url":"https://github.com/patchpoint/CVE-2026-20841","description":"","stargazers_count":12,"forks_count":0,"language":"","updated_at":"2026-02-19T03:59:46Z","pushed_at":"2026-02-12T05:13:05Z","created_at":"2026-02-12T03:58:28Z","topics":[],"owner":{"login":"patchpoint","html_url":"https://github.com/patchpoint"},"clone_url":"https://github.com/patchpoint/CVE-2026-20841.git"},{"id":1156180550,"name":"CVE-2026-20841","full_name":"atiilla/CVE-2026-20841","html_url":"https://github.com/atiilla/CVE-2026-20841","description":"","stargazers_count":5,"forks_count":4,"language":"Python","updated_at":"2026-03-12T20:31:12Z","pushed_at":"2026-02-12T12:54:53Z","created_at":"2026-02-12T11:00:14Z","topics":[],"owner":{"login":"atiilla","html_url":"https://github.com/atiilla"},"clone_url":"https://github.com/atiilla/CVE-2026-20841.git"},{"id":1155988482,"name":"CVE-2026-20841_notepad_analysis","full_name":"uky007/CVE-2026-20841_notepad_analysis","html_url":"https://github.com/uky007/CVE-2026-20841_notepad_analysis","description":"","stargazers_count":3,"forks_count":1,"language":"Python","updated_at":"2026-03-02T05:55:22Z","pushed_at":"2026-02-12T08:06:24Z","created_at":"2026-02-12T06:04:12Z","topics":[],"owner":{"login":"uky007","html_url":"https://github.com/uky007"},"clone_url":"https://github.com/uky007/CVE-2026-20841_notepad_analysis.git"},{"id":1156247662,"name":"CVE-2026-20841-PoC","full_name":"dogukankurnaz/CVE-2026-20841-PoC","html_url":"https://github.com/dogukankurnaz/CVE-2026-20841-PoC","description":"CVE-2026-20841","stargazers_count":2,"forks_count":0,"language":"","updated_at":"2026-02-19T14:33:56Z","pushed_at":"2026-02-12T13:25:10Z","created_at":"2026-02-12T12:38:45Z","topics":["cve-2026-20841","microsoft","notepad","poc"],"owner":{"login":"dogukankurnaz","html_url":"https://github.com/dogukankurnaz"},"clone_url":"https://github.com/dogukankurnaz/CVE-2026-20841-PoC.git"},{"id":1155472947,"name":"CVE-2026-20841","full_name":"tangent65536/CVE-2026-20841","html_url":"https://github.com/tangent65536/CVE-2026-20841","description":"PoC for the \"Windows Notepad RCE\"","stargazers_count":2,"forks_count":1,"language":"Python","updated_at":"2026-02-28T11:25:53Z","pushed_at":"2026-02-11T14:55:48Z","created_at":"2026-02-11T14:55:18Z","topics":[],"owner":{"login":"tangent65536","html_url":"https://github.com/tangent65536"},"clone_url":"https://github.com/tangent65536/CVE-2026-20841.git"},{"id":861253542,"name":"CVE-2026-20841","full_name":"hamzamalik3461/CVE-2026-20841","html_url":"https://github.com/hamzamalik3461/CVE-2026-20841","description":"🛠 Demonstrate remote code execution in Windows Notepad via markdown links exploiting unsecured URL protocols.","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-04-29T11:58:31Z","pushed_at":"2026-04-29T11:58:27Z","created_at":"2024-09-22T12:19:06Z","topics":["agent","command-injection","cv","cve","cve-2016-0856","cve-2026-20841","ethereum","exploit","microsoft","mxnet","notepad-vulnerability","php-obfuscator","poc","pose-estimation","rag","semantic-segmentation","sybil-resistance","windows-notepad"],"owner":{"login":"hamzamalik3461","html_url":"https://github.com/hamzamalik3461"},"clone_url":"https://github.com/hamzamalik3461/CVE-2026-20841.git"},{"id":1156535306,"name":"CVE-2026-20841-PoC","full_name":"hackfaiz/CVE-2026-20841-PoC","html_url":"https://github.com/hackfaiz/CVE-2026-20841-PoC","description":"Proof of Concept for CVE-2026-20841","stargazers_count":1,"forks_count":0,"language":"Batchfile","updated_at":"2026-02-19T02:51:23Z","pushed_at":"2026-02-12T19:24:31Z","created_at":"2026-02-12T18:59:16Z","topics":[],"owner":{"login":"hackfaiz","html_url":"https://github.com/hackfaiz"},"clone_url":"https://github.com/hackfaiz/CVE-2026-20841-PoC.git"},{"id":1156380448,"name":"CVE-2026-20841","full_name":"SecureWithUmer/CVE-2026-20841","html_url":"https://github.com/SecureWithUmer/CVE-2026-20841","description":"PoC for a remote code execution flaw in Windows Notepad's markdown renderer. The markdown engine does not restrict URL protocols, allowing arbitrary protocol handlers to be triggered via clickable links","stargazers_count":1,"forks_count":1,"language":"","updated_at":"2026-02-12T17:52:13Z","pushed_at":"2026-02-12T15:38:13Z","created_at":"2026-02-12T15:29:58Z","topics":["2026","command-injection","cve","cve-2026-20841","exploit","notepad","notepad-exoploit","notepad-vulnerability","securewithumer","windows-notepad"],"owner":{"login":"SecureWithUmer","html_url":"https://github.com/SecureWithUmer"},"clone_url":"https://github.com/SecureWithUmer/CVE-2026-20841.git"},{"id":1167260052,"name":"CVE-2026-20841-PoC","full_name":"404godd/CVE-2026-20841-PoC","html_url":"https://github.com/404godd/CVE-2026-20841-PoC","description":"🛠 Demonstrate remote code execution in Windows Notepad versions below 11.2510 using the CVE-2026-20841 proof of concept.","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-29T11:57:44Z","pushed_at":"2026-04-29T11:57:40Z","created_at":"2026-02-26T05:21:28Z","topics":["agent","chinese","cv","cve-2016-0856","cve-2026-20841","deep-learning","ethereum","hacktoberfest","llm","mxnet","notepad","obfuscation","php-obfuscator","pose-estimation","python","rag","semantic-segmentation","sybil-resistance","testnet-faucet","web3"],"owner":{"login":"404godd","html_url":"https://github.com/404godd"},"clone_url":"https://github.com/404godd/CVE-2026-20841-PoC.git"},{"id":1203967289,"name":"notepad_CVE_2026_20841","full_name":"whiskeylab/notepad_CVE_2026_20841","html_url":"https://github.com/whiskeylab/notepad_CVE_2026_20841","description":"Notepad CVE-2026-20841","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-07T15:08:54Z","pushed_at":"2026-04-07T15:07:24Z","created_at":"2026-04-07T15:02:48Z","topics":[],"owner":{"login":"whiskeylab","html_url":"https://github.com/whiskeylab"},"clone_url":"https://github.com/whiskeylab/notepad_CVE_2026_20841.git"},{"id":1159812575,"name":"PoC-CVE-2026-20841","full_name":"EleniChristopoulou/PoC-CVE-2026-20841","html_url":"https://github.com/EleniChristopoulou/PoC-CVE-2026-20841","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-17T08:10:36Z","pushed_at":"2026-02-17T08:10:33Z","created_at":"2026-02-17T07:29:53Z","topics":[],"owner":{"login":"EleniChristopoulou","html_url":"https://github.com/EleniChristopoulou"},"clone_url":"https://github.com/EleniChristopoulou/PoC-CVE-2026-20841.git"},{"id":1155349188,"name":"CVE-2026-20841","full_name":"RajaUzairAbdullah/CVE-2026-20841","html_url":"https://github.com/RajaUzairAbdullah/CVE-2026-20841","description":"CVE-2026-20841 - Windows notepad.exe RCE","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-11T12:29:35Z","pushed_at":"2026-02-11T12:29:32Z","created_at":"2026-02-11T12:14:02Z","topics":[],"owner":{"login":"RajaUzairAbdullah","html_url":"https://github.com/RajaUzairAbdullah"},"clone_url":"https://github.com/RajaUzairAbdullah/CVE-2026-20841.git"}]},{"cve_id":"CVE-2026-20871","repositories":[{"id":1146483268,"name":"SCTT-2026-33-0002-DWM-Visual-Field-Singularity","full_name":"SimoesCTT/SCTT-2026-33-0002-DWM-Visual-Field-Singularity","html_url":"https://github.com/SimoesCTT/SCTT-2026-33-0002-DWM-Visual-Field-Singularity","description":"Microsoft just patched CVE-2026-20805 and CVE-2026-20871 in January 2026 to stop \"Information Disclosure\" and \"Use-After-Free\" bugs in DWM. They think they've secured the \"Visual Boundary.\" We are about to prove that a 33-layer resonance can turn those visual buffers into a liquid pipeline for SCTT-2026-33-0002.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-31T07:01:00Z","pushed_at":"2026-01-31T07:00:56Z","created_at":"2026-01-31T06:52:17Z","topics":[],"owner":{"login":"SimoesCTT","html_url":"https://github.com/SimoesCTT"},"clone_url":"https://github.com/SimoesCTT/SCTT-2026-33-0002-DWM-Visual-Field-Singularity.git"},{"id":1146478346,"name":"-SCTT-2026-33-0002-DWM-Visual-Field-Singularity","full_name":"SimoesCTT/-SCTT-2026-33-0002-DWM-Visual-Field-Singularity","html_url":"https://github.com/SimoesCTT/-SCTT-2026-33-0002-DWM-Visual-Field-Singularity","description":"### 📡 Theoretical Classification **ID:** SCTT-2026-33-0002   **Researcher:** Americo Simoes (SimoesCTT)   **Physics:** Theorem 4.2 - Turbulent Phase Transition (TPT)   **Constant:** α = 0.0302011   **Target:** Desktop Window Manager (dwm.exe) / Windows Graphics Component   **Obsoletes:** CVE-2026-20805 \u0026 CVE-2026-20871 (Visual-Latch Patches)","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-31T06:45:09Z","pushed_at":"2026-01-31T06:45:05Z","created_at":"2026-01-31T06:40:56Z","topics":[],"owner":{"login":"SimoesCTT","html_url":"https://github.com/SimoesCTT"},"clone_url":"https://github.com/SimoesCTT/-SCTT-2026-33-0002-DWM-Visual-Field-Singularity.git"}]},{"cve_id":"CVE-2026-20963","repositories":[{"id":1194033310,"name":"CVE-2026-20963","full_name":"jenniferreire26/CVE-2026-20963","html_url":"https://github.com/jenniferreire26/CVE-2026-20963","description":"","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-03-31T13:46:51Z","pushed_at":"2026-03-27T21:03:50Z","created_at":"2026-03-27T21:03:46Z","topics":[],"owner":{"login":"jenniferreire26","html_url":"https://github.com/jenniferreire26"},"clone_url":"https://github.com/jenniferreire26/CVE-2026-20963.git"}]},{"cve_id":"CVE-2026-2113","repositories":[{"id":1154434448,"name":"tpadmin-CVE-2026-2113-poc","full_name":"MaxMnMl/tpadmin-CVE-2026-2113-poc","html_url":"https://github.com/MaxMnMl/tpadmin-CVE-2026-2113-poc","description":"A Remote Code Execution vulnerability allowing unauthenticated attackers to upload arbitrary PHP files directly to the web server. This results in immediate Remote Code Execution with web server privileges.","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-11T11:12:50Z","pushed_at":"2026-02-11T11:12:46Z","created_at":"2026-02-10T11:37:40Z","topics":[],"owner":{"login":"MaxMnMl","html_url":"https://github.com/MaxMnMl"},"clone_url":"https://github.com/MaxMnMl/tpadmin-CVE-2026-2113-poc.git"}]},{"cve_id":"CVE-2026-21385","repositories":[{"id":1172144473,"name":"qualcomm-vulnerability-scanner","full_name":"automate-it0/qualcomm-vulnerability-scanner","html_url":"https://github.com/automate-it0/qualcomm-vulnerability-scanner","description":"A tool to scan Android devices for the recently exploited Qualcomm flaw CVE-2026-21385, providing a simple and efficient way to identify vulnerable devices and apply necessary patches.","stargazers_count":8,"forks_count":2,"language":"Python","updated_at":"2026-04-18T13:08:22Z","pushed_at":"2026-03-04T01:40:35Z","created_at":"2026-03-04T01:40:18Z","topics":["automation","cve","cybersecurity","scanner","security","tool"],"owner":{"login":"automate-it0","html_url":"https://github.com/automate-it0"},"clone_url":"https://github.com/automate-it0/qualcomm-vulnerability-scanner.git"}]},{"cve_id":"CVE-2026-21436","repositories":[{"id":1126396200,"name":"CVE-2026-21436","full_name":"osmancanvural/CVE-2026-21436","html_url":"https://github.com/osmancanvural/CVE-2026-21436","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-02T01:26:56Z","pushed_at":"2026-01-02T01:26:01Z","created_at":"2026-01-01T20:30:34Z","topics":[],"owner":{"login":"osmancanvural","html_url":"https://github.com/osmancanvural"},"clone_url":"https://github.com/osmancanvural/CVE-2026-21436.git"}]},{"cve_id":"CVE-2026-21437","repositories":[{"id":1126396422,"name":"CVE-2026-21437","full_name":"osmancanvural/CVE-2026-21437","html_url":"https://github.com/osmancanvural/CVE-2026-21437","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-01-02T01:29:16Z","pushed_at":"2026-01-02T01:29:13Z","created_at":"2026-01-01T20:31:16Z","topics":[],"owner":{"login":"osmancanvural","html_url":"https://github.com/osmancanvural"},"clone_url":"https://github.com/osmancanvural/CVE-2026-21437.git"}]},{"cve_id":"CVE-2026-21440","repositories":[{"id":1130053662,"name":"cve-2026-21440-writeup-poc","full_name":"k0nnect/cve-2026-21440-writeup-poc","html_url":"https://github.com/k0nnect/cve-2026-21440-writeup-poc","description":"poc and writeup for cve-2026-21440: a critical path traversal vulnerability in @adonisjs/bodyparser allowing arbitrary file writing","stargazers_count":3,"forks_count":0,"language":"Python","updated_at":"2026-01-20T02:36:09Z","pushed_at":"2026-01-08T02:21:06Z","created_at":"2026-01-08T00:55:02Z","topics":["adonisjs","cve-2026-21440","exploit","nodejs","path-traversal","poc","rce","security-writeup","vulnerability-research"],"owner":{"login":"k0nnect","html_url":"https://github.com/k0nnect"},"clone_url":"https://github.com/k0nnect/cve-2026-21440-writeup-poc.git"},{"id":1128611560,"name":"CVE-2026-21440","full_name":"you-ssef9/CVE-2026-21440","html_url":"https://github.com/you-ssef9/CVE-2026-21440","description":"Advanced detection-only PoC for CVE-2026-21440 affecting AdonisJS BodyParser. No exploitation included.","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-01-10T14:57:12Z","pushed_at":"2026-01-05T22:47:51Z","created_at":"2026-01-05T22:40:37Z","topics":[],"owner":{"login":"you-ssef9","html_url":"https://github.com/you-ssef9"},"clone_url":"https://github.com/you-ssef9/CVE-2026-21440.git"},{"id":1145763070,"name":"CVE-2026-21440-POC-EXP","full_name":"TibbersV6/CVE-2026-21440-POC-EXP","html_url":"https://github.com/TibbersV6/CVE-2026-21440-POC-EXP","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-30T07:54:39Z","pushed_at":"2026-01-30T07:54:36Z","created_at":"2026-01-30T07:19:50Z","topics":[],"owner":{"login":"TibbersV6","html_url":"https://github.com/TibbersV6"},"clone_url":"https://github.com/TibbersV6/CVE-2026-21440-POC-EXP.git"},{"id":1129447712,"name":"Ashwesker-CVE-2026-21440","full_name":"redpack-kr/Ashwesker-CVE-2026-21440","html_url":"https://github.com/redpack-kr/Ashwesker-CVE-2026-21440","description":"CVE-2026-21440","stargazers_count":0,"forks_count":8,"language":"","updated_at":"2026-01-07T05:29:02Z","pushed_at":"2026-01-05T15:18:51Z","created_at":"2026-01-07T05:29:02Z","topics":[],"owner":{"login":"redpack-kr","html_url":"https://github.com/redpack-kr"},"clone_url":"https://github.com/redpack-kr/Ashwesker-CVE-2026-21440.git"}]},{"cve_id":"CVE-2026-21445","repositories":[{"id":1127499197,"name":"CVE-2026-21445-PoC","full_name":"chinaxploiter/CVE-2026-21445-PoC","html_url":"https://github.com/chinaxploiter/CVE-2026-21445-PoC","description":"Academic proof-of-concept demonstrating CVE-2026-21445 [LangFlow] for authorized security research.","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-01-04T10:53:36Z","pushed_at":"2026-01-04T02:30:41Z","created_at":"2026-01-04T02:22:42Z","topics":["codeb0ss","cve-2026-21445","cve-2026-21445-poc","langflow"],"owner":{"login":"chinaxploiter","html_url":"https://github.com/chinaxploiter"},"clone_url":"https://github.com/chinaxploiter/CVE-2026-21445-PoC.git"}]},{"cve_id":"CVE-2026-21508","repositories":[{"id":1154909059,"name":"CVE-2026-21508_POC","full_name":"0xc4r/CVE-2026-21508_POC","html_url":"https://github.com/0xc4r/CVE-2026-21508_POC","description":"","stargazers_count":25,"forks_count":13,"language":"C++","updated_at":"2026-04-21T20:49:14Z","pushed_at":"2026-02-11T13:30:38Z","created_at":"2026-02-10T22:57:22Z","topics":[],"owner":{"login":"0xc4r","html_url":"https://github.com/0xc4r"},"clone_url":"https://github.com/0xc4r/CVE-2026-21508_POC.git"}]},{"cve_id":"CVE-2026-21509","repositories":[{"id":1144709571,"name":"CVE-2026-21509-PoC","full_name":"gavz/CVE-2026-21509-PoC","html_url":"https://github.com/gavz/CVE-2026-21509-PoC","description":"Educational PoC for CVE‑2026‑21509 (Microsoft Office security feature bypass). Generates a harmless DOCX with dummy OLE artifacts to study EDR/AV visibility. Not an exploit. For isolated labs only; see README for 7‑Zip inspection steps and mitigation references.","stargazers_count":16,"forks_count":10,"language":"","updated_at":"2026-04-03T18:03:31Z","pushed_at":"2026-01-28T20:33:28Z","created_at":"2026-01-29T00:51:18Z","topics":[],"owner":{"login":"gavz","html_url":"https://github.com/gavz"},"clone_url":"https://github.com/gavz/CVE-2026-21509-PoC.git"},{"id":1143294637,"name":"Ashwesker-CVE-2026-21509","full_name":"kimstars/Ashwesker-CVE-2026-21509","html_url":"https://github.com/kimstars/Ashwesker-CVE-2026-21509","description":"CVE-2026-21509","stargazers_count":8,"forks_count":17,"language":"","updated_at":"2026-02-13T09:41:35Z","pushed_at":"2026-01-27T09:42:58Z","created_at":"2026-01-27T12:03:20Z","topics":[],"owner":{"login":"kimstars","html_url":"https://github.com/kimstars"},"clone_url":"https://github.com/kimstars/Ashwesker-CVE-2026-21509.git"},{"id":1170074722,"name":"CVE-2026-21509-handler","full_name":"suuhm/CVE-2026-21509-handler","html_url":"https://github.com/suuhm/CVE-2026-21509-handler","description":"PowerShell script to check, apply, and test the Kill-Bit protection for the CVE-2026-21509 Microsoft Office zero-day vulnerability affecting Office 2016/2019/LTSC.","stargazers_count":7,"forks_count":1,"language":"PowerShell","updated_at":"2026-03-09T16:36:05Z","pushed_at":"2026-03-05T15:02:27Z","created_at":"2026-03-01T17:00:37Z","topics":["apt28","cve-2026-21509","dcom","microsoft-office","ole-files","powershell-se","sysadmin-tool","zero-day","zeroday"],"owner":{"login":"suuhm","html_url":"https://github.com/suuhm"},"clone_url":"https://github.com/suuhm/CVE-2026-21509-handler.git"},{"id":1147401424,"name":"CTT-MICROSOFT-OFFICE-OLE-MANIFOLD-BYPASS-CVE-2026-21509","full_name":"SimoesCTT/CTT-MICROSOFT-OFFICE-OLE-MANIFOLD-BYPASS-CVE-2026-21509","html_url":"https://github.com/SimoesCTT/CTT-MICROSOFT-OFFICE-OLE-MANIFOLD-BYPASS-CVE-2026-21509","description":"CVE-2026-21509 is a critical bypass in the Microsoft Office OLE (Object Linking and Embedding) validation engine. While standard \"laminar\" exploits attempt to manipulate static COM objects, this repository utilizes Theorem 4.2 to achieve a speculative race-condition bypass of the Object Definition Rule (ODR).","stargazers_count":3,"forks_count":2,"language":"Python","updated_at":"2026-02-10T13:23:55Z","pushed_at":"2026-02-10T06:11:54Z","created_at":"2026-02-01T17:31:24Z","topics":[],"owner":{"login":"SimoesCTT","html_url":"https://github.com/SimoesCTT"},"clone_url":"https://github.com/SimoesCTT/CTT-MICROSOFT-OFFICE-OLE-MANIFOLD-BYPASS-CVE-2026-21509.git"},{"id":1149781000,"name":"detect_CVE-2026-21509","full_name":"decalage2/detect_CVE-2026-21509","html_url":"https://github.com/decalage2/detect_CVE-2026-21509","description":"YARA rule and python script to detect potential exploits for the CVE-2026-21509 vulnerability in MS Office","stargazers_count":3,"forks_count":1,"language":"Python","updated_at":"2026-02-21T17:44:42Z","pushed_at":"2026-02-04T15:35:45Z","created_at":"2026-02-04T14:13:02Z","topics":[],"owner":{"login":"decalage2","html_url":"https://github.com/decalage2"},"clone_url":"https://github.com/decalage2/detect_CVE-2026-21509.git"},{"id":1146434087,"name":"CTT-NFS-Vortex-RCE","full_name":"SimoesCTT/CTT-NFS-Vortex-RCE","html_url":"https://github.com/SimoesCTT/CTT-NFS-Vortex-RCE","description":"New Physics Disclosure This repository contains a full weaponized exploit for **CVE-2026-21509**, targeting the Windows Network File System (NFSv4.1) kernel-mode driver (`nfssvr.sys`). ","stargazers_count":3,"forks_count":3,"language":"Python","updated_at":"2026-02-08T22:29:34Z","pushed_at":"2026-01-31T04:57:20Z","created_at":"2026-01-31T04:52:13Z","topics":[],"owner":{"login":"SimoesCTT","html_url":"https://github.com/SimoesCTT"},"clone_url":"https://github.com/SimoesCTT/CTT-NFS-Vortex-RCE.git"},{"id":1146561861,"name":"SCTT-2026-33-0007-The-OLE-Vortex-Laminar-Bypass-","full_name":"SimoesCTT/SCTT-2026-33-0007-The-OLE-Vortex-Laminar-Bypass-","html_url":"https://github.com/SimoesCTT/SCTT-2026-33-0007-The-OLE-Vortex-Laminar-Bypass-","description":"Microsoft just released emergency patches for CVE-2026-21509, a zero-day in the Office Suite that bypasses OLE/COM mitigations when a user simply opens a file. They think their \"Service-side change\" for Office 2021+ is a solid wall. ","stargazers_count":1,"forks_count":2,"language":"Python","updated_at":"2026-01-31T16:08:36Z","pushed_at":"2026-01-31T09:58:19Z","created_at":"2026-01-31T09:50:23Z","topics":[],"owner":{"login":"SimoesCTT","html_url":"https://github.com/SimoesCTT"},"clone_url":"https://github.com/SimoesCTT/SCTT-2026-33-0007-The-OLE-Vortex-Laminar-Bypass-.git"},{"id":1145070024,"name":"KSK-ITDK-CVE-2026-21509-Mitigation","full_name":"ksk-itdk/KSK-ITDK-CVE-2026-21509-Mitigation","html_url":"https://github.com/ksk-itdk/KSK-ITDK-CVE-2026-21509-Mitigation","description":"Powershell script with Detection and Remediation for CVE-2026-21509","stargazers_count":1,"forks_count":2,"language":"PowerShell","updated_at":"2026-02-02T15:46:51Z","pushed_at":"2026-01-29T11:49:04Z","created_at":"2026-01-29T11:40:30Z","topics":[],"owner":{"login":"ksk-itdk","html_url":"https://github.com/ksk-itdk"},"clone_url":"https://github.com/ksk-itdk/KSK-ITDK-CVE-2026-21509-Mitigation.git"},{"id":1180157824,"name":"CVE-2026-21509-POC","full_name":"DameDode/CVE-2026-21509-POC","html_url":"https://github.com/DameDode/CVE-2026-21509-POC","description":"POC for the Office vulnerability","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-12T20:43:28Z","pushed_at":"2026-03-12T20:43:24Z","created_at":"2026-03-12T18:59:40Z","topics":[],"owner":{"login":"DameDode","html_url":"https://github.com/DameDode"},"clone_url":"https://github.com/DameDode/CVE-2026-21509-POC.git"},{"id":1155262834,"name":"cve-2026-21509-mitigation","full_name":"planetoid/cve-2026-21509-mitigation","html_url":"https://github.com/planetoid/cve-2026-21509-mitigation","description":"CVE-2026-21509 Mitigation","stargazers_count":0,"forks_count":0,"language":"PowerShell","updated_at":"2026-02-12T06:01:30Z","pushed_at":"2026-02-12T06:01:27Z","created_at":"2026-02-11T10:07:33Z","topics":[],"owner":{"login":"planetoid","html_url":"https://github.com/planetoid"},"clone_url":"https://github.com/planetoid/cve-2026-21509-mitigation.git"},{"id":1150570492,"name":"CVE-2026-21509","full_name":"kaizensecurity/CVE-2026-21509","html_url":"https://github.com/kaizensecurity/CVE-2026-21509","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-05T12:43:10Z","pushed_at":"2026-02-05T12:43:04Z","created_at":"2026-02-05T12:42:40Z","topics":[],"owner":{"login":"kaizensecurity","html_url":"https://github.com/kaizensecurity"},"clone_url":"https://github.com/kaizensecurity/CVE-2026-21509.git"}]},{"cve_id":"CVE-2026-21510","repositories":[{"id":1155794930,"name":"CVE-2026-21510-CVSS-8.8-Important-Windows-Shell-security-feature-bypass","full_name":"andreassudo/CVE-2026-21510-CVSS-8.8-Important-Windows-Shell-security-feature-bypass","html_url":"https://github.com/andreassudo/CVE-2026-21510-CVSS-8.8-Important-Windows-Shell-security-feature-bypass","description":"CVE-2026-21510 (CVSS 8.8, Important) — Windows Shell security feature bypass. An attacker can trick a user into clicking a malicious link or shortcut file to bypass SmartScreen/Shell warnings and execute code without prompts. Publicly disclosed and exploited.","stargazers_count":5,"forks_count":1,"language":"","updated_at":"2026-03-28T20:27:51Z","pushed_at":"2026-02-11T23:02:43Z","created_at":"2026-02-11T23:02:06Z","topics":[],"owner":{"login":"andreassudo","html_url":"https://github.com/andreassudo"},"clone_url":"https://github.com/andreassudo/CVE-2026-21510-CVSS-8.8-Important-Windows-Shell-security-feature-bypass.git"}]},{"cve_id":"CVE-2026-21531","repositories":[{"id":1155702631,"name":"CVE-2026-21531","full_name":"NetVanguard-cmd/CVE-2026-21531","html_url":"https://github.com/NetVanguard-cmd/CVE-2026-21531","description":"","stargazers_count":2,"forks_count":0,"language":"","updated_at":"2026-03-23T12:20:28Z","pushed_at":"2026-02-11T20:27:35Z","created_at":"2026-02-11T20:07:21Z","topics":[],"owner":{"login":"NetVanguard-cmd","html_url":"https://github.com/NetVanguard-cmd"},"clone_url":"https://github.com/NetVanguard-cmd/CVE-2026-21531.git"}]},{"cve_id":"CVE-2026-21533","repositories":[{"id":1158094298,"name":"CVE-2026-21533","full_name":"jenniferreire26/CVE-2026-21533","html_url":"https://github.com/jenniferreire26/CVE-2026-21533","description":"","stargazers_count":2,"forks_count":0,"language":"","updated_at":"2026-04-12T18:17:35Z","pushed_at":"2026-02-14T19:43:47Z","created_at":"2026-02-14T19:37:13Z","topics":[],"owner":{"login":"jenniferreire26","html_url":"https://github.com/jenniferreire26"},"clone_url":"https://github.com/jenniferreire26/CVE-2026-21533.git"},{"id":1155380789,"name":"RDPVulnarableCheck","full_name":"Pairs34/RDPVulnarableCheck","html_url":"https://github.com/Pairs34/RDPVulnarableCheck","description":"CVE-2026-21533 Zaafiyet tarama aracı","stargazers_count":1,"forks_count":0,"language":"HTML","updated_at":"2026-02-25T07:27:09Z","pushed_at":"2026-02-11T12:58:15Z","created_at":"2026-02-11T12:58:00Z","topics":[],"owner":{"login":"Pairs34","html_url":"https://github.com/Pairs34"},"clone_url":"https://github.com/Pairs34/RDPVulnarableCheck.git"},{"id":1177251857,"name":"CVE-2026-21533_Scanner.py","full_name":"fevar54/CVE-2026-21533_Scanner.py","html_url":"https://github.com/fevar54/CVE-2026-21533_Scanner.py","description":"Este repositorio contiene una herramienta de **detección** para la vulnerabilidad CVE-2026-21533, una falla de gestión de privilegios en los Servicios de Escritorio Remoto (RDS) de Windows que podría permitir a un atacante local elevar sus privilegios a `SYSTEM`.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-09T21:10:56Z","pushed_at":"2026-03-09T21:10:53Z","created_at":"2026-03-09T21:07:38Z","topics":[],"owner":{"login":"fevar54","html_url":"https://github.com/fevar54"},"clone_url":"https://github.com/fevar54/CVE-2026-21533_Scanner.py.git"}]},{"cve_id":"CVE-2026-21627","repositories":[{"id":1167730381,"name":"CVE-2026-21627---Tassos-Novarain-Framework-plg_system_nrframework-Exploit---Joomla","full_name":"yallasec/CVE-2026-21627---Tassos-Novarain-Framework-plg_system_nrframework-Exploit---Joomla","html_url":"https://github.com/yallasec/CVE-2026-21627---Tassos-Novarain-Framework-plg_system_nrframework-Exploit---Joomla","description":"Vulnerability: Unauthenticated Arbitrary PHP File Inclusion via ajaxTaskInclude()","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-26T16:15:21Z","pushed_at":"2026-02-26T16:15:15Z","created_at":"2026-02-26T16:10:15Z","topics":[],"owner":{"login":"yallasec","html_url":"https://github.com/yallasec"},"clone_url":"https://github.com/yallasec/CVE-2026-21627---Tassos-Novarain-Framework-plg_system_nrframework-Exploit---Joomla.git"}]},{"cve_id":"CVE-2026-21628","repositories":[{"id":1199641361,"name":"CVE-2026-21628-POC","full_name":"webshellseo8/CVE-2026-21628-POC","html_url":"https://github.com/webshellseo8/CVE-2026-21628-POC","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-02T15:06:39Z","pushed_at":"2026-04-02T15:06:31Z","created_at":"2026-04-02T14:56:08Z","topics":[],"owner":{"login":"webshellseo8","html_url":"https://github.com/webshellseo8"},"clone_url":"https://github.com/webshellseo8/CVE-2026-21628-POC.git"}]},{"cve_id":"CVE-2026-21636","repositories":[{"id":1222876299,"name":"CVE-2026-21636","full_name":"Pauldechassey/CVE-2026-21636","html_url":"https://github.com/Pauldechassey/CVE-2026-21636","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-28T16:33:58Z","pushed_at":"2026-04-28T16:33:18Z","created_at":"2026-04-27T19:48:39Z","topics":[],"owner":{"login":"Pauldechassey","html_url":"https://github.com/Pauldechassey"},"clone_url":"https://github.com/Pauldechassey/CVE-2026-21636.git"}]},{"cve_id":"CVE-2026-21643","repositories":[{"id":1194753078,"name":"CVE-2026-21643","full_name":"0xBlackash/CVE-2026-21643","html_url":"https://github.com/0xBlackash/CVE-2026-21643","description":"CVE-2026-21643","stargazers_count":16,"forks_count":7,"language":"Python","updated_at":"2026-04-14T06:56:32Z","pushed_at":"2026-03-28T19:43:38Z","created_at":"2026-03-28T19:09:38Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-21643.git"},{"id":1193962390,"name":"CVE-2026-21643","full_name":"alirezac0/CVE-2026-21643","html_url":"https://github.com/alirezac0/CVE-2026-21643","description":"Python PoC and Nuclei template for CVE-2026-21643 (Pre-Authentication SQL Injection in FortiClient EMS 7.4.4)","stargazers_count":3,"forks_count":0,"language":"Python","updated_at":"2026-04-17T04:02:47Z","pushed_at":"2026-03-27T19:20:04Z","created_at":"2026-03-27T19:11:15Z","topics":[],"owner":{"login":"alirezac0","html_url":"https://github.com/alirezac0"},"clone_url":"https://github.com/alirezac0/CVE-2026-21643.git"}]},{"cve_id":"CVE-2026-21710","repositories":[{"id":1198107442,"name":"CVE-2026-21710","full_name":"dajneem23/CVE-2026-21710","html_url":"https://github.com/dajneem23/CVE-2026-21710","description":"","stargazers_count":0,"forks_count":0,"language":"JavaScript","updated_at":"2026-04-01T06:02:48Z","pushed_at":"2026-04-01T06:02:44Z","created_at":"2026-04-01T06:02:42Z","topics":[],"owner":{"login":"dajneem23","html_url":"https://github.com/dajneem23"},"clone_url":"https://github.com/dajneem23/CVE-2026-21710.git"}]},{"cve_id":"CVE-2026-21717","repositories":[{"id":1196825614,"name":"CVE-2026-21717","full_name":"dajneem23/CVE-2026-21717","html_url":"https://github.com/dajneem23/CVE-2026-21717","description":"","stargazers_count":0,"forks_count":0,"language":"Zig","updated_at":"2026-04-07T08:35:34Z","pushed_at":"2026-04-07T08:35:26Z","created_at":"2026-03-31T04:36:44Z","topics":[],"owner":{"login":"dajneem23","html_url":"https://github.com/dajneem23"},"clone_url":"https://github.com/dajneem23/CVE-2026-21717.git"}]},{"cve_id":"CVE-2026-21721","repositories":[{"id":1148860220,"name":"Exploit-LPE-CVE-2026-21721","full_name":"Leonideath/Exploit-LPE-CVE-2026-21721","html_url":"https://github.com/Leonideath/Exploit-LPE-CVE-2026-21721","description":"Эксплоит на CVE-2026-21721","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-02-04T07:33:35Z","pushed_at":"2026-02-04T05:38:16Z","created_at":"2026-02-03T13:01:28Z","topics":[],"owner":{"login":"Leonideath","html_url":"https://github.com/Leonideath"},"clone_url":"https://github.com/Leonideath/Exploit-LPE-CVE-2026-21721.git"}]},{"cve_id":"CVE-2026-21847","repositories":[{"id":1220825754,"name":"CVE-2026-21847-Hardcoded-AES-Encryption-Key-in-DPDC-Customer-Portal","full_name":"blaxkmiradev/CVE-2026-21847-Hardcoded-AES-Encryption-Key-in-DPDC-Customer-Portal","html_url":"https://github.com/blaxkmiradev/CVE-2026-21847-Hardcoded-AES-Encryption-Key-in-DPDC-Customer-Portal","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-25T11:40:14Z","pushed_at":"2026-04-25T11:40:09Z","created_at":"2026-04-25T11:39:03Z","topics":[],"owner":{"login":"blaxkmiradev","html_url":"https://github.com/blaxkmiradev"},"clone_url":"https://github.com/blaxkmiradev/CVE-2026-21847-Hardcoded-AES-Encryption-Key-in-DPDC-Customer-Portal.git"}]},{"cve_id":"CVE-2026-21852","repositories":[{"id":1168062651,"name":"CVE-2026-21852-PoC","full_name":"atiilla/CVE-2026-21852-PoC","html_url":"https://github.com/atiilla/CVE-2026-21852-PoC","description":"","stargazers_count":21,"forks_count":10,"language":"Python","updated_at":"2026-04-11T02:02:51Z","pushed_at":"2026-02-27T05:12:39Z","created_at":"2026-02-27T01:13:21Z","topics":[],"owner":{"login":"atiilla","html_url":"https://github.com/atiilla"},"clone_url":"https://github.com/atiilla/CVE-2026-21852-PoC.git"},{"id":1215681296,"name":"ai-ide-config-guard","full_name":"TreRB/ai-ide-config-guard","html_url":"https://github.com/TreRB/ai-ide-config-guard","description":"Scan a repo for AI-IDE config files that can trigger RCE via Claude Code hooks, Cursor rules, MCP auto-registration. Detects CVE-2025-59536, CVE-2026-21852, CVE-2026-30615 + Pillar Rules File Backdoor patterns.","stargazers_count":0,"forks_count":0,"language":"JavaScript","updated_at":"2026-04-20T06:41:08Z","pushed_at":"2026-04-20T06:41:05Z","created_at":"2026-04-20T06:41:02Z","topics":[],"owner":{"login":"TreRB","html_url":"https://github.com/TreRB"},"clone_url":"https://github.com/TreRB/ai-ide-config-guard.git"},{"id":1168767224,"name":"CVE-Archive","full_name":"M0broot/CVE-Archive","html_url":"https://github.com/M0broot/CVE-Archive","description":"Claude Code Vulnerability [CVE-2026-21852]","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-27T19:18:12Z","pushed_at":"2026-02-27T19:18:12Z","created_at":"2026-02-27T19:18:11Z","topics":[],"owner":{"login":"M0broot","html_url":"https://github.com/M0broot"},"clone_url":"https://github.com/M0broot/CVE-Archive.git"}]},{"cve_id":"CVE-2026-21857","repositories":[{"id":1208065228,"name":"CVE-2026-21857","full_name":"lukasz-rybak/CVE-2026-21857","html_url":"https://github.com/lukasz-rybak/CVE-2026-21857","description":"CVE-2026-21857 - Redaxo has Path Traversal in Backup Addon Leading to Arbitrary File Read","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-11T19:22:19Z","pushed_at":"2026-04-11T19:22:13Z","created_at":"2026-04-11T19:14:34Z","topics":[],"owner":{"login":"lukasz-rybak","html_url":"https://github.com/lukasz-rybak"},"clone_url":"https://github.com/lukasz-rybak/CVE-2026-21857.git"}]},{"cve_id":"CVE-2026-21858","repositories":[{"id":1129928627,"name":"CVE-2026-21858","full_name":"Chocapikk/CVE-2026-21858","html_url":"https://github.com/Chocapikk/CVE-2026-21858","description":"n8n Ni8mare - Unauthenticated Arbitrary File Read to RCE Chain (CVSS 10.0)","stargazers_count":258,"forks_count":51,"language":"Python","updated_at":"2026-04-24T14:27:41Z","pushed_at":"2026-03-26T13:11:41Z","created_at":"2026-01-07T19:32:42Z","topics":["cve-2026-21858","exploit","n8n","ni8mare","poc","rce","security","vulnerability"],"owner":{"login":"Chocapikk","html_url":"https://github.com/Chocapikk"},"clone_url":"https://github.com/Chocapikk/CVE-2026-21858.git"},{"id":1138389383,"name":"CVE-2026-21858","full_name":"SystemVll/CVE-2026-21858","html_url":"https://github.com/SystemVll/CVE-2026-21858","description":"Proof of Concept: CVE-2026-21858 is vulnerability on n8n where unauthenticated remote attackers can access sensitive files.","stargazers_count":3,"forks_count":0,"language":"Python","updated_at":"2026-01-30T02:11:46Z","pushed_at":"2026-01-20T16:10:56Z","created_at":"2026-01-20T15:59:48Z","topics":["cve","cve-2026-21858","exploit","n8n","n8n-exploits","nuclei","poc","vuln"],"owner":{"login":"SystemVll","html_url":"https://github.com/SystemVll"},"clone_url":"https://github.com/SystemVll/CVE-2026-21858.git"},{"id":1154962690,"name":"CVE-2026-21858","full_name":"EQSTLab/CVE-2026-21858","html_url":"https://github.com/EQSTLab/CVE-2026-21858","description":"","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-16T12:39:44Z","pushed_at":"2026-04-16T12:39:40Z","created_at":"2026-02-11T01:01:03Z","topics":[],"owner":{"login":"EQSTLab","html_url":"https://github.com/EQSTLab"},"clone_url":"https://github.com/EQSTLab/CVE-2026-21858.git"},{"id":1164971168,"name":"CVE-2026-21858","full_name":"0xBlackash/CVE-2026-21858","html_url":"https://github.com/0xBlackash/CVE-2026-21858","description":"CVE-2026-21858","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-03-31T07:46:40Z","pushed_at":"2026-03-05T21:21:04Z","created_at":"2026-02-23T17:27:12Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-21858.git"},{"id":1138220864,"name":"CVE-2026-21858","full_name":"sec-dojo-com/CVE-2026-21858","html_url":"https://github.com/sec-dojo-com/CVE-2026-21858","description":"","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-03-12T11:23:06Z","pushed_at":"2026-01-20T18:27:16Z","created_at":"2026-01-20T11:50:32Z","topics":[],"owner":{"login":"sec-dojo-com","html_url":"https://github.com/sec-dojo-com"},"clone_url":"https://github.com/sec-dojo-com/CVE-2026-21858.git"},{"id":1132846567,"name":"Ni8mare","full_name":"cropnet/Ni8mare","html_url":"https://github.com/cropnet/Ni8mare","description":"Comprehensive vulnerability detection tool for n8n workflow automation instances. Detects the critical CVE-2026-21858 vulnerability (CVSS 10.0) without performing any exploitation.","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-03-17T06:34:04Z","pushed_at":"2026-01-12T16:20:05Z","created_at":"2026-01-12T14:32:04Z","topics":["cve-2026-21858"],"owner":{"login":"cropnet","html_url":"https://github.com/cropnet"},"clone_url":"https://github.com/cropnet/Ni8mare.git"},{"id":1212846415,"name":"PoC-CVE-2026-21858","full_name":"masterwok/PoC-CVE-2026-21858","html_url":"https://github.com/masterwok/PoC-CVE-2026-21858","description":"Proof-of-concept exploit for CVE-2026-21858 (ni8mare) impacting n8n versions \u003c 1.121.0","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-16T20:31:01Z","pushed_at":"2026-04-16T20:25:05Z","created_at":"2026-04-16T19:42:25Z","topics":[],"owner":{"login":"masterwok","html_url":"https://github.com/masterwok"},"clone_url":"https://github.com/masterwok/PoC-CVE-2026-21858.git"},{"id":1205871437,"name":"CVE-2026-21858","full_name":"kaleth4/CVE-2026-21858","html_url":"https://github.com/kaleth4/CVE-2026-21858","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-09T11:12:01Z","pushed_at":"2026-04-09T11:11:52Z","created_at":"2026-04-09T11:09:12Z","topics":[],"owner":{"login":"kaleth4","html_url":"https://github.com/kaleth4"},"clone_url":"https://github.com/kaleth4/CVE-2026-21858.git"},{"id":1180571766,"name":"Ni8mare-CVE-2026-21858","full_name":"Yati2/Ni8mare-CVE-2026-21858","html_url":"https://github.com/Yati2/Ni8mare-CVE-2026-21858","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-13T07:13:39Z","pushed_at":"2026-03-13T07:13:19Z","created_at":"2026-03-13T07:13:19Z","topics":[],"owner":{"login":"Yati2","html_url":"https://github.com/Yati2"},"clone_url":"https://github.com/Yati2/Ni8mare-CVE-2026-21858.git"},{"id":1165369307,"name":"CVE-2026-21858","full_name":"bamov970/CVE-2026-21858","html_url":"https://github.com/bamov970/CVE-2026-21858","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-24T05:09:05Z","pushed_at":"2026-02-24T05:09:02Z","created_at":"2026-02-24T05:04:15Z","topics":[],"owner":{"login":"bamov970","html_url":"https://github.com/bamov970"},"clone_url":"https://github.com/bamov970/CVE-2026-21858.git"},{"id":1146309368,"name":"CVE-2026-21858","full_name":"Alhakim88/CVE-2026-21858","html_url":"https://github.com/Alhakim88/CVE-2026-21858","description":"Hack","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-01-30T22:40:24Z","pushed_at":"2026-01-30T22:40:21Z","created_at":"2026-01-30T22:38:06Z","topics":[],"owner":{"login":"Alhakim88","html_url":"https://github.com/Alhakim88"},"clone_url":"https://github.com/Alhakim88/CVE-2026-21858.git"},{"id":1136114565,"name":"SASTRA-ADI-WIGUNA-CVE-2026-21858-Holistic-Audit","full_name":"sastraadiwiguna-purpleeliteteaming/SASTRA-ADI-WIGUNA-CVE-2026-21858-Holistic-Audit","html_url":"https://github.com/sastraadiwiguna-purpleeliteteaming/SASTRA-ADI-WIGUNA-CVE-2026-21858-Holistic-Audit","description":"SASTRA-ADI-WIGUNA-CVE-2026-21858-Holistic-Audit","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-01-18T17:49:57Z","pushed_at":"2026-01-18T10:16:50Z","created_at":"2026-01-17T04:57:53Z","topics":[],"owner":{"login":"sastraadiwiguna-purpleeliteteaming","html_url":"https://github.com/sastraadiwiguna-purpleeliteteaming"},"clone_url":"https://github.com/sastraadiwiguna-purpleeliteteaming/SASTRA-ADI-WIGUNA-CVE-2026-21858-Holistic-Audit.git"},{"id":1144045624,"name":"Ashwesker-CVE-2026-21858","full_name":"bgarz929/Ashwesker-CVE-2026-21858","html_url":"https://github.com/bgarz929/Ashwesker-CVE-2026-21858","description":"CVE-2026-21858","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-01-28T08:17:42Z","pushed_at":"2026-01-07T21:56:15Z","created_at":"2026-01-28T08:17:42Z","topics":[],"owner":{"login":"bgarz929","html_url":"https://github.com/bgarz929"},"clone_url":"https://github.com/bgarz929/Ashwesker-CVE-2026-21858.git"}]},{"cve_id":"CVE-2026-21876","repositories":[{"id":1218061497,"name":"CVE-2026-21876","full_name":"CVEs-Labs/CVE-2026-21876","html_url":"https://github.com/CVEs-Labs/CVE-2026-21876","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-22T14:05:40Z","pushed_at":"2026-04-22T14:05:35Z","created_at":"2026-04-22T13:48:44Z","topics":[],"owner":{"login":"CVEs-Labs","html_url":"https://github.com/CVEs-Labs"},"clone_url":"https://github.com/CVEs-Labs/CVE-2026-21876.git"},{"id":1206445621,"name":"CVE-2026-21876","full_name":"daytriftnewgen/CVE-2026-21876","html_url":"https://github.com/daytriftnewgen/CVE-2026-21876","description":"[Reupload] CVE-2026-21876 minimal PoC with docker container.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-10T00:10:53Z","pushed_at":"2026-04-09T23:50:11Z","created_at":"2026-04-09T23:30:57Z","topics":[],"owner":{"login":"daytriftnewgen","html_url":"https://github.com/daytriftnewgen"},"clone_url":"https://github.com/daytriftnewgen/CVE-2026-21876.git"},{"id":1141694461,"name":"CVE-2026-21876","full_name":"Mefhika120/CVE-2026-21876","html_url":"https://github.com/Mefhika120/CVE-2026-21876","description":"CVE-2026-21876 OWASP ModSecurity CRS WAF bypass (docker container + minimal PoC).","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-01-25T08:57:35Z","pushed_at":"2026-01-09T14:15:47Z","created_at":"2026-01-25T08:57:34Z","topics":[],"owner":{"login":"Mefhika120","html_url":"https://github.com/Mefhika120"},"clone_url":"https://github.com/Mefhika120/CVE-2026-21876.git"}]},{"cve_id":"CVE-2026-21877","repositories":[{"id":1221606358,"name":"cve-2026-21877-rce","full_name":"monkeontheroof/cve-2026-21877-rce","html_url":"https://github.com/monkeontheroof/cve-2026-21877-rce","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-26T13:17:47Z","pushed_at":"2026-04-26T13:17:44Z","created_at":"2026-04-26T12:52:28Z","topics":[],"owner":{"login":"monkeontheroof","html_url":"https://github.com/monkeontheroof"},"clone_url":"https://github.com/monkeontheroof/cve-2026-21877-rce.git"},{"id":1218041756,"name":"CVE-2026-21877","full_name":"CVEs-Labs/CVE-2026-21877","html_url":"https://github.com/CVEs-Labs/CVE-2026-21877","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-22T13:46:34Z","pushed_at":"2026-04-22T13:45:38Z","created_at":"2026-04-22T13:26:34Z","topics":[],"owner":{"login":"CVEs-Labs","html_url":"https://github.com/CVEs-Labs"},"clone_url":"https://github.com/CVEs-Labs/CVE-2026-21877.git"}]},{"cve_id":"CVE-2026-21902","repositories":[{"id":1169211294,"name":"watchTowr-vs-JunosEvolved-CVE-2026-21902","full_name":"watchtowrlabs/watchTowr-vs-JunosEvolved-CVE-2026-21902","html_url":"https://github.com/watchtowrlabs/watchTowr-vs-JunosEvolved-CVE-2026-21902","description":"","stargazers_count":4,"forks_count":0,"language":"Python","updated_at":"2026-03-19T13:02:48Z","pushed_at":"2026-03-03T11:04:40Z","created_at":"2026-02-28T10:43:32Z","topics":[],"owner":{"login":"watchtowrlabs","html_url":"https://github.com/watchtowrlabs"},"clone_url":"https://github.com/watchtowrlabs/watchTowr-vs-JunosEvolved-CVE-2026-21902.git"}]},{"cve_id":"CVE-2026-21962","repositories":[{"id":1139605716,"name":"Ashwesker-CVE-2026-21962","full_name":"boroeurnprach/Ashwesker-CVE-2026-21962","html_url":"https://github.com/boroeurnprach/Ashwesker-CVE-2026-21962","description":"CVE-2026-21962","stargazers_count":5,"forks_count":7,"language":"","updated_at":"2026-04-13T03:43:04Z","pushed_at":"2026-01-21T20:06:39Z","created_at":"2026-01-22T07:10:59Z","topics":[],"owner":{"login":"boroeurnprach","html_url":"https://github.com/boroeurnprach"},"clone_url":"https://github.com/boroeurnprach/Ashwesker-CVE-2026-21962.git"},{"id":1139515227,"name":"CVE-2026-21962","full_name":"samael0x4/CVE-2026-21962","html_url":"https://github.com/samael0x4/CVE-2026-21962","description":"Unauthenticated vulnerability that may allow remote attackers to compromise confidentiality and integrity, potentially leading to full system compromise.","stargazers_count":4,"forks_count":2,"language":"Python","updated_at":"2026-04-18T07:36:14Z","pushed_at":"2026-01-22T05:02:28Z","created_at":"2026-01-22T03:59:25Z","topics":[],"owner":{"login":"samael0x4","html_url":"https://github.com/samael0x4"},"clone_url":"https://github.com/samael0x4/CVE-2026-21962.git"},{"id":1154023167,"name":"CVE-2026-21962-Oracle-HTTP-Server-WebLogic-Proxy-Plug-in-Critical-","full_name":"George0Papasotiriou/CVE-2026-21962-Oracle-HTTP-Server-WebLogic-Proxy-Plug-in-Critical-","html_url":"https://github.com/George0Papasotiriou/CVE-2026-21962-Oracle-HTTP-Server-WebLogic-Proxy-Plug-in-Critical-","description":"Oracle Fusion Middleware Oracle HTTP Server / WebLogic Server Proxy Plug-in has an easily exploitable, unauthenticated, network-reachable flaw allowing compromise over HTTP. Affected supported versions include 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0.","stargazers_count":3,"forks_count":0,"language":"Python","updated_at":"2026-04-18T07:36:29Z","pushed_at":"2026-02-10T00:08:17Z","created_at":"2026-02-09T23:43:42Z","topics":[],"owner":{"login":"George0Papasotiriou","html_url":"https://github.com/George0Papasotiriou"},"clone_url":"https://github.com/George0Papasotiriou/CVE-2026-21962-Oracle-HTTP-Server-WebLogic-Proxy-Plug-in-Critical-.git"},{"id":1142344436,"name":"CVE-2026-21962","full_name":"ThumpBo/CVE-2026-21962","html_url":"https://github.com/ThumpBo/CVE-2026-21962","description":"CVE-2026-21962-EXP","stargazers_count":3,"forks_count":2,"language":"Python","updated_at":"2026-04-18T07:47:42Z","pushed_at":"2026-01-26T09:49:45Z","created_at":"2026-01-26T09:33:54Z","topics":[],"owner":{"login":"ThumpBo","html_url":"https://github.com/ThumpBo"},"clone_url":"https://github.com/ThumpBo/CVE-2026-21962.git"},{"id":1220151992,"name":"CVE-2026-21962","full_name":"0xBlackash/CVE-2026-21962","html_url":"https://github.com/0xBlackash/CVE-2026-21962","description":"CVE-2026-21962","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-26T02:56:53Z","pushed_at":"2026-04-24T16:00:56Z","created_at":"2026-04-24T15:45:49Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-21962.git"},{"id":1187765663,"name":"CVE-2026-21962_Java_GUI_Exploit_Tool","full_name":"naozibuhao/CVE-2026-21962_Java_GUI_Exploit_Tool","html_url":"https://github.com/naozibuhao/CVE-2026-21962_Java_GUI_Exploit_Tool","description":"","stargazers_count":1,"forks_count":0,"language":"Java","updated_at":"2026-04-08T08:49:29Z","pushed_at":"2026-03-21T06:06:26Z","created_at":"2026-03-21T06:03:22Z","topics":[],"owner":{"login":"naozibuhao","html_url":"https://github.com/naozibuhao"},"clone_url":"https://github.com/naozibuhao/CVE-2026-21962_Java_GUI_Exploit_Tool.git"},{"id":1175798664,"name":"cve-2026-21962","full_name":"gregk4sec/cve-2026-21962","html_url":"https://github.com/gregk4sec/cve-2026-21962","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-09T05:04:42Z","pushed_at":"2026-03-09T05:04:39Z","created_at":"2026-03-08T07:20:13Z","topics":[],"owner":{"login":"gregk4sec","html_url":"https://github.com/gregk4sec"},"clone_url":"https://github.com/gregk4sec/cve-2026-21962.git"},{"id":1148676646,"name":"CVE-2026-21962-o","full_name":"gregk4sec/CVE-2026-21962-o","html_url":"https://github.com/gregk4sec/CVE-2026-21962-o","description":"CVE Finder","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-08T07:00:03Z","pushed_at":"2026-02-03T08:43:21Z","created_at":"2026-02-03T08:35:22Z","topics":[],"owner":{"login":"gregk4sec","html_url":"https://github.com/gregk4sec"},"clone_url":"https://github.com/gregk4sec/CVE-2026-21962-o.git"}]},{"cve_id":"CVE-2026-21986","repositories":[{"id":1222900009,"name":"CVE-2026-21986-VirtualBox-DoS","full_name":"MohaBars/CVE-2026-21986-VirtualBox-DoS","html_url":"https://github.com/MohaBars/CVE-2026-21986-VirtualBox-DoS","description":"CVE-2026-21986: VirtualBox Shared Folders kernel memory exhaustion DoS","stargazers_count":0,"forks_count":0,"language":"C++","updated_at":"2026-04-29T10:30:24Z","pushed_at":"2026-04-29T10:30:21Z","created_at":"2026-04-27T20:21:54Z","topics":[],"owner":{"login":"MohaBars","html_url":"https://github.com/MohaBars"},"clone_url":"https://github.com/MohaBars/CVE-2026-21986-VirtualBox-DoS.git"}]},{"cve_id":"CVE-2026-21994","repositories":[{"id":1188086620,"name":"CVE-2026-21994","full_name":"g0w6y/CVE-2026-21994","html_url":"https://github.com/g0w6y/CVE-2026-21994","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-21T16:22:03Z","pushed_at":"2026-03-21T16:22:00Z","created_at":"2026-03-21T15:47:53Z","topics":[],"owner":{"login":"g0w6y","html_url":"https://github.com/g0w6y"},"clone_url":"https://github.com/g0w6y/CVE-2026-21994.git"}]},{"cve_id":"CVE-2026-22038","repositories":[{"id":1220610272,"name":"CVE-2026-22038","full_name":"sivaadityacoder/CVE-2026-22038","html_url":"https://github.com/sivaadityacoder/CVE-2026-22038","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-25T07:41:45Z","pushed_at":"2026-04-25T07:41:40Z","created_at":"2026-04-25T05:14:24Z","topics":[],"owner":{"login":"sivaadityacoder","html_url":"https://github.com/sivaadityacoder"},"clone_url":"https://github.com/sivaadityacoder/CVE-2026-22038.git"}]},{"cve_id":"CVE-2026-22187","repositories":[{"id":1154021361,"name":"CVE-2026-22187-Bio-Formats-unsafe-Java-deserialization-via-.bfmemo","full_name":"George0Papasotiriou/CVE-2026-22187-Bio-Formats-unsafe-Java-deserialization-via-.bfmemo","html_url":"https://github.com/George0Papasotiriou/CVE-2026-22187-Bio-Formats-unsafe-Java-deserialization-via-.bfmemo","description":"Bio-Formats ≤ 8.3.0 performs unsafe Java deserialization of attacker-controlled .bfmemo cache files during image processing; crafted .bfmemo can trigger deserialization of untrusted data (DoS/logic manipulation; potentially RCE if gadget chains exist).","stargazers_count":1,"forks_count":0,"language":"Java","updated_at":"2026-02-10T00:09:23Z","pushed_at":"2026-02-09T23:41:22Z","created_at":"2026-02-09T23:39:31Z","topics":[],"owner":{"login":"George0Papasotiriou","html_url":"https://github.com/George0Papasotiriou"},"clone_url":"https://github.com/George0Papasotiriou/CVE-2026-22187-Bio-Formats-unsafe-Java-deserialization-via-.bfmemo.git"}]},{"cve_id":"CVE-2026-22200","repositories":[{"id":1139255567,"name":"CVE-2026-22200","full_name":"horizon3ai/CVE-2026-22200","html_url":"https://github.com/horizon3ai/CVE-2026-22200","description":"CVE-2026-22200: Arbitrary file read + CNEXT RCE in osTicket","stargazers_count":8,"forks_count":1,"language":"Python","updated_at":"2026-02-08T20:30:58Z","pushed_at":"2026-01-22T15:55:17Z","created_at":"2026-01-21T18:13:57Z","topics":[],"owner":{"login":"horizon3ai","html_url":"https://github.com/horizon3ai"},"clone_url":"https://github.com/horizon3ai/CVE-2026-22200.git"},{"id":1198098445,"name":"CVE-2026-22200","full_name":"Remnant-DB/CVE-2026-22200","html_url":"https://github.com/Remnant-DB/CVE-2026-22200","description":"osTicket 1.18.1 Environment (CVE-2026-22200) Lab","stargazers_count":0,"forks_count":0,"language":"Dockerfile","updated_at":"2026-04-01T05:52:04Z","pushed_at":"2026-04-01T05:52:00Z","created_at":"2026-04-01T05:51:23Z","topics":[],"owner":{"login":"Remnant-DB","html_url":"https://github.com/Remnant-DB"},"clone_url":"https://github.com/Remnant-DB/CVE-2026-22200.git"}]},{"cve_id":"CVE-2026-22241","repositories":[{"id":1214646923,"name":"CVE-2026-22241","full_name":"0xBlackash/CVE-2026-22241","html_url":"https://github.com/0xBlackash/CVE-2026-22241","description":"CVE-2026-22241","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-04-21T19:11:08Z","pushed_at":"2026-04-18T21:34:03Z","created_at":"2026-04-18T21:23:19Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-22241.git"},{"id":1132749218,"name":"CVE-2026-22241","full_name":"Ashifcoder/CVE-2026-22241","html_url":"https://github.com/Ashifcoder/CVE-2026-22241","description":"CVE-2026-22241 Exploit for GUnet Open eClass Unrestricted File Upload Leads to Remote Code Execution (RCE)","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-02-25T10:38:23Z","pushed_at":"2026-01-12T18:56:48Z","created_at":"2026-01-12T11:55:53Z","topics":["cve","cve-2026-22241"],"owner":{"login":"Ashifcoder","html_url":"https://github.com/Ashifcoder"},"clone_url":"https://github.com/Ashifcoder/CVE-2026-22241.git"},{"id":1161143065,"name":"CVE-2026-22241","full_name":"CVEs-Labs/CVE-2026-22241","html_url":"https://github.com/CVEs-Labs/CVE-2026-22241","description":"Lab Environment for CVE-2026-22241","stargazers_count":0,"forks_count":0,"language":"PHP","updated_at":"2026-04-18T17:37:21Z","pushed_at":"2026-04-18T17:37:17Z","created_at":"2026-02-18T19:29:50Z","topics":[],"owner":{"login":"CVEs-Labs","html_url":"https://github.com/CVEs-Labs"},"clone_url":"https://github.com/CVEs-Labs/CVE-2026-22241.git"}]},{"cve_id":"CVE-2026-22243","repositories":[{"id":1208064651,"name":"CVE-2026-22243","full_name":"lukasz-rybak/CVE-2026-22243","html_url":"https://github.com/lukasz-rybak/CVE-2026-22243","description":"CVE-2026-22243 - EGroupware has SQL Injection in Nextmatch Filter Processing","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-11T19:21:45Z","pushed_at":"2026-04-11T19:21:36Z","created_at":"2026-04-11T19:13:32Z","topics":[],"owner":{"login":"lukasz-rybak","html_url":"https://github.com/lukasz-rybak"},"clone_url":"https://github.com/lukasz-rybak/CVE-2026-22243.git"}]},{"cve_id":"CVE-2026-22444","repositories":[{"id":1140237972,"name":"CVE-2026-22444","full_name":"bfdfhdsfdd-crypto/CVE-2026-22444","html_url":"https://github.com/bfdfhdsfdd-crypto/CVE-2026-22444","description":"CVE-2026-22444 是一个影响 Apache Solr 的安全漏洞，于 2026 年 1 月 20 日左右公开披露。该漏洞源于 Apache Solr 的 \"create core\" API 在某些 API 参数上的输入验证不足（CWE-20: Improper Input Validation），允许攻击者在 Solr 运行于 \"standalone\" 模式时绕过安全规则，可能导致数据泄露、远程代码执行 (RCE) 或 NTLM 哈希披露。","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-23T02:44:37Z","pushed_at":"2026-01-23T02:44:32Z","created_at":"2026-01-23T02:18:02Z","topics":[],"owner":{"login":"bfdfhdsfdd-crypto","html_url":"https://github.com/bfdfhdsfdd-crypto"},"clone_url":"https://github.com/bfdfhdsfdd-crypto/CVE-2026-22444.git"},{"id":1140010611,"name":"CVE-2026-22444","full_name":"dptsec/CVE-2026-22444","html_url":"https://github.com/dptsec/CVE-2026-22444","description":"PoC for CVE-2026-22444: Apache Solr 8.6-9.10.0 Windows standalone mode RCE/NTLM hash disclosure","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-22T18:00:35Z","pushed_at":"2026-01-22T18:00:20Z","created_at":"2026-01-22T17:55:17Z","topics":[],"owner":{"login":"dptsec","html_url":"https://github.com/dptsec"},"clone_url":"https://github.com/dptsec/CVE-2026-22444.git"}]},{"cve_id":"CVE-2026-22557","repositories":[{"id":1207875913,"name":"CVE-2026-22557-PoC","full_name":"ThePotatoOfDoom/CVE-2026-22557-PoC","html_url":"https://github.com/ThePotatoOfDoom/CVE-2026-22557-PoC","description":"PoC for UniFi Network Application Pre-Auth Path Traversal (CVE-2026-22557)","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-11T14:33:19Z","pushed_at":"2026-04-11T14:33:16Z","created_at":"2026-04-11T14:21:58Z","topics":[],"owner":{"login":"ThePotatoOfDoom","html_url":"https://github.com/ThePotatoOfDoom"},"clone_url":"https://github.com/ThePotatoOfDoom/CVE-2026-22557-PoC.git"},{"id":1202051425,"name":"CVE-2026-22557","full_name":"0xBlackash/CVE-2026-22557","html_url":"https://github.com/0xBlackash/CVE-2026-22557","description":"CVE-2026-22557","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-05T14:43:14Z","pushed_at":"2026-04-05T14:43:11Z","created_at":"2026-04-05T14:31:35Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-22557.git"},{"id":1188868488,"name":"cve-2026-22557-unifi-detection","full_name":"GarethMSheldon/cve-2026-22557-unifi-detection","html_url":"https://github.com/GarethMSheldon/cve-2026-22557-unifi-detection","description":"Detection content for CVE-2026-22557 — UniFi Network Application unauthenticated path traversal (CVSS 10.0). Includes YARA, Sigma, KQL, Splunk SPL, Sysmon config, and a bash detection script.","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-03-22T17:45:45Z","pushed_at":"2026-03-22T17:41:01Z","created_at":"2026-03-22T17:34:48Z","topics":[],"owner":{"login":"GarethMSheldon","html_url":"https://github.com/GarethMSheldon"},"clone_url":"https://github.com/GarethMSheldon/cve-2026-22557-unifi-detection.git"}]},{"cve_id":"CVE-2026-2256","repositories":[{"id":1153387510,"name":"CVE-2026-2256-PoC","full_name":"Itamar-Yochpaz/CVE-2026-2256-PoC","html_url":"https://github.com/Itamar-Yochpaz/CVE-2026-2256-PoC","description":"","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-03-05T12:34:05Z","pushed_at":"2026-02-10T07:25:32Z","created_at":"2026-02-09T08:40:00Z","topics":[],"owner":{"login":"Itamar-Yochpaz","html_url":"https://github.com/Itamar-Yochpaz"},"clone_url":"https://github.com/Itamar-Yochpaz/CVE-2026-2256-PoC.git"}]},{"cve_id":"CVE-2026-22610","repositories":[{"id":1136800901,"name":"CVE-2026-22610","full_name":"ashizZz/CVE-2026-22610","html_url":"https://github.com/ashizZz/CVE-2026-22610","description":"","stargazers_count":1,"forks_count":0,"language":"JavaScript","updated_at":"2026-02-19T15:27:38Z","pushed_at":"2026-01-18T11:42:19Z","created_at":"2026-01-18T11:38:02Z","topics":[],"owner":{"login":"ashizZz","html_url":"https://github.com/ashizZz"},"clone_url":"https://github.com/ashizZz/CVE-2026-22610.git"}]},{"cve_id":"CVE-2026-22666","repositories":[{"id":1184416504,"name":"DOLIBARR-RCE-CVE-2026-22666","full_name":"JivaSecurity/DOLIBARR-RCE-CVE-2026-22666","html_url":"https://github.com/JivaSecurity/DOLIBARR-RCE-CVE-2026-22666","description":"dol_eval_standard() whitelist bypass eval() RCE, affecting Dolibarr 23.0.0 and below by jiva (jivasecurity.com)","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-08T02:35:45Z","pushed_at":"2026-04-08T02:35:37Z","created_at":"2026-03-17T15:09:09Z","topics":[],"owner":{"login":"JivaSecurity","html_url":"https://github.com/JivaSecurity"},"clone_url":"https://github.com/JivaSecurity/DOLIBARR-RCE-CVE-2026-22666.git"}]},{"cve_id":"CVE-2026-22679","repositories":[{"id":1212560433,"name":"CVE-2026-22679","full_name":"keraattin/CVE-2026-22679","html_url":"https://github.com/keraattin/CVE-2026-22679","description":"Critical RCE vulnerability (CVSS 9.3) in Weaver E-cology platform versions prior to build 20260312. Unauthenticated remote code execution via exposed debug endpoint at /papi/esearch/data/devops/dubboApi/debug/method. Comprehensive analysis, proof-of-concept, and detection guidance included.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-16T14:12:54Z","pushed_at":"2026-04-16T13:56:56Z","created_at":"2026-04-16T13:55:42Z","topics":["cve","cybersecurity","ecology-oa","enterprise-oa","java","rce","unauthenticated","vulnerability-research","weaver"],"owner":{"login":"keraattin","html_url":"https://github.com/keraattin"},"clone_url":"https://github.com/keraattin/CVE-2026-22679.git"}]},{"cve_id":"CVE-2026-22683","repositories":[{"id":1131928459,"name":"Windfall","full_name":"Chocapikk/Windfall","html_url":"https://github.com/Chocapikk/Windfall","description":"Windfall - Unauthenticated RCE exploit chain for Windmill \u0026 Nextcloud Flow (CVE-2026-29059). Path traversal + credential leak + PostgreSQL heap dump + Nextcloud AppAPI takeover.","stargazers_count":13,"forks_count":2,"language":"Ruby","updated_at":"2026-04-15T23:10:42Z","pushed_at":"2026-04-07T17:20:20Z","created_at":"2026-01-11T00:57:54Z","topics":["cve","cve-2026-22683","cve-2026-23696","cve-2026-29059","exploit","nextcloud","path-traversal","pentesting","python","rce","security","security-research","sql-injection","windmill"],"owner":{"login":"Chocapikk","html_url":"https://github.com/Chocapikk"},"clone_url":"https://github.com/Chocapikk/Windfall.git"}]},{"cve_id":"CVE-2026-22686","repositories":[{"id":1173202986,"name":"CVE-2026-22686-RemoteCodeExecution-RCE-PoC","full_name":"moltengama/CVE-2026-22686-RemoteCodeExecution-RCE-PoC","html_url":"https://github.com/moltengama/CVE-2026-22686-RemoteCodeExecution-RCE-PoC","description":"","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-03-06T01:12:44Z","pushed_at":"2026-03-05T05:50:03Z","created_at":"2026-03-05T05:35:27Z","topics":[],"owner":{"login":"moltengama","html_url":"https://github.com/moltengama"},"clone_url":"https://github.com/moltengama/CVE-2026-22686-RemoteCodeExecution-RCE-PoC.git"},{"id":1135215068,"name":"CVE-2026-22686","full_name":"amusedx/CVE-2026-22686","html_url":"https://github.com/amusedx/CVE-2026-22686","description":"","stargazers_count":1,"forks_count":0,"language":"JavaScript","updated_at":"2026-01-19T06:13:23Z","pushed_at":"2026-01-15T20:45:03Z","created_at":"2026-01-15T19:51:23Z","topics":[],"owner":{"login":"amusedx","html_url":"https://github.com/amusedx"},"clone_url":"https://github.com/amusedx/CVE-2026-22686.git"}]},{"cve_id":"CVE-2026-22692","repositories":[{"id":1210136077,"name":"CVE-2026-22692","full_name":"lukasz-rybak/CVE-2026-22692","html_url":"https://github.com/lukasz-rybak/CVE-2026-22692","description":"CVE-2026-22692 - Critical Twig Sandbox Bypass via collect()-\u003emapInto() allowing RCE/LFI/XXE in October CMS","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-14T07:10:19Z","pushed_at":"2026-04-14T07:10:15Z","created_at":"2026-04-14T05:54:02Z","topics":[],"owner":{"login":"lukasz-rybak","html_url":"https://github.com/lukasz-rybak"},"clone_url":"https://github.com/lukasz-rybak/CVE-2026-22692.git"}]},{"cve_id":"CVE-2026-22722","repositories":[{"id":1174511512,"name":"CVE-2026-22722","full_name":"D7EAD/CVE-2026-22722","html_url":"https://github.com/D7EAD/CVE-2026-22722","description":"A State-based logic vulnerability in VMWare Workstation Pro's Kernel NUIF","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-03-06T17:58:41Z","pushed_at":"2026-03-06T14:27:42Z","created_at":"2026-03-06T14:26:52Z","topics":[],"owner":{"login":"D7EAD","html_url":"https://github.com/D7EAD"},"clone_url":"https://github.com/D7EAD/CVE-2026-22722.git"}]},{"cve_id":"CVE-2026-22730","repositories":[{"id":1187094712,"name":"CVE-2026-22730-Scanner","full_name":"NULL200OK/CVE-2026-22730-Scanner","html_url":"https://github.com/NULL200OK/CVE-2026-22730-Scanner","description":"CVE-2026-22730 Scanner \u0026 Exploit – Spring AI MariaDB Vector Store SQL Injection ,A professional security assessment tool for CVE-2026-22730 – a critical SQL injection vulnerability discovered in Spring AI's MariaDB vector store.","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-04-09T00:31:23Z","pushed_at":"2026-03-20T10:49:53Z","created_at":"2026-03-20T10:35:12Z","topics":[],"owner":{"login":"NULL200OK","html_url":"https://github.com/NULL200OK"},"clone_url":"https://github.com/NULL200OK/CVE-2026-22730-Scanner.git"}]},{"cve_id":"CVE-2026-22732","repositories":[{"id":1204098593,"name":"cve-2026-22732-demo","full_name":"semgrep/cve-2026-22732-demo","html_url":"https://github.com/semgrep/cve-2026-22732-demo","description":"Minimal reproduction of CVE-2026-22732 — Spring Security HTTP headers silently dropped","stargazers_count":0,"forks_count":0,"language":"Java","updated_at":"2026-04-07T17:31:13Z","pushed_at":"2026-04-07T17:31:07Z","created_at":"2026-04-07T17:31:04Z","topics":[],"owner":{"login":"semgrep","html_url":"https://github.com/semgrep"},"clone_url":"https://github.com/semgrep/cve-2026-22732-demo.git"}]},{"cve_id":"CVE-2026-22738","repositories":[{"id":1199683049,"name":"CVE-2026-22738-POC","full_name":"n0n4m3x41/CVE-2026-22738-POC","html_url":"https://github.com/n0n4m3x41/CVE-2026-22738-POC","description":"PoC for CVE-2026-22738","stargazers_count":13,"forks_count":1,"language":"Python","updated_at":"2026-04-06T11:19:13Z","pushed_at":"2026-04-02T17:14:52Z","created_at":"2026-04-02T15:44:21Z","topics":[],"owner":{"login":"n0n4m3x41","html_url":"https://github.com/n0n4m3x41"},"clone_url":"https://github.com/n0n4m3x41/CVE-2026-22738-POC.git"},{"id":1200359959,"name":"CVE-2026-22738","full_name":"rockmelodies/CVE-2026-22738","html_url":"https://github.com/rockmelodies/CVE-2026-22738","description":"SpEL Injection via Unescaped Filter Key in SimpleVectorStore Leads to Remote Code Execution","stargazers_count":2,"forks_count":1,"language":"Python","updated_at":"2026-04-12T13:02:00Z","pushed_at":"2026-04-07T10:59:20Z","created_at":"2026-04-03T10:16:50Z","topics":[],"owner":{"login":"rockmelodies","html_url":"https://github.com/rockmelodies"},"clone_url":"https://github.com/rockmelodies/CVE-2026-22738.git"}]},{"cve_id":"CVE-2026-22777","repositories":[{"id":1196731811,"name":"CVE-2026-22777","full_name":"wcnmwcis/CVE-2026-22777","html_url":"https://github.com/wcnmwcis/CVE-2026-22777","description":"ComfyUI-Manager Remote Code Execution exploit. Covers CVE-2025-67303 (config file exposure) and CVE-2026-22777 (CRLF injection). Includes Python script, Nuclei template, and evil git server.","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-31T02:04:35Z","pushed_at":"2026-03-31T01:42:13Z","created_at":"2026-03-31T01:42:12Z","topics":[],"owner":{"login":"wcnmwcis","html_url":"https://github.com/wcnmwcis"},"clone_url":"https://github.com/wcnmwcis/CVE-2026-22777.git"}]},{"cve_id":"CVE-2026-22785","repositories":[{"id":1136207591,"name":"CVE-2026-22785","full_name":"langbyyi/CVE-2026-22785","html_url":"https://github.com/langbyyi/CVE-2026-22785","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-17T15:14:48Z","pushed_at":"2026-01-17T15:14:44Z","created_at":"2026-01-17T09:07:50Z","topics":[],"owner":{"login":"langbyyi","html_url":"https://github.com/langbyyi"},"clone_url":"https://github.com/langbyyi/CVE-2026-22785.git"}]},{"cve_id":"CVE-2026-22794","repositories":[{"id":1140644727,"name":"CVE-2026-22794-POC","full_name":"MalikHamza7/CVE-2026-22794-POC","html_url":"https://github.com/MalikHamza7/CVE-2026-22794-POC","description":"🔴 CVE-2026-22794 - Appsmith Password Reset Account Takeover via Origin Header Injection | PoC Exploit + Nuclei Template","stargazers_count":7,"forks_count":0,"language":"Python","updated_at":"2026-01-28T21:58:09Z","pushed_at":"2026-01-23T15:31:43Z","created_at":"2026-01-23T15:10:31Z","topics":["account-takeover","appsmith","bug-bounty","cve-2026-22794","origin-injection","penetration-testing","poc","security-tools"],"owner":{"login":"MalikHamza7","html_url":"https://github.com/MalikHamza7"},"clone_url":"https://github.com/MalikHamza7/CVE-2026-22794-POC.git"}]},{"cve_id":"CVE-2026-22804","repositories":[{"id":1133265530,"name":"CVE-2026-22804","full_name":"ThemeHackers/CVE-2026-22804","html_url":"https://github.com/ThemeHackers/CVE-2026-22804","description":"This repository contains a Proof of Concept (PoC) exploit for the Stored Cross-Site Scripting (XSS) vulnerability in Termix, which can lead to Local File Inclusion (LFI) in the Electron environment and Session Hijacking.","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-01-13T06:02:48Z","pushed_at":"2026-01-13T06:02:45Z","created_at":"2026-01-13T05:34:55Z","topics":[],"owner":{"login":"ThemeHackers","html_url":"https://github.com/ThemeHackers"},"clone_url":"https://github.com/ThemeHackers/CVE-2026-22804.git"}]},{"cve_id":"CVE-2026-22807","repositories":[{"id":1146590691,"name":"CVE-2026-22807_Range","full_name":"otakuliu/CVE-2026-22807_Range","html_url":"https://github.com/otakuliu/CVE-2026-22807_Range","description":"CVE-2026-22807的靶场","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-31T10:55:50Z","pushed_at":"2026-01-31T10:55:47Z","created_at":"2026-01-31T10:52:29Z","topics":[],"owner":{"login":"otakuliu","html_url":"https://github.com/otakuliu"},"clone_url":"https://github.com/otakuliu/CVE-2026-22807_Range.git"}]},{"cve_id":"CVE-2026-22812","repositories":[{"id":1135667656,"name":"CVE-2026-22812-exploit","full_name":"rohmatariow/CVE-2026-22812-exploit","html_url":"https://github.com/rohmatariow/CVE-2026-22812-exploit","description":"","stargazers_count":33,"forks_count":6,"language":"Python","updated_at":"2026-04-11T09:52:05Z","pushed_at":"2026-01-16T12:42:30Z","created_at":"2026-01-16T12:25:16Z","topics":[],"owner":{"login":"rohmatariow","html_url":"https://github.com/rohmatariow"},"clone_url":"https://github.com/rohmatariow/CVE-2026-22812-exploit.git"},{"id":1202590298,"name":"CVE-2026-22812","full_name":"0xBlackash/CVE-2026-22812","html_url":"https://github.com/0xBlackash/CVE-2026-22812","description":"CVE-2026-22812","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-04-09T14:51:13Z","pushed_at":"2026-04-06T07:42:33Z","created_at":"2026-04-06T07:22:53Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-22812.git"},{"id":1137801274,"name":"CVE-2026-22812","full_name":"0xgh057r3c0n/CVE-2026-22812","html_url":"https://github.com/0xgh057r3c0n/CVE-2026-22812","description":"OpenCode  \u003c v1.0.216 - Unauthenticated RCE","stargazers_count":2,"forks_count":1,"language":"Python","updated_at":"2026-04-19T16:13:58Z","pushed_at":"2026-01-19T21:28:16Z","created_at":"2026-01-19T21:20:41Z","topics":[],"owner":{"login":"0xgh057r3c0n","html_url":"https://github.com/0xgh057r3c0n"},"clone_url":"https://github.com/0xgh057r3c0n/CVE-2026-22812.git"},{"id":1137223601,"name":"opencode-secure","full_name":"barrersoftware/opencode-secure","html_url":"https://github.com/barrersoftware/opencode-secure","description":"Security-hardened fork of OpenCode - Fixes CVE-2026-22812 (CVSS 8.8 RCE) that upstream refuses to patch","stargazers_count":2,"forks_count":0,"language":"TypeScript","updated_at":"2026-02-12T06:57:59Z","pushed_at":"2026-01-19T06:09:50Z","created_at":"2026-01-19T04:52:22Z","topics":[],"owner":{"login":"barrersoftware","html_url":"https://github.com/barrersoftware"},"clone_url":"https://github.com/barrersoftware/opencode-secure.git"},{"id":1222039409,"name":"CVE-2026-22812-OpenCode-RCE-exp","full_name":"Hex-Neo/CVE-2026-22812-OpenCode-RCE-exp","html_url":"https://github.com/Hex-Neo/CVE-2026-22812-OpenCode-RCE-exp","description":"","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-04-27T01:42:42Z","pushed_at":"2026-04-27T01:40:49Z","created_at":"2026-04-27T01:38:45Z","topics":[],"owner":{"login":"Hex-Neo","html_url":"https://github.com/Hex-Neo"},"clone_url":"https://github.com/Hex-Neo/CVE-2026-22812-OpenCode-RCE-exp.git"},{"id":1195202220,"name":"ai-agent-security-research","full_name":"HodgeLuke/ai-agent-security-research","html_url":"https://github.com/HodgeLuke/ai-agent-security-research","description":"Open security research on AI coding agent infrastructure. Agent-executable remediation manifests for CVE-2026-22812 and CVE-2026-22813.","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-04-05T21:13:48Z","pushed_at":"2026-03-29T11:27:33Z","created_at":"2026-03-29T11:19:22Z","topics":[],"owner":{"login":"HodgeLuke","html_url":"https://github.com/HodgeLuke"},"clone_url":"https://github.com/HodgeLuke/ai-agent-security-research.git"},{"id":1135628139,"name":"CVE-2026-22812-Exp","full_name":"Udyz/CVE-2026-22812-Exp","html_url":"https://github.com/Udyz/CVE-2026-22812-Exp","description":"CVE-2026-22812 - OpenCode Unauth RCE","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-01-18T05:27:34Z","pushed_at":"2026-01-16T11:16:36Z","created_at":"2026-01-16T11:15:04Z","topics":[],"owner":{"login":"Udyz","html_url":"https://github.com/Udyz"},"clone_url":"https://github.com/Udyz/CVE-2026-22812-Exp.git"},{"id":1138245160,"name":"CVE-2026-22812-POC","full_name":"CayberMods/CVE-2026-22812-POC","html_url":"https://github.com/CayberMods/CVE-2026-22812-POC","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-20T13:02:39Z","pushed_at":"2026-01-20T13:02:35Z","created_at":"2026-01-20T12:29:32Z","topics":[],"owner":{"login":"CayberMods","html_url":"https://github.com/CayberMods"},"clone_url":"https://github.com/CayberMods/CVE-2026-22812-POC.git"},{"id":1136742611,"name":"CVE-2026-22812","full_name":"mad12wader/CVE-2026-22812","html_url":"https://github.com/mad12wader/CVE-2026-22812","description":"CVE-2026-22812 - OpenCode Unauthenticated RCE-Nuclei template for scan","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-01-18T09:55:36Z","pushed_at":"2026-01-18T09:55:33Z","created_at":"2026-01-18T09:11:31Z","topics":[],"owner":{"login":"mad12wader","html_url":"https://github.com/mad12wader"},"clone_url":"https://github.com/mad12wader/CVE-2026-22812.git"}]},{"cve_id":"CVE-2026-22813","repositories":[{"id":1195202220,"name":"ai-agent-security-research","full_name":"HodgeLuke/ai-agent-security-research","html_url":"https://github.com/HodgeLuke/ai-agent-security-research","description":"Open security research on AI coding agent infrastructure. Agent-executable remediation manifests for CVE-2026-22812 and CVE-2026-22813.","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-04-05T21:13:48Z","pushed_at":"2026-03-29T11:27:33Z","created_at":"2026-03-29T11:19:22Z","topics":[],"owner":{"login":"HodgeLuke","html_url":"https://github.com/HodgeLuke"},"clone_url":"https://github.com/HodgeLuke/ai-agent-security-research.git"}]},{"cve_id":"CVE-2026-22849","repositories":[{"id":1208065591,"name":"CVE-2026-22849","full_name":"lukasz-rybak/CVE-2026-22849","html_url":"https://github.com/lukasz-rybak/CVE-2026-22849","description":"CVE-2026-22849 - Saleor lacks proper HTML sanitization in rich text fields","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-11T19:22:41Z","pushed_at":"2026-04-11T19:22:35Z","created_at":"2026-04-11T19:15:13Z","topics":[],"owner":{"login":"lukasz-rybak","html_url":"https://github.com/lukasz-rybak"},"clone_url":"https://github.com/lukasz-rybak/CVE-2026-22849.git"}]},{"cve_id":"CVE-2026-22862","repositories":[{"id":1137419358,"name":"CVE-2026-22862","full_name":"qzhodl/CVE-2026-22862","html_url":"https://github.com/qzhodl/CVE-2026-22862","description":"","stargazers_count":0,"forks_count":0,"language":"Go","updated_at":"2026-01-19T10:49:48Z","pushed_at":"2026-01-19T10:48:16Z","created_at":"2026-01-19T10:47:49Z","topics":[],"owner":{"login":"qzhodl","html_url":"https://github.com/qzhodl"},"clone_url":"https://github.com/qzhodl/CVE-2026-22862.git"}]},{"cve_id":"CVE-2026-23398","repositories":[{"id":1205213510,"name":"cve-2026-23398-poc","full_name":"zpol/cve-2026-23398-poc","html_url":"https://github.com/zpol/cve-2026-23398-poc","description":"Functional LAB with CVE-2026-23398 PoC ","stargazers_count":1,"forks_count":0,"language":"Shell","updated_at":"2026-04-13T01:03:42Z","pushed_at":"2026-04-08T19:18:33Z","created_at":"2026-04-08T18:42:24Z","topics":[],"owner":{"login":"zpol","html_url":"https://github.com/zpol"},"clone_url":"https://github.com/zpol/cve-2026-23398-poc.git"},{"id":1202280414,"name":"CVE-2026-23398","full_name":"JohannesLks/CVE-2026-23398","html_url":"https://github.com/JohannesLks/CVE-2026-23398","description":"icmp_tag_validation() NULL deref","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-08T20:18:14Z","pushed_at":"2026-04-05T21:25:25Z","created_at":"2026-04-05T20:48:59Z","topics":[],"owner":{"login":"JohannesLks","html_url":"https://github.com/JohannesLks"},"clone_url":"https://github.com/JohannesLks/CVE-2026-23398.git"}]},{"cve_id":"CVE-2026-23416","repositories":[{"id":1199636800,"name":"CVE-2026-23416-POC","full_name":"bluedragonsecurity/CVE-2026-23416-POC","html_url":"https://github.com/bluedragonsecurity/CVE-2026-23416-POC","description":"POC for CVE-2026-23416 (linux kernel 6.17 – linux kernel 7 rc5) - vulnerability discovered by Antonius","stargazers_count":7,"forks_count":1,"language":"C","updated_at":"2026-04-19T11:39:25Z","pushed_at":"2026-04-02T18:05:41Z","created_at":"2026-04-02T14:51:03Z","topics":[],"owner":{"login":"bluedragonsecurity","html_url":"https://github.com/bluedragonsecurity"},"clone_url":"https://github.com/bluedragonsecurity/CVE-2026-23416-POC.git"}]},{"cve_id":"CVE-2026-23491","repositories":[{"id":1208065272,"name":"CVE-2026-23491","full_name":"lukasz-rybak/CVE-2026-23491","html_url":"https://github.com/lukasz-rybak/CVE-2026-23491","description":"CVE-2026-23491 - InvoicePlane has Unauthenticated Path Traversal in Guest Controller","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-11T19:22:19Z","pushed_at":"2026-04-11T19:22:16Z","created_at":"2026-04-11T19:14:40Z","topics":[],"owner":{"login":"lukasz-rybak","html_url":"https://github.com/lukasz-rybak"},"clone_url":"https://github.com/lukasz-rybak/CVE-2026-23491.git"}]},{"cve_id":"CVE-2026-23498","repositories":[{"id":1208065836,"name":"CVE-2026-23498","full_name":"lukasz-rybak/CVE-2026-23498","html_url":"https://github.com/lukasz-rybak/CVE-2026-23498","description":"CVE-2026-23498 - Shopware Has Improper Control of Generation of Code in Twig rendered views","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-11T19:22:54Z","pushed_at":"2026-04-11T19:22:51Z","created_at":"2026-04-11T19:15:40Z","topics":[],"owner":{"login":"lukasz-rybak","html_url":"https://github.com/lukasz-rybak"},"clone_url":"https://github.com/lukasz-rybak/CVE-2026-23498.git"}]},{"cve_id":"CVE-2026-23499","repositories":[{"id":1208065534,"name":"CVE-2026-23499","full_name":"lukasz-rybak/CVE-2026-23499","html_url":"https://github.com/lukasz-rybak/CVE-2026-23499","description":"CVE-2026-23499 - Saleor vulnerable to stored XSS via Unrestricted File Upload","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-11T19:22:35Z","pushed_at":"2026-04-11T19:22:32Z","created_at":"2026-04-11T19:15:07Z","topics":[],"owner":{"login":"lukasz-rybak","html_url":"https://github.com/lukasz-rybak"},"clone_url":"https://github.com/lukasz-rybak/CVE-2026-23499.git"}]},{"cve_id":"CVE-2026-23500","repositories":[{"id":1208077532,"name":"CVE-2026-23500","full_name":"lukasz-rybak/CVE-2026-23500","html_url":"https://github.com/lukasz-rybak/CVE-2026-23500","description":"CVE-2026-23500 - OS Command Injection (RCE) via MAIN_ODT_AS_PDF configuration in Dolibarr","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-11T19:40:05Z","pushed_at":"2026-04-11T19:39:59Z","created_at":"2026-04-11T19:37:51Z","topics":[],"owner":{"login":"lukasz-rybak","html_url":"https://github.com/lukasz-rybak"},"clone_url":"https://github.com/lukasz-rybak/CVE-2026-23500.git"}]},{"cve_id":"CVE-2026-23520","repositories":[{"id":1188290976,"name":"POC-CVE-2026-23520","full_name":"Augmaster/POC-CVE-2026-23520","html_url":"https://github.com/Augmaster/POC-CVE-2026-23520","description":"","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-03-23T17:10:18Z","pushed_at":"2026-03-21T22:04:56Z","created_at":"2026-03-21T21:52:49Z","topics":[],"owner":{"login":"Augmaster","html_url":"https://github.com/Augmaster"},"clone_url":"https://github.com/Augmaster/POC-CVE-2026-23520.git"},{"id":1189734270,"name":"CVE-2026-23520","full_name":"cypher-21/CVE-2026-23520","html_url":"https://github.com/cypher-21/CVE-2026-23520","description":"CVE-2026-23520 is a critical command injection vulnerability in Arcane, a modern Docker management platform. The flaw exists in the platform's updater service and allows for Remote Code Execution (RCE)","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-24T16:22:28Z","pushed_at":"2026-03-23T16:08:53Z","created_at":"2026-03-23T16:03:46Z","topics":[],"owner":{"login":"cypher-21","html_url":"https://github.com/cypher-21"},"clone_url":"https://github.com/cypher-21/CVE-2026-23520.git"},{"id":1188295256,"name":"CVE-2026-23520","full_name":"0xzap/CVE-2026-23520","html_url":"https://github.com/0xzap/CVE-2026-23520","description":"A proof‑of‑concept exploit demonstrating unauthenticated remote command execution in Arcane MCP (CVE‑2026‑23520) via the /api/mcp/connect endpoint.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-25T17:01:16Z","pushed_at":"2026-03-23T15:30:06Z","created_at":"2026-03-21T22:02:27Z","topics":[],"owner":{"login":"0xzap","html_url":"https://github.com/0xzap"},"clone_url":"https://github.com/0xzap/CVE-2026-23520.git"}]},{"cve_id":"CVE-2026-23524","repositories":[{"id":1203985771,"name":"CVE-2026-23524","full_name":"rockmelodies/CVE-2026-23524","html_url":"https://github.com/rockmelodies/CVE-2026-23524","description":"Laravel Reverb 为 Laravel 应用提供实时 WebSocket 通信后端。在 1.6.3 及更早版本中，Reverb 将来自 Redis 通道的数据直接传递给 PHP 的 unserialize() 函数，且未对可实例化的类进行限制，导致用户面临远程代码执行风险。","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-07T15:30:44Z","pushed_at":"2026-04-07T15:30:40Z","created_at":"2026-04-07T15:23:10Z","topics":[],"owner":{"login":"rockmelodies","html_url":"https://github.com/rockmelodies"},"clone_url":"https://github.com/rockmelodies/CVE-2026-23524.git"}]},{"cve_id":"CVE-2026-23550","repositories":[{"id":1152303204,"name":"Mass-CVE-2026-23550-Exploit","full_name":"dzmind2312/Mass-CVE-2026-23550-Exploit","html_url":"https://github.com/dzmind2312/Mass-CVE-2026-23550-Exploit","description":"Mass CVE-2026-23550 Exploit","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-03-05T17:54:07Z","pushed_at":"2026-02-07T17:21:44Z","created_at":"2026-02-07T17:16:32Z","topics":[],"owner":{"login":"dzmind2312","html_url":"https://github.com/dzmind2312"},"clone_url":"https://github.com/dzmind2312/Mass-CVE-2026-23550-Exploit.git"},{"id":1167707353,"name":"CVE-2026-23550","full_name":"DedsecTeam-BlackHat/CVE-2026-23550","html_url":"https://github.com/DedsecTeam-BlackHat/CVE-2026-23550","description":"","stargazers_count":1,"forks_count":0,"language":"Shell","updated_at":"2026-03-04T13:35:03Z","pushed_at":"2026-02-26T16:26:50Z","created_at":"2026-02-26T15:40:56Z","topics":[],"owner":{"login":"DedsecTeam-BlackHat","html_url":"https://github.com/DedsecTeam-BlackHat"},"clone_url":"https://github.com/DedsecTeam-BlackHat/CVE-2026-23550.git"},{"id":1144157143,"name":"By-Poloss..-..CVE-2026-23550","full_name":"O99099O/By-Poloss..-..CVE-2026-23550","html_url":"https://github.com/O99099O/By-Poloss..-..CVE-2026-23550","description":"CVE-2026-23550","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-02-06T04:05:53Z","pushed_at":"2026-02-02T15:39:46Z","created_at":"2026-01-28T11:06:53Z","topics":[],"owner":{"login":"O99099O","html_url":"https://github.com/O99099O"},"clone_url":"https://github.com/O99099O/By-Poloss..-..CVE-2026-23550.git"},{"id":1136379090,"name":"CVE-2026-23550-PoC","full_name":"TheTorjanCaptain/CVE-2026-23550-PoC","html_url":"https://github.com/TheTorjanCaptain/CVE-2026-23550-PoC","description":"CVE-2026-23550 - Modular DS WordPress Plugin **Unauthenticated Admin Access**","stargazers_count":1,"forks_count":0,"language":"Shell","updated_at":"2026-01-26T04:23:35Z","pushed_at":"2026-01-17T17:08:05Z","created_at":"2026-01-17T15:33:11Z","topics":["cve-2026-23550","cvss10","cybersecurity","poc","unauthenticated","wordpress","wordpress-plugin"],"owner":{"login":"TheTorjanCaptain","html_url":"https://github.com/TheTorjanCaptain"},"clone_url":"https://github.com/TheTorjanCaptain/CVE-2026-23550-PoC.git"},{"id":1135131922,"name":"CYBERDUDEBIVASH-Modular-DS-CVE-2026-23550-Detector","full_name":"cyberdudebivash/CYBERDUDEBIVASH-Modular-DS-CVE-2026-23550-Detector","html_url":"https://github.com/cyberdudebivash/CYBERDUDEBIVASH-Modular-DS-CVE-2026-23550-Detector","description":"authorized CYBERDUDEBIVASH ECOSYSTEM tool for detecting CVE-2026-23550 in WordPress Modular DS plugin","stargazers_count":1,"forks_count":1,"language":"Python","updated_at":"2026-01-16T17:49:46Z","pushed_at":"2026-01-15T17:24:43Z","created_at":"2026-01-15T17:23:55Z","topics":["cve-2026-23550","cyberdudebivash","cyberdudebivashecosystem","cybersecurity","vulnerability-scanner","wordpress-security"],"owner":{"login":"cyberdudebivash","html_url":"https://github.com/cyberdudebivash"},"clone_url":"https://github.com/cyberdudebivash/CYBERDUDEBIVASH-Modular-DS-CVE-2026-23550-Detector.git"},{"id":1154472684,"name":"EpSiLoNPoInT-","full_name":"epsilonpoint88-glitch/EpSiLoNPoInT-","html_url":"https://github.com/epsilonpoint88-glitch/EpSiLoNPoInT-","description":"🔴 EpSiLoNPoInT - CVE-2026-23550 Modular DS Zero-Click  **Framework d'exploitation Modular DS Admin Bypass**  ## 🎯 CVE Ciblée Principale **CVE-2026-23550** : Modular DS WordPress Plugin - 40 000+ sites affectés  - Accès admin **zéro-clic** non authentifié - `exploitmass.py` (48KB) - Exploit massif  ## Modules","stargazers_count":0,"forks_count":1,"language":"PHP","updated_at":"2026-02-10T14:52:54Z","pushed_at":"2026-02-10T14:52:50Z","created_at":"2026-02-10T12:33:19Z","topics":[],"owner":{"login":"epsilonpoint88-glitch","html_url":"https://github.com/epsilonpoint88-glitch"},"clone_url":"https://github.com/epsilonpoint88-glitch/EpSiLoNPoInT-.git"}]},{"cve_id":"CVE-2026-23552","repositories":[{"id":1153561320,"name":"CVE-2026-23552","full_name":"oscerd/CVE-2026-23552","html_url":"https://github.com/oscerd/CVE-2026-23552","description":"CVE-2026-23552 - Cross-Realm Token Acceptance in camel-keycloak","stargazers_count":0,"forks_count":0,"language":"Java","updated_at":"2026-02-18T10:26:23Z","pushed_at":"2026-02-09T12:52:02Z","created_at":"2026-02-09T12:50:28Z","topics":[],"owner":{"login":"oscerd","html_url":"https://github.com/oscerd"},"clone_url":"https://github.com/oscerd/CVE-2026-23552.git"}]},{"cve_id":"CVE-2026-23696","repositories":[{"id":1131928459,"name":"Windfall","full_name":"Chocapikk/Windfall","html_url":"https://github.com/Chocapikk/Windfall","description":"Windfall - Unauthenticated RCE exploit chain for Windmill \u0026 Nextcloud Flow (CVE-2026-29059). Path traversal + credential leak + PostgreSQL heap dump + Nextcloud AppAPI takeover.","stargazers_count":13,"forks_count":2,"language":"Ruby","updated_at":"2026-04-15T23:10:42Z","pushed_at":"2026-04-07T17:20:20Z","created_at":"2026-01-11T00:57:54Z","topics":["cve","cve-2026-22683","cve-2026-23696","cve-2026-29059","exploit","nextcloud","path-traversal","pentesting","python","rce","security","security-research","sql-injection","windmill"],"owner":{"login":"Chocapikk","html_url":"https://github.com/Chocapikk"},"clone_url":"https://github.com/Chocapikk/Windfall.git"}]},{"cve_id":"CVE-2026-23723","repositories":[{"id":1153172706,"name":"CVE-2026-23723-POC","full_name":"Ch35h1r3c47/CVE-2026-23723-POC","html_url":"https://github.com/Ch35h1r3c47/CVE-2026-23723-POC","description":"This is a lightweight Python helper script designed to automate the generation of sqlmap-compatible PoC files for the authenticated error-based SQL injection vulnerability in WeGIA (≤ 3.6.1), identified as GHSA-xfmp-2hf9-gfjp.","stargazers_count":3,"forks_count":1,"language":"Python","updated_at":"2026-02-09T06:03:55Z","pushed_at":"2026-02-09T02:13:29Z","created_at":"2026-02-09T01:43:55Z","topics":[],"owner":{"login":"Ch35h1r3c47","html_url":"https://github.com/Ch35h1r3c47"},"clone_url":"https://github.com/Ch35h1r3c47/CVE-2026-23723-POC.git"}]},{"cve_id":"CVE-2026-23744","repositories":[{"id":1138037990,"name":"CVE-2026-23744-PoC","full_name":"boroeurnprach/CVE-2026-23744-PoC","html_url":"https://github.com/boroeurnprach/CVE-2026-23744-PoC","description":"CVE-2026-23744 - Versions 1.4.2 and earlier of MCPJam inspector are vulnerable to remote code execution (RCE). Because the tool listens on 0.0.0.0 by default, an attacker can trigger the installation and execution of a malicious MCP server by sending a crafted HTTP request. Version 1.4.3 contains a patch for this issue.","stargazers_count":4,"forks_count":2,"language":"Python","updated_at":"2026-04-20T09:12:44Z","pushed_at":"2026-01-23T05:00:28Z","created_at":"2026-01-20T06:55:53Z","topics":[],"owner":{"login":"boroeurnprach","html_url":"https://github.com/boroeurnprach"},"clone_url":"https://github.com/boroeurnprach/CVE-2026-23744-PoC.git"},{"id":1193817359,"name":"CVE-2026-23744-script","full_name":"0xg00se/CVE-2026-23744-script","html_url":"https://github.com/0xg00se/CVE-2026-23744-script","description":"Exploit script for CVE-2026-23744","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-03-29T20:12:57Z","pushed_at":"2026-03-27T18:06:03Z","created_at":"2026-03-27T15:57:26Z","topics":[],"owner":{"login":"0xg00se","html_url":"https://github.com/0xg00se"},"clone_url":"https://github.com/0xg00se/CVE-2026-23744-script.git"},{"id":1192857713,"name":"CVE-2026-23744","full_name":"ctzisme/CVE-2026-23744","html_url":"https://github.com/ctzisme/CVE-2026-23744","description":"PoC for CVE-2026-23744, demonstrating an unauthenticated RCE in MCPJam Inspector (\u003c= 1.4.2).","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-03T22:10:10Z","pushed_at":"2026-03-26T22:36:49Z","created_at":"2026-03-26T16:21:22Z","topics":["cybersecurity","exploit","mcp","pentest","pentest-scripts","pentesting","poc","python","security"],"owner":{"login":"ctzisme","html_url":"https://github.com/ctzisme"},"clone_url":"https://github.com/ctzisme/CVE-2026-23744.git"},{"id":1189864734,"name":"CVE-2026-23744","full_name":"FrenzisRed/CVE-2026-23744","html_url":"https://github.com/FrenzisRed/CVE-2026-23744","description":"CVE-2026-23744 - MCPJam inspector Remote-Code-Execution: Proof Of Concept (POC","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-03-28T17:55:40Z","pushed_at":"2026-03-23T20:41:31Z","created_at":"2026-03-23T18:38:28Z","topics":[],"owner":{"login":"FrenzisRed","html_url":"https://github.com/FrenzisRed"},"clone_url":"https://github.com/FrenzisRed/CVE-2026-23744.git"},{"id":1206650375,"name":"exploit-CVE-2026-23744","full_name":"luiskrnr/exploit-CVE-2026-23744","html_url":"https://github.com/luiskrnr/exploit-CVE-2026-23744","description":"MCPJam Inspector is a local-first development platform for MCP servers. In versions 1.4.2 (and earlier), a RCE flaw lets attackers send crafted HTTP request that installs an MCP server and runs code remotely, because the service listens on 0.0.0.0 (instead of 127.0.0.1) by default.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-10T06:37:18Z","pushed_at":"2026-04-10T06:37:14Z","created_at":"2026-04-10T05:52:49Z","topics":[],"owner":{"login":"luiskrnr","html_url":"https://github.com/luiskrnr"},"clone_url":"https://github.com/luiskrnr/exploit-CVE-2026-23744.git"},{"id":1195404718,"name":"CVE-2026-23744","full_name":"CyLock11/CVE-2026-23744","html_url":"https://github.com/CyLock11/CVE-2026-23744","description":"CVE-2026-23744 - MCP Connect RCE via Unauthenticated Command Injection","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-29T16:34:12Z","pushed_at":"2026-03-29T16:31:26Z","created_at":"2026-03-29T16:26:01Z","topics":[],"owner":{"login":"CyLock11","html_url":"https://github.com/CyLock11"},"clone_url":"https://github.com/CyLock11/CVE-2026-23744.git"},{"id":1194480523,"name":"CVE-2026-23744-POC","full_name":"d3vn0mi/CVE-2026-23744-POC","html_url":"https://github.com/d3vn0mi/CVE-2026-23744-POC","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-28T17:41:38Z","pushed_at":"2026-03-28T17:41:34Z","created_at":"2026-03-28T12:17:47Z","topics":[],"owner":{"login":"d3vn0mi","html_url":"https://github.com/d3vn0mi"},"clone_url":"https://github.com/d3vn0mi/CVE-2026-23744-POC.git"},{"id":1193793261,"name":"CVE-2026-23744-POC","full_name":"fcjaviergarcia/CVE-2026-23744-POC","html_url":"https://github.com/fcjaviergarcia/CVE-2026-23744-POC","description":"Proof of Concept (PoC) exploit for CVE-2026-23744, a vulnerability affecting MCPJam Inspector that allows remote command execution (RCE) through exposed internal debugging endpoints","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-27T15:35:49Z","pushed_at":"2026-03-27T15:35:45Z","created_at":"2026-03-27T15:31:08Z","topics":[],"owner":{"login":"fcjaviergarcia","html_url":"https://github.com/fcjaviergarcia"},"clone_url":"https://github.com/fcjaviergarcia/CVE-2026-23744-POC.git"},{"id":1193724607,"name":"CVE-2026-23744","full_name":"AhmadF77/CVE-2026-23744","html_url":"https://github.com/AhmadF77/CVE-2026-23744","description":"python script for exploiting CVE-2026-23744","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-27T14:17:12Z","pushed_at":"2026-03-27T14:17:08Z","created_at":"2026-03-27T14:14:14Z","topics":[],"owner":{"login":"AhmadF77","html_url":"https://github.com/AhmadF77"},"clone_url":"https://github.com/AhmadF77/CVE-2026-23744.git"},{"id":1190946247,"name":"CVE-2026-23744","full_name":"InzegoSec/CVE-2026-23744","html_url":"https://github.com/InzegoSec/CVE-2026-23744","description":"Exploit to MCPJam Inspector \u003c=1.4.2","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-25T13:11:25Z","pushed_at":"2026-03-25T13:11:22Z","created_at":"2026-03-24T19:18:14Z","topics":[],"owner":{"login":"InzegoSec","html_url":"https://github.com/InzegoSec"},"clone_url":"https://github.com/InzegoSec/CVE-2026-23744.git"},{"id":1191196692,"name":"PoC-CVE-2026-23744","full_name":"z4yd3/PoC-CVE-2026-23744","html_url":"https://github.com/z4yd3/PoC-CVE-2026-23744","description":"Remote Code Execution on MCPJam Inspector \u003c= 1.4.2","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-29T11:38:26Z","pushed_at":"2026-03-25T04:35:44Z","created_at":"2026-03-25T02:24:21Z","topics":[],"owner":{"login":"z4yd3","html_url":"https://github.com/z4yd3"},"clone_url":"https://github.com/z4yd3/PoC-CVE-2026-23744.git"},{"id":1189010725,"name":"mcpjaminspector-unauth-rce","full_name":"fckoo/mcpjaminspector-unauth-rce","html_url":"https://github.com/fckoo/mcpjaminspector-unauth-rce","description":"CVE-2026-23744 RCE in MCPJam inspector \u003c= 1.4.2","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-23T01:05:52Z","pushed_at":"2026-03-23T01:05:49Z","created_at":"2026-03-22T21:51:46Z","topics":[],"owner":{"login":"fckoo","html_url":"https://github.com/fckoo"},"clone_url":"https://github.com/fckoo/mcpjaminspector-unauth-rce.git"},{"id":1188308083,"name":"CVE-2026-23744-Remote-Code-Execution-POC","full_name":"suljov/CVE-2026-23744-Remote-Code-Execution-POC","html_url":"https://github.com/suljov/CVE-2026-23744-Remote-Code-Execution-POC","description":"MCPJam inspector contains a remote code execution","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-22T17:21:46Z","pushed_at":"2026-03-22T17:21:42Z","created_at":"2026-03-21T22:33:03Z","topics":[],"owner":{"login":"suljov","html_url":"https://github.com/suljov"},"clone_url":"https://github.com/suljov/CVE-2026-23744-Remote-Code-Execution-POC.git"},{"id":1188403403,"name":"CVE-2026-23744-PoC","full_name":"H1sok444/CVE-2026-23744-PoC","html_url":"https://github.com/H1sok444/CVE-2026-23744-PoC","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-22T02:59:54Z","pushed_at":"2026-03-22T02:59:51Z","created_at":"2026-03-22T02:53:22Z","topics":[],"owner":{"login":"H1sok444","html_url":"https://github.com/H1sok444"},"clone_url":"https://github.com/H1sok444/CVE-2026-23744-PoC.git"},{"id":1158918207,"name":"CVE-2026-23744-Lab","full_name":"rootdirective-sec/CVE-2026-23744-Lab","html_url":"https://github.com/rootdirective-sec/CVE-2026-23744-Lab","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-16T04:48:58Z","pushed_at":"2026-02-16T04:48:54Z","created_at":"2026-02-16T04:43:21Z","topics":[],"owner":{"login":"rootdirective-sec","html_url":"https://github.com/rootdirective-sec"},"clone_url":"https://github.com/rootdirective-sec/CVE-2026-23744-Lab.git"}]},{"cve_id":"CVE-2026-23745","repositories":[{"id":1136175437,"name":"CVE-2026-23745","full_name":"Jvr2022/CVE-2026-23745","html_url":"https://github.com/Jvr2022/CVE-2026-23745","description":"Proof of Concept for CVE-2026-23745: Arbitrary File Overwrite vulnerability in node-tar (versions \u003c 7.5.3).","stargazers_count":21,"forks_count":3,"language":"JavaScript","updated_at":"2026-02-04T11:24:56Z","pushed_at":"2026-01-17T16:48:42Z","created_at":"2026-01-17T07:45:42Z","topics":["arbitrary-file-overwrite","cve","cve-2026-23745","node-tar","path-traversal","poc","security-research","symlink-poisoning","vulnerability"],"owner":{"login":"Jvr2022","html_url":"https://github.com/Jvr2022"},"clone_url":"https://github.com/Jvr2022/CVE-2026-23745.git"},{"id":1192556809,"name":"CVE-2026-23745-via-graphql-DEMO","full_name":"Novem13th/CVE-2026-23745-via-graphql-DEMO","html_url":"https://github.com/Novem13th/CVE-2026-23745-via-graphql-DEMO","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-26T11:01:48Z","pushed_at":"2026-03-26T11:01:34Z","created_at":"2026-03-26T10:34:18Z","topics":[],"owner":{"login":"Novem13th","html_url":"https://github.com/Novem13th"},"clone_url":"https://github.com/Novem13th/CVE-2026-23745-via-graphql-DEMO.git"}]},{"cve_id":"CVE-2026-23760","repositories":[{"id":1141194973,"name":"smartermail-CVE-2026-23760-poc","full_name":"MaxMnMl/smartermail-CVE-2026-23760-poc","html_url":"https://github.com/MaxMnMl/smartermail-CVE-2026-23760-poc","description":"CVE-2026-23760 - An authentication bypass via password reset API in SmarterMail.","stargazers_count":3,"forks_count":1,"language":"","updated_at":"2026-04-15T12:00:58Z","pushed_at":"2026-01-24T13:39:14Z","created_at":"2026-01-24T12:30:34Z","topics":[],"owner":{"login":"MaxMnMl","html_url":"https://github.com/MaxMnMl"},"clone_url":"https://github.com/MaxMnMl/smartermail-CVE-2026-23760-poc.git"}]},{"cve_id":"CVE-2026-23829","repositories":[{"id":1161335669,"name":"-CVE-2026-23829-CTT-Mailpit-phase-reconstruction-","full_name":"SimoesCTT/-CVE-2026-23829-CTT-Mailpit-phase-reconstruction-","html_url":"https://github.com/SimoesCTT/-CVE-2026-23829-CTT-Mailpit-phase-reconstruction-","description":"It's a CRLF injection in Mailpit's SMTP server — a classic data corruption vulnerability. But under CTT, it's not just a bug. It's a phase reconstruction opportunity.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-19T02:27:09Z","pushed_at":"2026-02-19T02:27:06Z","created_at":"2026-02-19T01:47:20Z","topics":[],"owner":{"login":"SimoesCTT","html_url":"https://github.com/SimoesCTT"},"clone_url":"https://github.com/SimoesCTT/-CVE-2026-23829-CTT-Mailpit-phase-reconstruction-.git"},{"id":1143864229,"name":"CTT-Mailpit-RCE-v1.0---Temporal-Resonance-Mail-Server-Takeover","full_name":"SimoesCTT/CTT-Mailpit-RCE-v1.0---Temporal-Resonance-Mail-Server-Takeover","html_url":"https://github.com/SimoesCTT/CTT-Mailpit-RCE-v1.0---Temporal-Resonance-Mail-Server-Takeover","description":"FROM HEADER INJECTION TO FULL RCE DOMINANCE  The Original Flaw (CVE-2026-23829)  · CVSS: 6.1/10 (Medium) - Header injection via regex bypass · Impact: Email spoofing, limited header manipulation · Reality: Boring, basic, barely worth weaponizing  CTT Enhancement Revelation","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-28T03:31:32Z","pushed_at":"2026-01-28T03:31:29Z","created_at":"2026-01-28T03:28:04Z","topics":[],"owner":{"login":"SimoesCTT","html_url":"https://github.com/SimoesCTT"},"clone_url":"https://github.com/SimoesCTT/CTT-Mailpit-RCE-v1.0---Temporal-Resonance-Mail-Server-Takeover.git"}]},{"cve_id":"CVE-2026-23830","repositories":[{"id":1144211283,"name":"CVE-2026-23830-SandBreak","full_name":"Galaxy-sc/CVE-2026-23830-SandBreak","html_url":"https://github.com/Galaxy-sc/CVE-2026-23830-SandBreak","description":"","stargazers_count":2,"forks_count":0,"language":"Go","updated_at":"2026-02-12T07:01:40Z","pushed_at":"2026-02-12T07:01:37Z","created_at":"2026-01-28T12:32:07Z","topics":[],"owner":{"login":"Galaxy-sc","html_url":"https://github.com/Galaxy-sc"},"clone_url":"https://github.com/Galaxy-sc/CVE-2026-23830-SandBreak.git"}]},{"cve_id":"CVE-2026-23842","repositories":[{"id":1169798784,"name":"CVE-2026-23842-Denial-of-Service-via-Database-Connection-Pool-Exhaustion-version-1.2.10","full_name":"AdityaBhatt3010/CVE-2026-23842-Denial-of-Service-via-Database-Connection-Pool-Exhaustion-version-1.2.10","html_url":"https://github.com/AdityaBhatt3010/CVE-2026-23842-Denial-of-Service-via-Database-Connection-Pool-Exhaustion-version-1.2.10","description":"CVE-2026-23842 — High severity Denial-of-Service vulnerability caused by SQLAlchemy connection pool exhaustion in concurrent get_response() calls in ChatterBot ≤ 1.2.10.","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-03-05T20:19:02Z","pushed_at":"2026-03-01T08:33:07Z","created_at":"2026-03-01T08:23:17Z","topics":["chatterbot","cve","cybersecurity","dos","exploit","race-conditions"],"owner":{"login":"AdityaBhatt3010","html_url":"https://github.com/AdityaBhatt3010"},"clone_url":"https://github.com/AdityaBhatt3010/CVE-2026-23842-Denial-of-Service-via-Database-Connection-Pool-Exhaustion-version-1.2.10.git"}]},{"cve_id":"CVE-2026-23869","repositories":[{"id":1207561092,"name":"CVE-2026-23869-Exploit","full_name":"cybertechajju/CVE-2026-23869-Exploit","html_url":"https://github.com/cybertechajju/CVE-2026-23869-Exploit","description":"","stargazers_count":6,"forks_count":1,"language":"Python","updated_at":"2026-04-13T18:12:29Z","pushed_at":"2026-04-11T05:19:55Z","created_at":"2026-04-11T05:00:48Z","topics":[],"owner":{"login":"cybertechajju","html_url":"https://github.com/cybertechajju"},"clone_url":"https://github.com/cybertechajju/CVE-2026-23869-Exploit.git"},{"id":1206678402,"name":"CVE-2026-23869","full_name":"yohannslm/CVE-2026-23869","html_url":"https://github.com/yohannslm/CVE-2026-23869","description":"POC for CVE-2026-23869","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-10T14:31:42Z","pushed_at":"2026-04-10T14:31:38Z","created_at":"2026-04-10T06:34:17Z","topics":[],"owner":{"login":"yohannslm","html_url":"https://github.com/yohannslm"},"clone_url":"https://github.com/yohannslm/CVE-2026-23869.git"}]},{"cve_id":"CVE-2026-23885","repositories":[{"id":1138141098,"name":"CVE-2026-23885","full_name":"TheDeepOpc/CVE-2026-23885","html_url":"https://github.com/TheDeepOpc/CVE-2026-23885","description":"","stargazers_count":0,"forks_count":1,"language":"","updated_at":"2026-01-20T10:01:33Z","pushed_at":"2026-01-20T10:00:53Z","created_at":"2026-01-20T09:44:29Z","topics":[],"owner":{"login":"TheDeepOpc","html_url":"https://github.com/TheDeepOpc"},"clone_url":"https://github.com/TheDeepOpc/CVE-2026-23885.git"}]},{"cve_id":"CVE-2026-23907","repositories":[{"id":1143204957,"name":"CVE-2026-23907","full_name":"JoakimBulow/CVE-2026-23907","html_url":"https://github.com/JoakimBulow/CVE-2026-23907","description":"CVE-2026-23907 - pdfbox - Path Traversal","stargazers_count":0,"forks_count":0,"language":"Java","updated_at":"2026-03-10T18:01:15Z","pushed_at":"2026-01-27T10:00:26Z","created_at":"2026-01-27T09:43:26Z","topics":[],"owner":{"login":"JoakimBulow","html_url":"https://github.com/JoakimBulow"},"clone_url":"https://github.com/JoakimBulow/CVE-2026-23907.git"}]},{"cve_id":"CVE-2026-23947","repositories":[{"id":1138854185,"name":"CVE-2026-23947-PoC","full_name":"boroeurnprach/CVE-2026-23947-PoC","html_url":"https://github.com/boroeurnprach/CVE-2026-23947-PoC","description":"CVE-2026-23947 - Orval Arbitrary Code Execution","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-01-21T08:55:37Z","pushed_at":"2026-01-21T08:05:07Z","created_at":"2026-01-21T07:48:22Z","topics":[],"owner":{"login":"boroeurnprach","html_url":"https://github.com/boroeurnprach"},"clone_url":"https://github.com/boroeurnprach/CVE-2026-23947-PoC.git"}]},{"cve_id":"CVE-2026-2395","repositories":[{"id":1139526716,"name":"CVE-2026-2395","full_name":"dajneem23/CVE-2026-2395","html_url":"https://github.com/dajneem23/CVE-2026-2395","description":"CVE-2026-2395: Tar race file collision ","stargazers_count":0,"forks_count":0,"language":"JavaScript","updated_at":"2026-01-22T04:32:38Z","pushed_at":"2026-01-22T04:31:59Z","created_at":"2026-01-22T04:28:48Z","topics":[],"owner":{"login":"dajneem23","html_url":"https://github.com/dajneem23"},"clone_url":"https://github.com/dajneem23/CVE-2026-2395.git"}]},{"cve_id":"CVE-2026-23980","repositories":[{"id":1208670928,"name":"CVE-2026-23980-Exploit","full_name":"oscar-mine/CVE-2026-23980-Exploit","html_url":"https://github.com/oscar-mine/CVE-2026-23980-Exploit","description":"Exploit for CVE-2026-23980 — Authenticated error-based SQL injection in Apache Superset \u003c 6.0.0 via sqlExpression bypass","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-12T15:45:15Z","pushed_at":"2026-04-12T15:44:42Z","created_at":"2026-04-12T15:44:33Z","topics":[],"owner":{"login":"oscar-mine","html_url":"https://github.com/oscar-mine"},"clone_url":"https://github.com/oscar-mine/CVE-2026-23980-Exploit.git"}]},{"cve_id":"CVE-2026-24009","repositories":[{"id":1167441958,"name":"docling-core-CVE-2026-24009","full_name":"BiranPeretz/docling-core-CVE-2026-24009","html_url":"https://github.com/BiranPeretz/docling-core-CVE-2026-24009","description":"Technical write-up and PoC for CVE-2026-24009, demonstrating unsafe YAML loading in docling-core and practical mitigation paths.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-26T11:08:33Z","pushed_at":"2026-02-26T11:08:29Z","created_at":"2026-02-26T09:49:17Z","topics":[],"owner":{"login":"BiranPeretz","html_url":"https://github.com/BiranPeretz"},"clone_url":"https://github.com/BiranPeretz/docling-core-CVE-2026-24009.git"}]},{"cve_id":"CVE-2026-24018","repositories":[{"id":1192384285,"name":"Fortinet_FortiClient_Exploit_CVE-2026-24018","full_name":"febin0x10/Fortinet_FortiClient_Exploit_CVE-2026-24018","html_url":"https://github.com/febin0x10/Fortinet_FortiClient_Exploit_CVE-2026-24018","description":"Fully Working Exploit for CVE-2026-24018: A UNIX symbolic link (Symlink) following vulnerability in Fortinet FortiClientLinux 7.4.0 through 7.4.4, FortiClientLinux 7.2.2 through 7.2.12 leads to a local and unprivileged user to escalate their privileges to root.","stargazers_count":2,"forks_count":0,"language":"Shell","updated_at":"2026-04-04T09:06:00Z","pushed_at":"2026-03-26T07:01:33Z","created_at":"2026-03-26T06:51:39Z","topics":[],"owner":{"login":"febin0x10","html_url":"https://github.com/febin0x10"},"clone_url":"https://github.com/febin0x10/Fortinet_FortiClient_Exploit_CVE-2026-24018.git"}]},{"cve_id":"CVE-2026-24049","repositories":[{"id":1150238750,"name":"wheelaudit","full_name":"kriskimmerle/wheelaudit","html_url":"https://github.com/kriskimmerle/wheelaudit","description":"Python Wheel File Security Scanner — scan .whl files for security issues before installation. Detects path traversal (CVE-2026-24049), RECORD tampering, command shadowing, secrets, zip bombs. Zero deps.","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-02-26T12:08:01Z","pushed_at":"2026-02-26T12:07:57Z","created_at":"2026-02-05T03:32:03Z","topics":[],"owner":{"login":"kriskimmerle","html_url":"https://github.com/kriskimmerle"},"clone_url":"https://github.com/kriskimmerle/wheelaudit.git"}]},{"cve_id":"CVE-2026-2406","repositories":[{"id":1145881675,"name":"Terrminus-CVE-2026-2406","full_name":"ridpath/Terrminus-CVE-2026-2406","html_url":"https://github.com/ridpath/Terrminus-CVE-2026-2406","description":" AsyncIO Scanner \u0026 Exploitation Framework for CVE-2026-24061 (Telnet NEW_ENVIRON Auth Bypass). Features high-concurrency discovery, passive fingerprinting, and authorized root shell escalation","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-04-09T10:42:42Z","pushed_at":"2026-01-30T20:26:46Z","created_at":"2026-01-30T10:33:34Z","topics":["cve-2026-24061","cybersecurity-tools","pentesting-tools","privelage-escalation","python-asyncio","rce","red-teaming","red-teaming-tools","telnet-exploit","telnet-scanner","vulnerability-scanners"],"owner":{"login":"ridpath","html_url":"https://github.com/ridpath"},"clone_url":"https://github.com/ridpath/Terrminus-CVE-2026-2406.git"},{"id":967261651,"name":"Terrminus-CVE-2026-2406","full_name":"hyu164/Terrminus-CVE-2026-2406","html_url":"https://github.com/hyu164/Terrminus-CVE-2026-2406","description":"🔍 Analyze and detect CVE-2026-2406 vulnerabilities in Telnet to enhance security and prevent unauthorized access with this professional research engine.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-29T11:49:48Z","pushed_at":"2026-04-29T11:49:45Z","created_at":"2025-04-16T07:20:12Z","topics":["cve-2026-24061","cybersecurity-tools","pentesting-tools","privelage-escalation","python-asyncio","rce","red-teaming","red-teaming-tools","telnet-exploit","telnet-scanner","vulnerability-scanners"],"owner":{"login":"hyu164","html_url":"https://github.com/hyu164"},"clone_url":"https://github.com/hyu164/Terrminus-CVE-2026-2406.git"},{"id":1156104900,"name":"hyu164.github.io","full_name":"hyu164/hyu164.github.io","html_url":"https://github.com/hyu164/hyu164.github.io","description":"🔍 Analyze and detect CVE-2026-2406 vulnerabilities in Telnet with this powerful research engine designed for security experts and pentesters.","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-19T09:47:45Z","pushed_at":"2026-02-19T09:47:41Z","created_at":"2026-02-12T09:11:40Z","topics":[],"owner":{"login":"hyu164","html_url":"https://github.com/hyu164"},"clone_url":"https://github.com/hyu164/hyu164.github.io.git"},{"id":1145930302,"name":"CTT-Sovereign-Vortex","full_name":"SimoesCTT/CTT-Sovereign-Vortex","html_url":"https://github.com/SimoesCTT/CTT-Sovereign-Vortex","description":"CTT-Terrminus-Vortex (CVE-2026-2406)","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-30T11:59:32Z","pushed_at":"2026-01-30T11:59:28Z","created_at":"2026-01-30T11:56:44Z","topics":[],"owner":{"login":"SimoesCTT","html_url":"https://github.com/SimoesCTT"},"clone_url":"https://github.com/SimoesCTT/CTT-Sovereign-Vortex.git"}]},{"cve_id":"CVE-2026-24061","repositories":[{"id":1140031758,"name":"CVE-2026-24061","full_name":"SafeBreach-Labs/CVE-2026-24061","html_url":"https://github.com/SafeBreach-Labs/CVE-2026-24061","description":"Exploitation of CVE-2026-24061","stargazers_count":204,"forks_count":45,"language":"Python","updated_at":"2026-04-24T08:24:29Z","pushed_at":"2026-01-22T19:37:20Z","created_at":"2026-01-22T18:30:17Z","topics":[],"owner":{"login":"SafeBreach-Labs","html_url":"https://github.com/SafeBreach-Labs"},"clone_url":"https://github.com/SafeBreach-Labs/CVE-2026-24061.git"},{"id":1139871873,"name":"CVE-2026-24061-POC","full_name":"JayGLXR/CVE-2026-24061-POC","html_url":"https://github.com/JayGLXR/CVE-2026-24061-POC","description":"","stargazers_count":66,"forks_count":11,"language":"Python","updated_at":"2026-04-17T19:08:51Z","pushed_at":"2026-01-22T14:33:43Z","created_at":"2026-01-22T14:27:50Z","topics":[],"owner":{"login":"JayGLXR","html_url":"https://github.com/JayGLXR"},"clone_url":"https://github.com/JayGLXR/CVE-2026-24061-POC.git"},{"id":1139842961,"name":"Tell-Me-Root","full_name":"parameciumzhang/Tell-Me-Root","html_url":"https://github.com/parameciumzhang/Tell-Me-Root","description":"基于cve-2026-24061 telnet远程认证绕过漏洞的批量检测利用工具","stargazers_count":20,"forks_count":4,"language":"Python","updated_at":"2026-04-11T14:23:21Z","pushed_at":"2026-01-23T08:08:59Z","created_at":"2026-01-22T13:44:54Z","topics":[],"owner":{"login":"parameciumzhang","html_url":"https://github.com/parameciumzhang"},"clone_url":"https://github.com/parameciumzhang/Tell-Me-Root.git"},{"id":1142358914,"name":"CVE-2026-24061-GUI","full_name":"Lingzesec/CVE-2026-24061-GUI","html_url":"https://github.com/Lingzesec/CVE-2026-24061-GUI","description":"CVE-2026-24061 GNU Inetutils telnetd 身份验证绕过漏洞检测与利用 GUI 工具","stargazers_count":15,"forks_count":1,"language":"Python","updated_at":"2026-04-28T06:29:56Z","pushed_at":"2026-01-28T02:28:40Z","created_at":"2026-01-26T09:58:04Z","topics":[],"owner":{"login":"Lingzesec","html_url":"https://github.com/Lingzesec"},"clone_url":"https://github.com/Lingzesec/CVE-2026-24061-GUI.git"},{"id":1139869296,"name":"CVE-2026-24061","full_name":"Chocapikk/CVE-2026-24061","html_url":"https://github.com/Chocapikk/CVE-2026-24061","description":"","stargazers_count":10,"forks_count":3,"language":"Go","updated_at":"2026-04-22T13:57:29Z","pushed_at":"2026-01-22T15:15:10Z","created_at":"2026-01-22T14:24:19Z","topics":[],"owner":{"login":"Chocapikk","html_url":"https://github.com/Chocapikk"},"clone_url":"https://github.com/Chocapikk/CVE-2026-24061.git"},{"id":1138966777,"name":"inetutils-telnetd-auth-bypass","full_name":"leonjza/inetutils-telnetd-auth-bypass","html_url":"https://github.com/leonjza/inetutils-telnetd-auth-bypass","description":"A small docker lab to play with cve-2026-24061, the inetutils-telnetd authentication bypass.","stargazers_count":9,"forks_count":0,"language":"Dockerfile","updated_at":"2026-03-18T07:12:22Z","pushed_at":"2026-01-22T09:25:30Z","created_at":"2026-01-21T10:49:17Z","topics":["auth","bypass","cve-2026-24061","telnet"],"owner":{"login":"leonjza","html_url":"https://github.com/leonjza"},"clone_url":"https://github.com/leonjza/inetutils-telnetd-auth-bypass.git"},{"id":1139735177,"name":"CVE-2026-24061","full_name":"TryA9ain/CVE-2026-24061","html_url":"https://github.com/TryA9ain/CVE-2026-24061","description":"CVE-2026-24061 Batch Scanning Tool","stargazers_count":8,"forks_count":4,"language":"Python","updated_at":"2026-04-17T19:08:48Z","pushed_at":"2026-01-22T10:53:22Z","created_at":"2026-01-22T10:48:22Z","topics":[],"owner":{"login":"TryA9ain","html_url":"https://github.com/TryA9ain"},"clone_url":"https://github.com/TryA9ain/CVE-2026-24061.git"},{"id":1140098827,"name":"CVE-2026-24061","full_name":"h3athen/CVE-2026-24061","html_url":"https://github.com/h3athen/CVE-2026-24061","description":"CVE-2026-24061 - Exploit","stargazers_count":7,"forks_count":1,"language":"Python","updated_at":"2026-01-28T18:35:51Z","pushed_at":"2026-01-22T20:39:11Z","created_at":"2026-01-22T20:33:24Z","topics":[],"owner":{"login":"h3athen","html_url":"https://github.com/h3athen"},"clone_url":"https://github.com/h3athen/CVE-2026-24061.git"},{"id":1141353816,"name":"CVE-2026-24061-POC","full_name":"0p5cur/CVE-2026-24061-POC","html_url":"https://github.com/0p5cur/CVE-2026-24061-POC","description":"CVE-2026-24061's poc : a critical authentication bypass in telnetd leading to RCE as root Affects systems with telnetd versions containing the vulnerability from 2015 onwards.","stargazers_count":5,"forks_count":4,"language":"Python","updated_at":"2026-04-17T19:08:52Z","pushed_at":"2026-02-19T13:34:28Z","created_at":"2026-01-24T17:54:40Z","topics":["cve","cve-2026-24061","poc","rce","root","telnet","telnet-server","unauthenticated-rce"],"owner":{"login":"0p5cur","html_url":"https://github.com/0p5cur"},"clone_url":"https://github.com/0p5cur/CVE-2026-24061-POC.git"},{"id":1140733735,"name":"CVE-2026-24061","full_name":"SystemVll/CVE-2026-24061","html_url":"https://github.com/SystemVll/CVE-2026-24061","description":"Proof of Concept: CVE-2026-24061 is a critical authentication bypass vulnerability in GNU inetutils-telnetd allowing unauthenticated remote attackers to gain instant root shell access via malicious NEW_ENVIRON telnet option exploitation.","stargazers_count":5,"forks_count":1,"language":"Python","updated_at":"2026-02-16T07:46:24Z","pushed_at":"2026-01-23T17:34:47Z","created_at":"2026-01-23T17:26:43Z","topics":["auth-bypass","cve","cve-2026-24061","cwe","exploit","flaw","nuclei","poc","proof-of-concept","telnet","telnetd"],"owner":{"login":"SystemVll","html_url":"https://github.com/SystemVll"},"clone_url":"https://github.com/SystemVll/CVE-2026-24061.git"},{"id":1192668335,"name":"telnet_scan","full_name":"ekomsSavior/telnet_scan","html_url":"https://github.com/ekomsSavior/telnet_scan","description":"scanner/exploiter CVE-2026-24061 \u0026 CVE-2026-32746","stargazers_count":4,"forks_count":2,"language":"Python","updated_at":"2026-04-10T00:31:58Z","pushed_at":"2026-03-26T13:36:38Z","created_at":"2026-03-26T12:52:57Z","topics":[],"owner":{"login":"ekomsSavior","html_url":"https://github.com/ekomsSavior"},"clone_url":"https://github.com/ekomsSavior/telnet_scan.git"},{"id":1148398832,"name":"CVE-2026-24061-PoC","full_name":"ibrahmsql/CVE-2026-24061-PoC","html_url":"https://github.com/ibrahmsql/CVE-2026-24061-PoC","description":"CVE-2026-24061  PoC and walkthrough","stargazers_count":4,"forks_count":0,"language":"Python","updated_at":"2026-03-28T15:21:08Z","pushed_at":"2026-02-02T23:31:32Z","created_at":"2026-02-02T23:20:01Z","topics":[],"owner":{"login":"ibrahmsql","html_url":"https://github.com/ibrahmsql"},"clone_url":"https://github.com/ibrahmsql/CVE-2026-24061-PoC.git"},{"id":1141454492,"name":"Twenty-Three-Scanner","full_name":"madfxr/Twenty-Three-Scanner","html_url":"https://github.com/madfxr/Twenty-Three-Scanner","description":"CVE-2026-24061 - GNU InetUtils Telnetd Remote Authentication Bypass","stargazers_count":4,"forks_count":0,"language":"Python","updated_at":"2026-04-13T07:15:24Z","pushed_at":"2026-01-31T00:49:53Z","created_at":"2026-01-24T21:47:29Z","topics":["cve-2026-24061","ethical-hacking","exploit","gnu","inetutils","linux","offensive-security","poc","python","rce","red-team","telnetd"],"owner":{"login":"madfxr","html_url":"https://github.com/madfxr"},"clone_url":"https://github.com/madfxr/Twenty-Three-Scanner.git"},{"id":1147892492,"name":"CVE_2026_24061","full_name":"franckferman/CVE_2026_24061","html_url":"https://github.com/franckferman/CVE_2026_24061","description":" GNU InetUtils telnetd - Unauthenticated Remote Root via NEW-ENVIRON Variable Injection.","stargazers_count":3,"forks_count":0,"language":"Python","updated_at":"2026-04-20T11:42:26Z","pushed_at":"2026-03-27T13:51:19Z","created_at":"2026-02-02T10:30:25Z","topics":["authentication-bypass","cve","cve-2026-24061","cves","exploit","exploitation","exploiting","inetutils","redteam","root-exploit","telnet","telnet-exploit","telnet-hacking","telnetd","telnetd-rce","vulnerability","vulnerability-detection","vulnerability-research","vulnerability-scanner","vulnerability-scanners"],"owner":{"login":"franckferman","html_url":"https://github.com/franckferman"},"clone_url":"https://github.com/franckferman/CVE_2026_24061.git"},{"id":1141386138,"name":"CVE-2026-24061-setup","full_name":"shivam-bathla/CVE-2026-24061-setup","html_url":"https://github.com/shivam-bathla/CVE-2026-24061-setup","description":"Docker setup for CVE-2026-24061","stargazers_count":3,"forks_count":1,"language":"Dockerfile","updated_at":"2026-01-28T18:02:48Z","pushed_at":"2026-01-24T19:11:03Z","created_at":"2026-01-24T19:03:06Z","topics":[],"owner":{"login":"shivam-bathla","html_url":"https://github.com/shivam-bathla"},"clone_url":"https://github.com/shivam-bathla/CVE-2026-24061-setup.git"},{"id":1140236389,"name":"CVE-2026-24061","full_name":"xuemian168/CVE-2026-24061","html_url":"https://github.com/xuemian168/CVE-2026-24061","description":"","stargazers_count":3,"forks_count":0,"language":"Dockerfile","updated_at":"2026-04-20T10:02:23Z","pushed_at":"2026-01-23T02:30:36Z","created_at":"2026-01-23T02:14:15Z","topics":[],"owner":{"login":"xuemian168","html_url":"https://github.com/xuemian168"},"clone_url":"https://github.com/xuemian168/CVE-2026-24061.git"},{"id":1209139272,"name":"vuln-deb","full_name":"RStephanH/vuln-deb","html_url":"https://github.com/RStephanH/vuln-deb","description":"A vulnerable Debian-based VM for practising exploitation of CVE-2026-24061","stargazers_count":2,"forks_count":0,"language":"Shell","updated_at":"2026-04-18T08:49:46Z","pushed_at":"2026-04-18T08:47:54Z","created_at":"2026-04-13T06:10:33Z","topics":[],"owner":{"login":"RStephanH","html_url":"https://github.com/RStephanH"},"clone_url":"https://github.com/RStephanH/vuln-deb.git"},{"id":1145881675,"name":"Terrminus-CVE-2026-2406","full_name":"ridpath/Terrminus-CVE-2026-2406","html_url":"https://github.com/ridpath/Terrminus-CVE-2026-2406","description":" AsyncIO Scanner \u0026 Exploitation Framework for CVE-2026-24061 (Telnet NEW_ENVIRON Auth Bypass). Features high-concurrency discovery, passive fingerprinting, and authorized root shell escalation","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-04-09T10:42:42Z","pushed_at":"2026-01-30T20:26:46Z","created_at":"2026-01-30T10:33:34Z","topics":["cve-2026-24061","cybersecurity-tools","pentesting-tools","privelage-escalation","python-asyncio","rce","red-teaming","red-teaming-tools","telnet-exploit","telnet-scanner","vulnerability-scanners"],"owner":{"login":"ridpath","html_url":"https://github.com/ridpath"},"clone_url":"https://github.com/ridpath/Terrminus-CVE-2026-2406.git"},{"id":1139928415,"name":"CVE-2026-24061--telnetd","full_name":"yanxinwu946/CVE-2026-24061--telnetd","html_url":"https://github.com/yanxinwu946/CVE-2026-24061--telnetd","description":"GNU InetUtils telnetd 远程身份认证绕过漏洞（CVE-2026-24061），此漏洞主要影响 telnetd 在调用系统 /usr/bin/login 程序时，未对从客户端 USER 环境变量传入的用户名做过滤，直接拼接到 login 命令行。未经授权的远程攻击者可利用该缺陷，在无需任何口令的情况下直接获取目标主机的 root shell。","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-04-09T06:37:17Z","pushed_at":"2026-01-26T15:07:56Z","created_at":"2026-01-22T15:49:14Z","topics":[],"owner":{"login":"yanxinwu946","html_url":"https://github.com/yanxinwu946"},"clone_url":"https://github.com/yanxinwu946/CVE-2026-24061--telnetd.git"},{"id":1139728682,"name":"CVE-2026-24061---telnetd","full_name":"duy-31/CVE-2026-24061---telnetd","html_url":"https://github.com/duy-31/CVE-2026-24061---telnetd","description":"Bypass d’authentification Telnet menant à un accès root","stargazers_count":2,"forks_count":1,"language":"Python","updated_at":"2026-01-25T09:55:09Z","pushed_at":"2026-01-25T09:55:06Z","created_at":"2026-01-22T10:38:31Z","topics":[],"owner":{"login":"duy-31","html_url":"https://github.com/duy-31"},"clone_url":"https://github.com/duy-31/CVE-2026-24061---telnetd.git"},{"id":1140546327,"name":"CVE-2026-24061","full_name":"balgan/CVE-2026-24061","html_url":"https://github.com/balgan/CVE-2026-24061","description":"inetutils-telnetd Authentication Bypass - working","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-03-02T12:09:30Z","pushed_at":"2026-01-23T12:36:38Z","created_at":"2026-01-23T12:33:03Z","topics":[],"owner":{"login":"balgan","html_url":"https://github.com/balgan"},"clone_url":"https://github.com/balgan/CVE-2026-24061.git"},{"id":1177128778,"name":"CVE-2026-24061","full_name":"0xBlackash/CVE-2026-24061","html_url":"https://github.com/0xBlackash/CVE-2026-24061","description":"CVE-2026-24061","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-03-18T05:35:07Z","pushed_at":"2026-03-09T19:26:01Z","created_at":"2026-03-09T18:12:43Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-24061.git"},{"id":1171299106,"name":"telnetd","full_name":"setuju/telnetd","html_url":"https://github.com/setuju/telnetd","description":"Idk what to do here, ill edit soon, but its for the telnetd CVE-2026-24061","stargazers_count":1,"forks_count":0,"language":"Perl","updated_at":"2026-04-02T11:47:27Z","pushed_at":"2026-03-03T04:33:38Z","created_at":"2026-03-03T04:31:50Z","topics":[],"owner":{"login":"setuju","html_url":"https://github.com/setuju"},"clone_url":"https://github.com/setuju/telnetd.git"},{"id":1147490725,"name":"CVE-2026-24061_POC","full_name":"X-croot/CVE-2026-24061_POC","html_url":"https://github.com/X-croot/CVE-2026-24061_POC","description":"POC Script for CVE-2026-24061 (GNU Telnetd Exploit) ","stargazers_count":1,"forks_count":0,"language":"Shell","updated_at":"2026-03-01T13:09:32Z","pushed_at":"2026-02-01T21:01:36Z","created_at":"2026-02-01T20:32:26Z","topics":["cve-2026-24061","exploit","poc","telnet-exploit","telnetd-rce"],"owner":{"login":"X-croot","html_url":"https://github.com/X-croot"},"clone_url":"https://github.com/X-croot/CVE-2026-24061_POC.git"},{"id":1144639519,"name":"telnetd_CVE-2026-24061_tester","full_name":"dotelpenguin/telnetd_CVE-2026-24061_tester","html_url":"https://github.com/dotelpenguin/telnetd_CVE-2026-24061_tester","description":"Checks for CVE-2026-24061 Telnetd exploit","stargazers_count":1,"forks_count":1,"language":"Python","updated_at":"2026-01-29T17:16:33Z","pushed_at":"2026-01-28T22:38:00Z","created_at":"2026-01-28T22:03:09Z","topics":[],"owner":{"login":"dotelpenguin","html_url":"https://github.com/dotelpenguin"},"clone_url":"https://github.com/dotelpenguin/telnetd_CVE-2026-24061_tester.git"},{"id":1143844756,"name":"GNU-Inetutils-telnet-CVE-2026-24061-","full_name":"MY0723/GNU-Inetutils-telnet-CVE-2026-24061-","html_url":"https://github.com/MY0723/GNU-Inetutils-telnet-CVE-2026-24061-","description":"GNU Inetutils telnet远程认证绕过漏洞(CVE-2026-24061)，该漏洞源于 GNU Inetutils telnetd 组件中对环境变量处理不当，攻击者可利用该漏洞，通过构造恶意的 USER 环境变量并发送至受影响的 telnet 服务，触发认证绕过机制，进而实现无需密码直接获取root权限。","stargazers_count":1,"forks_count":1,"language":"","updated_at":"2026-04-15T01:01:50Z","pushed_at":"2026-01-28T03:02:37Z","created_at":"2026-01-28T02:54:23Z","topics":[],"owner":{"login":"MY0723","html_url":"https://github.com/MY0723"},"clone_url":"https://github.com/MY0723/GNU-Inetutils-telnet-CVE-2026-24061-.git"},{"id":1143158630,"name":"CVE-2026-24061-telnet2root","full_name":"FurkanKAYAPINAR/CVE-2026-24061-telnet2root","html_url":"https://github.com/FurkanKAYAPINAR/CVE-2026-24061-telnet2root","description":"","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-01-27T19:04:20Z","pushed_at":"2026-01-27T08:39:02Z","created_at":"2026-01-27T08:32:42Z","topics":[],"owner":{"login":"FurkanKAYAPINAR","html_url":"https://github.com/FurkanKAYAPINAR"},"clone_url":"https://github.com/FurkanKAYAPINAR/CVE-2026-24061-telnet2root.git"},{"id":1141735351,"name":"CVE-2026-24061","full_name":"infat0x/CVE-2026-24061","html_url":"https://github.com/infat0x/CVE-2026-24061","description":"CVE-2026-24061 PoC","stargazers_count":1,"forks_count":0,"language":"C","updated_at":"2026-01-25T19:13:39Z","pushed_at":"2026-01-25T10:45:43Z","created_at":"2026-01-25T10:40:00Z","topics":[],"owner":{"login":"infat0x","html_url":"https://github.com/infat0x"},"clone_url":"https://github.com/infat0x/CVE-2026-24061.git"},{"id":967261651,"name":"Terrminus-CVE-2026-2406","full_name":"hyu164/Terrminus-CVE-2026-2406","html_url":"https://github.com/hyu164/Terrminus-CVE-2026-2406","description":"🔍 Analyze and detect CVE-2026-2406 vulnerabilities in Telnet to enhance security and prevent unauthorized access with this professional research engine.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-29T11:49:48Z","pushed_at":"2026-04-29T11:49:45Z","created_at":"2025-04-16T07:20:12Z","topics":["cve-2026-24061","cybersecurity-tools","pentesting-tools","privelage-escalation","python-asyncio","rce","red-teaming","red-teaming-tools","telnet-exploit","telnet-scanner","vulnerability-scanners"],"owner":{"login":"hyu164","html_url":"https://github.com/hyu164"},"clone_url":"https://github.com/hyu164/Terrminus-CVE-2026-2406.git"},{"id":1149163272,"name":"CVE-2026-24061","full_name":"obrunolima1910/CVE-2026-24061","html_url":"https://github.com/obrunolima1910/CVE-2026-24061","description":"🚨 Exploit CVE-2026-24061, a critical remote authentication bypass in GNU inetutils-telnetd, for instant root shell access without authentication.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-29T11:45:03Z","pushed_at":"2026-04-29T11:45:00Z","created_at":"2026-02-03T19:46:10Z","topics":["agent","auth","book","computer-vision","cv","deep-learning","gluon","image-classification","jupyter-notebook","machine-learning","mxnet","neural-network","person-reid","pose-estimation","root","semantic-segmentation","telnet"],"owner":{"login":"obrunolima1910","html_url":"https://github.com/obrunolima1910"},"clone_url":"https://github.com/obrunolima1910/CVE-2026-24061.git"},{"id":1141243311,"name":"CVE-2026-24061","full_name":"midox008/CVE-2026-24061","html_url":"https://github.com/midox008/CVE-2026-24061","description":"GNU Inetutils telnetd Remote Authentication Bypass","stargazers_count":0,"forks_count":0,"language":"Go","updated_at":"2026-04-28T08:59:11Z","pushed_at":"2026-04-28T08:59:14Z","created_at":"2026-01-24T14:15:05Z","topics":[],"owner":{"login":"midox008","html_url":"https://github.com/midox008"},"clone_url":"https://github.com/midox008/CVE-2026-24061.git"},{"id":1201808799,"name":"CVE-2026-24061-GNU-InetUtils-telnetd-Authentication-Bypass-Vulnerability","full_name":"Risma2025/CVE-2026-24061-GNU-InetUtils-telnetd-Authentication-Bypass-Vulnerability","html_url":"https://github.com/Risma2025/CVE-2026-24061-GNU-InetUtils-telnetd-Authentication-Bypass-Vulnerability","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-22T17:55:35Z","pushed_at":"2026-04-22T17:55:31Z","created_at":"2026-04-05T07:28:39Z","topics":[],"owner":{"login":"Risma2025","html_url":"https://github.com/Risma2025"},"clone_url":"https://github.com/Risma2025/CVE-2026-24061-GNU-InetUtils-telnetd-Authentication-Bypass-Vulnerability.git"},{"id":1158491154,"name":"chall2026-telneted","full_name":"athack-ctf/chall2026-telneted","html_url":"https://github.com/athack-ctf/chall2026-telneted","description":"[AtHack 2026] Pwn challenge about telnetd CVE-2026-24061","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-03-31T20:25:30Z","pushed_at":"2026-03-31T19:41:12Z","created_at":"2026-02-15T13:14:41Z","topics":[],"owner":{"login":"athack-ctf","html_url":"https://github.com/athack-ctf"},"clone_url":"https://github.com/athack-ctf/chall2026-telneted.git"},{"id":1185646953,"name":"CVE-2026-24061","full_name":"przemytn/CVE-2026-24061","html_url":"https://github.com/przemytn/CVE-2026-24061","description":"CVE-2026-24061 PoC - telnetd auth bypass","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-18T20:01:04Z","pushed_at":"2026-03-18T20:01:00Z","created_at":"2026-03-18T19:58:51Z","topics":[],"owner":{"login":"przemytn","html_url":"https://github.com/przemytn"},"clone_url":"https://github.com/przemytn/CVE-2026-24061.git"},{"id":1183384618,"name":"CVE-2026-24061-NSE","full_name":"HD0x01/CVE-2026-24061-NSE","html_url":"https://github.com/HD0x01/CVE-2026-24061-NSE","description":"The script performs a full Telnet negotiation mirroring the exact byte sequence of a real telnet -a client session.","stargazers_count":0,"forks_count":0,"language":"Lua","updated_at":"2026-03-16T15:28:28Z","pushed_at":"2026-03-16T15:09:51Z","created_at":"2026-03-16T14:55:50Z","topics":["cve-2026-24061","inetutils","nmap","nse","penetration-testing","telnet","vulnerability-detection"],"owner":{"login":"HD0x01","html_url":"https://github.com/HD0x01"},"clone_url":"https://github.com/HD0x01/CVE-2026-24061-NSE.git"},{"id":1171391359,"name":"CVE-2026-24061","full_name":"Remnant-DB/CVE-2026-24061","html_url":"https://github.com/Remnant-DB/CVE-2026-24061","description":"CVE-2026-24061 Lab","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-03-08T11:22:08Z","pushed_at":"2026-03-08T11:22:04Z","created_at":"2026-03-03T07:14:09Z","topics":[],"owner":{"login":"Remnant-DB","html_url":"https://github.com/Remnant-DB"},"clone_url":"https://github.com/Remnant-DB/CVE-2026-24061.git"},{"id":1160687660,"name":"CVE-2026-24061-GNU-Inetutils-telnetd-Remote-Authentication-Bypass-Root-Shell-","full_name":"mbanyamer/CVE-2026-24061-GNU-Inetutils-telnetd-Remote-Authentication-Bypass-Root-Shell-","html_url":"https://github.com/mbanyamer/CVE-2026-24061-GNU-Inetutils-telnetd-Remote-Authentication-Bypass-Root-Shell-","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-18T08:56:57Z","pushed_at":"2026-02-18T08:56:53Z","created_at":"2026-02-18T08:52:25Z","topics":[],"owner":{"login":"mbanyamer","html_url":"https://github.com/mbanyamer"},"clone_url":"https://github.com/mbanyamer/CVE-2026-24061-GNU-Inetutils-telnetd-Remote-Authentication-Bypass-Root-Shell-.git"},{"id":1157805005,"name":"CVE-2026-24061","full_name":"tiborscholtz/CVE-2026-24061","html_url":"https://github.com/tiborscholtz/CVE-2026-24061","description":"A lightweight Docker lab for experimenting with Telnet protocol negotiation, explained in the CVE-2026-24061 exploit, which contains automatic username injection using the NEW-ENVIRON option.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-14T10:23:37Z","pushed_at":"2026-02-14T10:23:34Z","created_at":"2026-02-14T10:22:37Z","topics":[],"owner":{"login":"tiborscholtz","html_url":"https://github.com/tiborscholtz"},"clone_url":"https://github.com/tiborscholtz/CVE-2026-24061.git"},{"id":1151601240,"name":"cve-2026-24061","full_name":"scumfrog/cve-2026-24061","html_url":"https://github.com/scumfrog/cve-2026-24061","description":"CVE-2026-24061 PoC","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-06T17:14:16Z","pushed_at":"2026-02-06T17:14:12Z","created_at":"2026-02-06T17:06:57Z","topics":[],"owner":{"login":"scumfrog","html_url":"https://github.com/scumfrog"},"clone_url":"https://github.com/scumfrog/cve-2026-24061.git"},{"id":1151018164,"name":"CVE-2026-24061-GNU-inetutils-Telnet-Detector","full_name":"nrnw/CVE-2026-24061-GNU-inetutils-Telnet-Detector","html_url":"https://github.com/nrnw/CVE-2026-24061-GNU-inetutils-Telnet-Detector","description":"A passive detection tool for identifying potential exposure to CVE-2026-24061 in GNU inetutils telnet installations","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-06T01:20:53Z","pushed_at":"2026-02-06T01:20:50Z","created_at":"2026-02-06T00:36:20Z","topics":[],"owner":{"login":"nrnw","html_url":"https://github.com/nrnw"},"clone_url":"https://github.com/nrnw/CVE-2026-24061-GNU-inetutils-Telnet-Detector.git"},{"id":1150709517,"name":"scan-cve-2026-24061","full_name":"killsystema/scan-cve-2026-24061","html_url":"https://github.com/killsystema/scan-cve-2026-24061","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-05T16:06:55Z","pushed_at":"2026-02-05T16:00:09Z","created_at":"2026-02-05T15:47:03Z","topics":[],"owner":{"login":"killsystema","html_url":"https://github.com/killsystema"},"clone_url":"https://github.com/killsystema/scan-cve-2026-24061.git"},{"id":1150066721,"name":"inetutils-telnetd-cve-2026-24061","full_name":"canpilayda/inetutils-telnetd-cve-2026-24061","html_url":"https://github.com/canpilayda/inetutils-telnetd-cve-2026-24061","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-04T21:08:39Z","pushed_at":"2026-02-04T21:08:36Z","created_at":"2026-02-04T20:59:41Z","topics":[],"owner":{"login":"canpilayda","html_url":"https://github.com/canpilayda"},"clone_url":"https://github.com/canpilayda/inetutils-telnetd-cve-2026-24061.git"},{"id":1150009382,"name":"telnet-CVE-2026-24061","full_name":"lavabyte/telnet-CVE-2026-24061","html_url":"https://github.com/lavabyte/telnet-CVE-2026-24061","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-04T19:57:01Z","pushed_at":"2026-02-04T19:56:50Z","created_at":"2026-02-04T19:22:29Z","topics":[],"owner":{"login":"lavabyte","html_url":"https://github.com/lavabyte"},"clone_url":"https://github.com/lavabyte/telnet-CVE-2026-24061.git"},{"id":1148243886,"name":"CVE--2026-24061","full_name":"SeptembersEND/CVE--2026-24061","html_url":"https://github.com/SeptembersEND/CVE--2026-24061","description":"A docker image for CVE-2026-24061 in InetUtils telnetd.","stargazers_count":0,"forks_count":0,"language":"Dockerfile","updated_at":"2026-02-02T22:12:45Z","pushed_at":"2026-02-02T19:56:46Z","created_at":"2026-02-02T18:36:56Z","topics":[],"owner":{"login":"SeptembersEND","html_url":"https://github.com/SeptembersEND"},"clone_url":"https://github.com/SeptembersEND/CVE--2026-24061.git"},{"id":1146360267,"name":"CVE-2026-24061","full_name":"buzz075/CVE-2026-24061","html_url":"https://github.com/buzz075/CVE-2026-24061","description":"Scanner for CVE-2026-24061","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-31T01:13:37Z","pushed_at":"2026-01-31T01:13:34Z","created_at":"2026-01-31T01:10:23Z","topics":[],"owner":{"login":"buzz075","html_url":"https://github.com/buzz075"},"clone_url":"https://github.com/buzz075/CVE-2026-24061.git"},{"id":1146350782,"name":"telnet-inetutils-auth-bypass-CVE-2026-24061","full_name":"0xXyc/telnet-inetutils-auth-bypass-CVE-2026-24061","html_url":"https://github.com/0xXyc/telnet-inetutils-auth-bypass-CVE-2026-24061","description":"This is a simple PoC that allows you to highlight the severity of the ongoing and actively exploited Telnet bug that is going on right now. Why people are still using Telnet... beyond me.","stargazers_count":0,"forks_count":0,"language":"Dockerfile","updated_at":"2026-04-26T23:36:56Z","pushed_at":"2026-01-31T00:43:09Z","created_at":"2026-01-31T00:41:11Z","topics":[],"owner":{"login":"0xXyc","html_url":"https://github.com/0xXyc"},"clone_url":"https://github.com/0xXyc/telnet-inetutils-auth-bypass-CVE-2026-24061.git"},{"id":1144345797,"name":"CVE-2026-24061","full_name":"Parad0x7e/CVE-2026-24061","html_url":"https://github.com/Parad0x7e/CVE-2026-24061","description":"","stargazers_count":0,"forks_count":0,"language":"Go","updated_at":"2026-01-28T15:57:22Z","pushed_at":"2026-01-28T15:46:17Z","created_at":"2026-01-28T15:41:27Z","topics":[],"owner":{"login":"Parad0x7e","html_url":"https://github.com/Parad0x7e"},"clone_url":"https://github.com/Parad0x7e/CVE-2026-24061.git"},{"id":1144297047,"name":"CVE-2026-24061","full_name":"0x7556/CVE-2026-24061","html_url":"https://github.com/0x7556/CVE-2026-24061","description":"CVE-2026-24061 Telnet RCE Exploit For Linux MacOS Windows","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-01-28T14:46:46Z","pushed_at":"2026-01-28T14:43:48Z","created_at":"2026-01-28T14:35:20Z","topics":[],"owner":{"login":"0x7556","html_url":"https://github.com/0x7556"},"clone_url":"https://github.com/0x7556/CVE-2026-24061.git"},{"id":1143759834,"name":"CVE-2026-24061_Lab","full_name":"Gabs-hub/CVE-2026-24061_Lab","html_url":"https://github.com/Gabs-hub/CVE-2026-24061_Lab","description":"Lab to show the CVE-2026-24061","stargazers_count":0,"forks_count":0,"language":"Dockerfile","updated_at":"2026-01-28T00:41:23Z","pushed_at":"2026-01-28T00:27:12Z","created_at":"2026-01-28T00:27:09Z","topics":[],"owner":{"login":"Gabs-hub","html_url":"https://github.com/Gabs-hub"},"clone_url":"https://github.com/Gabs-hub/CVE-2026-24061_Lab.git"},{"id":1143622792,"name":"Exploit-CVE-2026-24061","full_name":"novitahk/Exploit-CVE-2026-24061","html_url":"https://github.com/novitahk/Exploit-CVE-2026-24061","description":"Payload CVE-2026-24061","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-01-27T20:15:07Z","pushed_at":"2026-01-27T20:15:03Z","created_at":"2026-01-27T20:04:40Z","topics":[],"owner":{"login":"novitahk","html_url":"https://github.com/novitahk"},"clone_url":"https://github.com/novitahk/Exploit-CVE-2026-24061.git"},{"id":1143565832,"name":"tscan","full_name":"cumakurt/tscan","html_url":"https://github.com/cumakurt/tscan","description":"Telnetd Auth Bypass Scanner (CVE-2026-24061)  A Python-based scanner for detecting and exploiting the CVE-2026-24061 vulnerability in GNU Inetutils telnetd services. This tool scans IP addresses or networks for vulnerable telnetd services that allow authentication bypass leading to root shell access.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-27T18:50:43Z","pushed_at":"2026-01-27T18:50:38Z","created_at":"2026-01-27T18:30:07Z","topics":["cve-2026-24061","scanner","telnet","telnet-server"],"owner":{"login":"cumakurt","html_url":"https://github.com/cumakurt"},"clone_url":"https://github.com/cumakurt/tscan.git"},{"id":1143391754,"name":"CVE-2026-24061-PoC-Telnetd","full_name":"androidteacher/CVE-2026-24061-PoC-Telnetd","html_url":"https://github.com/androidteacher/CVE-2026-24061-PoC-Telnetd","description":"","stargazers_count":0,"forks_count":1,"language":"Python","updated_at":"2026-01-27T15:20:44Z","pushed_at":"2026-01-27T15:20:40Z","created_at":"2026-01-27T14:24:19Z","topics":[],"owner":{"login":"androidteacher","html_url":"https://github.com/androidteacher"},"clone_url":"https://github.com/androidteacher/CVE-2026-24061-PoC-Telnetd.git"},{"id":1142770099,"name":"CVE-2026-24061","full_name":"LucasPDiniz/CVE-2026-24061","html_url":"https://github.com/LucasPDiniz/CVE-2026-24061","description":"Vulnerability in GNU InetUtils telnetd Enables Remote Root Access","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-01-27T05:50:02Z","pushed_at":"2026-01-27T05:49:59Z","created_at":"2026-01-26T20:46:49Z","topics":["cve-2026-24061","inetutils","root"],"owner":{"login":"LucasPDiniz","html_url":"https://github.com/LucasPDiniz"},"clone_url":"https://github.com/LucasPDiniz/CVE-2026-24061.git"},{"id":1142283613,"name":"CVE-2026-24061-Scanner","full_name":"XsanFlip/CVE-2026-24061-Scanner","html_url":"https://github.com/XsanFlip/CVE-2026-24061-Scanner","description":"CVE-2026-24061-Scanner by XsanLahci","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-01-26T08:21:02Z","pushed_at":"2026-01-26T08:20:59Z","created_at":"2026-01-26T07:47:36Z","topics":[],"owner":{"login":"XsanFlip","html_url":"https://github.com/XsanFlip"},"clone_url":"https://github.com/XsanFlip/CVE-2026-24061-Scanner.git"},{"id":1142208769,"name":"telnetd-cve-2026-24061","full_name":"punitdarji/telnetd-cve-2026-24061","html_url":"https://github.com/punitdarji/telnetd-cve-2026-24061","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-26T05:08:59Z","pushed_at":"2026-01-26T05:08:56Z","created_at":"2026-01-26T05:05:24Z","topics":[],"owner":{"login":"punitdarji","html_url":"https://github.com/punitdarji"},"clone_url":"https://github.com/punitdarji/telnetd-cve-2026-24061.git"},{"id":1140261470,"name":"CVE-2026-24061","full_name":"monstertsl/CVE-2026-24061","html_url":"https://github.com/monstertsl/CVE-2026-24061","description":"CVE-2026-24061 漏洞检测工具","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-26T05:01:54Z","pushed_at":"2026-01-26T05:01:51Z","created_at":"2026-01-23T03:16:53Z","topics":[],"owner":{"login":"monstertsl","html_url":"https://github.com/monstertsl"},"clone_url":"https://github.com/monstertsl/CVE-2026-24061.git"},{"id":1141991089,"name":"CVE-2026-24061-POC","full_name":"ms0x08-dev/CVE-2026-24061-POC","html_url":"https://github.com/ms0x08-dev/CVE-2026-24061-POC","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-25T19:42:03Z","pushed_at":"2026-01-25T19:42:00Z","created_at":"2026-01-25T19:22:38Z","topics":[],"owner":{"login":"ms0x08-dev","html_url":"https://github.com/ms0x08-dev"},"clone_url":"https://github.com/ms0x08-dev/CVE-2026-24061-POC.git"},{"id":1141663043,"name":"CVE-2026-24061","full_name":"typeconfused/CVE-2026-24061","html_url":"https://github.com/typeconfused/CVE-2026-24061","description":"GNU telnetd service from GNU InetUtils authentication-bypass","stargazers_count":0,"forks_count":0,"language":"Dockerfile","updated_at":"2026-01-25T07:35:06Z","pushed_at":"2026-01-25T07:35:02Z","created_at":"2026-01-25T07:33:48Z","topics":[],"owner":{"login":"typeconfused","html_url":"https://github.com/typeconfused"},"clone_url":"https://github.com/typeconfused/CVE-2026-24061.git"},{"id":1141488910,"name":"CVE-2026-24061-POC","full_name":"Alter-N0X/CVE-2026-24061-POC","html_url":"https://github.com/Alter-N0X/CVE-2026-24061-POC","description":"CVE-2026-24061 - GNU InetUtils telnetd authentication bypass POC + Docker lab environment for testing ","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-25T10:03:13Z","pushed_at":"2026-01-24T23:27:04Z","created_at":"2026-01-24T23:21:56Z","topics":[],"owner":{"login":"Alter-N0X","html_url":"https://github.com/Alter-N0X"},"clone_url":"https://github.com/Alter-N0X/CVE-2026-24061-POC.git"},{"id":1141216751,"name":"CVE-2026-24061","full_name":"Mr-Zapi/CVE-2026-24061","html_url":"https://github.com/Mr-Zapi/CVE-2026-24061","description":"Nuclei template for CVE-2026-24061","stargazers_count":0,"forks_count":1,"language":"","updated_at":"2026-01-24T20:50:17Z","pushed_at":"2026-01-24T20:50:14Z","created_at":"2026-01-24T13:18:54Z","topics":[],"owner":{"login":"Mr-Zapi","html_url":"https://github.com/Mr-Zapi"},"clone_url":"https://github.com/Mr-Zapi/CVE-2026-24061.git"},{"id":1141295963,"name":"Telnet-TestVuln-CVE-2026-24061","full_name":"BrainBob/Telnet-TestVuln-CVE-2026-24061","html_url":"https://github.com/BrainBob/Telnet-TestVuln-CVE-2026-24061","description":"","stargazers_count":0,"forks_count":0,"language":"Dockerfile","updated_at":"2026-01-24T16:06:34Z","pushed_at":"2026-01-24T16:06:31Z","created_at":"2026-01-24T15:59:48Z","topics":[],"owner":{"login":"BrainBob","html_url":"https://github.com/BrainBob"},"clone_url":"https://github.com/BrainBob/Telnet-TestVuln-CVE-2026-24061.git"},{"id":1141271916,"name":"CVE-2026-24061","full_name":"BrainBob/CVE-2026-24061","html_url":"https://github.com/BrainBob/CVE-2026-24061","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-24T15:46:05Z","pushed_at":"2026-01-24T15:46:01Z","created_at":"2026-01-24T15:11:28Z","topics":[],"owner":{"login":"BrainBob","html_url":"https://github.com/BrainBob"},"clone_url":"https://github.com/BrainBob/CVE-2026-24061.git"},{"id":1141086666,"name":"CVE-2026-24061","full_name":"z3n70/CVE-2026-24061","html_url":"https://github.com/z3n70/CVE-2026-24061","description":"","stargazers_count":0,"forks_count":0,"language":"Ruby","updated_at":"2026-01-24T08:16:10Z","pushed_at":"2026-01-24T08:16:06Z","created_at":"2026-01-24T08:09:02Z","topics":[],"owner":{"login":"z3n70","html_url":"https://github.com/z3n70"},"clone_url":"https://github.com/z3n70/CVE-2026-24061.git"},{"id":1140422310,"name":"CVE-2026-24061","full_name":"r00tuser111/CVE-2026-24061","html_url":"https://github.com/r00tuser111/CVE-2026-24061","description":"CVE-2026-24061 环境","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-23T09:03:49Z","pushed_at":"2026-01-23T09:03:45Z","created_at":"2026-01-23T08:59:03Z","topics":[],"owner":{"login":"r00tuser111","html_url":"https://github.com/r00tuser111"},"clone_url":"https://github.com/r00tuser111/CVE-2026-24061.git"},{"id":1141692144,"name":"Ashwesker-CVE-2026-24061","full_name":"Mefhika120/Ashwesker-CVE-2026-24061","html_url":"https://github.com/Mefhika120/Ashwesker-CVE-2026-24061","description":"CVE-2026-24061","stargazers_count":0,"forks_count":1,"language":"","updated_at":"2026-01-25T08:51:17Z","pushed_at":"2026-01-23T07:47:43Z","created_at":"2026-01-25T08:51:17Z","topics":[],"owner":{"login":"Mefhika120","html_url":"https://github.com/Mefhika120"},"clone_url":"https://github.com/Mefhika120/Ashwesker-CVE-2026-24061.git"}]},{"cve_id":"CVE-2026-24102","repositories":[{"id":1145695212,"name":"CTT-Kernel-Resonance-io_uring-Temporal-Phase-Transition","full_name":"SimoesCTT/CTT-Kernel-Resonance-io_uring-Temporal-Phase-Transition","html_url":"https://github.com/SimoesCTT/CTT-Kernel-Resonance-io_uring-Temporal-Phase-Transition","description":"CVE-2026-24102 is a Use-After-Free (UAF) vulnerability within the Linux Kernel io_uring subsystem. While traditional exploits attempt to win a race condition through brute-force CPU pinning, SimoesCTT-Kernel-Resonance uses Temporal Layering to ensure the race is won deterministically.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-30T12:39:30Z","pushed_at":"2026-01-30T12:39:26Z","created_at":"2026-01-30T05:12:51Z","topics":[],"owner":{"login":"SimoesCTT","html_url":"https://github.com/SimoesCTT"},"clone_url":"https://github.com/SimoesCTT/CTT-Kernel-Resonance-io_uring-Temporal-Phase-Transition.git"}]},{"cve_id":"CVE-2026-24126","repositories":[{"id":1192547135,"name":"Weblate-CVE-2026-24126","full_name":"alexb616/Weblate-CVE-2026-24126","html_url":"https://github.com/alexb616/Weblate-CVE-2026-24126","description":"PoC CVE-2026-24126","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-03-26T12:46:13Z","pushed_at":"2026-03-26T10:49:17Z","created_at":"2026-03-26T10:22:08Z","topics":[],"owner":{"login":"alexb616","html_url":"https://github.com/alexb616"},"clone_url":"https://github.com/alexb616/Weblate-CVE-2026-24126.git"}]},{"cve_id":"CVE-2026-2413","repositories":[{"id":1185238821,"name":"CVE-2026-2413-POC","full_name":"p3Nt3st3r-sTAr/CVE-2026-2413-POC","html_url":"https://github.com/p3Nt3st3r-sTAr/CVE-2026-2413-POC","description":"","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-03-26T21:06:03Z","pushed_at":"2026-03-18T11:38:24Z","created_at":"2026-03-18T11:30:53Z","topics":[],"owner":{"login":"p3Nt3st3r-sTAr","html_url":"https://github.com/p3Nt3st3r-sTAr"},"clone_url":"https://github.com/p3Nt3st3r-sTAr/CVE-2026-2413-POC.git"}]},{"cve_id":"CVE-2026-24134","repositories":[{"id":1145478374,"name":"CVE-2026-24134-PoC","full_name":"FilipeGaudard/CVE-2026-24134-PoC","html_url":"https://github.com/FilipeGaudard/CVE-2026-24134-PoC","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-29T21:12:51Z","pushed_at":"2026-01-29T21:12:48Z","created_at":"2026-01-29T21:03:34Z","topics":[],"owner":{"login":"FilipeGaudard","html_url":"https://github.com/FilipeGaudard"},"clone_url":"https://github.com/FilipeGaudard/CVE-2026-24134-PoC.git"}]},{"cve_id":"CVE-2026-24135","repositories":[{"id":1151551787,"name":"CVE-2026-24135","full_name":"reschjonas/CVE-2026-24135","html_url":"https://github.com/reschjonas/CVE-2026-24135","description":"Arbitrary File Deletion in Gogs via Wiki Path Traversal","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-04-13T12:52:52Z","pushed_at":"2026-02-06T16:00:50Z","created_at":"2026-02-06T15:57:03Z","topics":[],"owner":{"login":"reschjonas","html_url":"https://github.com/reschjonas"},"clone_url":"https://github.com/reschjonas/CVE-2026-24135.git"}]},{"cve_id":"CVE-2026-24291","repositories":[{"id":1186119589,"name":"CVE-2026-24291","full_name":"lennertdefauw/CVE-2026-24291","html_url":"https://github.com/lennertdefauw/CVE-2026-24291","description":"Windows privilege escalation using RegPwn","stargazers_count":3,"forks_count":1,"language":"C#","updated_at":"2026-04-13T22:41:28Z","pushed_at":"2026-03-19T09:46:08Z","created_at":"2026-03-19T09:37:26Z","topics":[],"owner":{"login":"lennertdefauw","html_url":"https://github.com/lennertdefauw"},"clone_url":"https://github.com/lennertdefauw/CVE-2026-24291.git"},{"id":1192299713,"name":"RegPwn","full_name":"tracyliving606/RegPwn","html_url":"https://github.com/tracyliving606/RegPwn","description":"Exploit Windows local privilege escalation on clients and servers using tested code for CVE-2026-24291 across multiple Windows versions","stargazers_count":2,"forks_count":0,"language":"C#","updated_at":"2026-04-29T12:20:22Z","pushed_at":"2026-04-29T12:20:18Z","created_at":"2026-03-26T04:38:27Z","topics":["assembly","capture-the-flag","cloudflare","containers","defcon","developer","free-domain","handshakes","learn-regex","opencontainers","pwntools","python","regular-expression","shellcode-development","shellcoding","wargame","website","wpa-psk"],"owner":{"login":"tracyliving606","html_url":"https://github.com/tracyliving606"},"clone_url":"https://github.com/tracyliving606/RegPwn.git"},{"id":1185493745,"name":"RegPwnBRc4BOF","full_name":"n0isegat3/RegPwnBRc4BOF","html_url":"https://github.com/n0isegat3/RegPwnBRc4BOF","description":"Brute Ratel C4 BOF of the CVE-2026-24291","stargazers_count":2,"forks_count":0,"language":"C","updated_at":"2026-03-23T21:20:15Z","pushed_at":"2026-03-18T16:39:16Z","created_at":"2026-03-18T16:34:27Z","topics":[],"owner":{"login":"n0isegat3","html_url":"https://github.com/n0isegat3"},"clone_url":"https://github.com/n0isegat3/RegPwnBRc4BOF.git"},{"id":1192690199,"name":"CVE-2026-24291","full_name":"uname1able/CVE-2026-24291","html_url":"https://github.com/uname1able/CVE-2026-24291","description":"","stargazers_count":0,"forks_count":0,"language":"C#","updated_at":"2026-03-26T13:18:46Z","pushed_at":"2026-03-26T13:18:41Z","created_at":"2026-03-26T13:18:15Z","topics":[],"owner":{"login":"uname1able","html_url":"https://github.com/uname1able"},"clone_url":"https://github.com/uname1able/CVE-2026-24291.git"}]},{"cve_id":"CVE-2026-24306","repositories":[{"id":1143363230,"name":"CVE-2026-24306","full_name":"ExploreUnknowed/CVE-2026-24306","html_url":"https://github.com/ExploreUnknowed/CVE-2026-24306","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-01-27T13:45:40Z","pushed_at":"2026-01-26T10:49:49Z","created_at":"2026-01-27T13:45:40Z","topics":[],"owner":{"login":"ExploreUnknowed","html_url":"https://github.com/ExploreUnknowed"},"clone_url":"https://github.com/ExploreUnknowed/CVE-2026-24306.git"}]},{"cve_id":"CVE-2026-2441","repositories":[{"id":1160803995,"name":"CVE-2026-2441-PoC","full_name":"huseyinstif/CVE-2026-2441-PoC","html_url":"https://github.com/huseyinstif/CVE-2026-2441-PoC","description":"","stargazers_count":123,"forks_count":21,"language":"HTML","updated_at":"2026-04-18T16:23:05Z","pushed_at":"2026-02-18T11:53:43Z","created_at":"2026-02-18T11:46:40Z","topics":[],"owner":{"login":"huseyinstif","html_url":"https://github.com/huseyinstif"},"clone_url":"https://github.com/huseyinstif/CVE-2026-2441-PoC.git"},{"id":1171705096,"name":"CVE-2026-2441-PoC","full_name":"fartlover37/CVE-2026-2441-PoC","html_url":"https://github.com/fartlover37/CVE-2026-2441-PoC","description":"Demonstrate a proof-of-concept exploit for CVE-2026-2441, a high-risk Chrome use-after-free vulnerability in the Blink CSS engine.","stargazers_count":1,"forks_count":2,"language":"","updated_at":"2026-04-29T12:01:27Z","pushed_at":"2026-04-29T12:01:23Z","created_at":"2026-03-03T14:19:18Z","topics":["agent","agents","chinese","gluon","hacktoberfest","notebook","obfuscation","person-reid","poc","rag","semantic-segmentation","testnet","testnet-faucet","vulnerability","web3","zdi"],"owner":{"login":"fartlover37","html_url":"https://github.com/fartlover37"},"clone_url":"https://github.com/fartlover37/CVE-2026-2441-PoC.git"},{"id":1170127318,"name":"CVE-2026-2441-PoC","full_name":"D3b0j33t/CVE-2026-2441-PoC","html_url":"https://github.com/D3b0j33t/CVE-2026-2441-PoC","description":"","stargazers_count":0,"forks_count":0,"language":"HTML","updated_at":"2026-03-01T18:36:45Z","pushed_at":"2026-03-01T18:36:41Z","created_at":"2026-03-01T18:34:18Z","topics":[],"owner":{"login":"D3b0j33t","html_url":"https://github.com/D3b0j33t"},"clone_url":"https://github.com/D3b0j33t/CVE-2026-2441-PoC.git"},{"id":1165918484,"name":"CVE-2026-2441","full_name":"NetVanguard-cmd/CVE-2026-2441","html_url":"https://github.com/NetVanguard-cmd/CVE-2026-2441","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-24T17:28:03Z","pushed_at":"2026-02-24T17:26:01Z","created_at":"2026-02-24T17:25:55Z","topics":[],"owner":{"login":"NetVanguard-cmd","html_url":"https://github.com/NetVanguard-cmd"},"clone_url":"https://github.com/NetVanguard-cmd/CVE-2026-2441.git"},{"id":1164576333,"name":"CVE-2026-2441_PoC","full_name":"atiilla/CVE-2026-2441_PoC","html_url":"https://github.com/atiilla/CVE-2026-2441_PoC","description":"","stargazers_count":0,"forks_count":1,"language":"HTML","updated_at":"2026-02-23T08:46:51Z","pushed_at":"2026-02-23T08:46:48Z","created_at":"2026-02-23T08:43:16Z","topics":[],"owner":{"login":"atiilla","html_url":"https://github.com/atiilla"},"clone_url":"https://github.com/atiilla/CVE-2026-2441_PoC.git"},{"id":1162160742,"name":"CVE-2026-2441-PoC","full_name":"theemperorspath/CVE-2026-2441-PoC","html_url":"https://github.com/theemperorspath/CVE-2026-2441-PoC","description":"","stargazers_count":0,"forks_count":0,"language":"HTML","updated_at":"2026-02-19T23:51:04Z","pushed_at":"2026-02-19T23:51:00Z","created_at":"2026-02-19T23:48:33Z","topics":[],"owner":{"login":"theemperorspath","html_url":"https://github.com/theemperorspath"},"clone_url":"https://github.com/theemperorspath/CVE-2026-2441-PoC.git"}]},{"cve_id":"CVE-2026-24415","repositories":[{"id":1208065730,"name":"CVE-2026-24415","full_name":"lukasz-rybak/CVE-2026-24415","html_url":"https://github.com/lukasz-rybak/CVE-2026-24415","description":"CVE-2026-24415 - OpenSTAManager Affected by XSS in modifica_iva.php via righe parameter","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-11T19:22:48Z","pushed_at":"2026-04-11T19:22:45Z","created_at":"2026-04-11T19:15:29Z","topics":[],"owner":{"login":"lukasz-rybak","html_url":"https://github.com/lukasz-rybak"},"clone_url":"https://github.com/lukasz-rybak/CVE-2026-24415.git"}]},{"cve_id":"CVE-2026-24416","repositories":[{"id":1208064915,"name":"CVE-2026-24416","full_name":"lukasz-rybak/CVE-2026-24416","html_url":"https://github.com/lukasz-rybak/CVE-2026-24416","description":"CVE-2026-24416 - OpenSTAManager has a Time-Based Blind SQL Injection in Article Pricing Module","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-11T19:21:57Z","pushed_at":"2026-04-11T19:21:53Z","created_at":"2026-04-11T19:14:01Z","topics":[],"owner":{"login":"lukasz-rybak","html_url":"https://github.com/lukasz-rybak"},"clone_url":"https://github.com/lukasz-rybak/CVE-2026-24416.git"}]},{"cve_id":"CVE-2026-24417","repositories":[{"id":1208064977,"name":"CVE-2026-24417","full_name":"lukasz-rybak/CVE-2026-24417","html_url":"https://github.com/lukasz-rybak/CVE-2026-24417","description":"CVE-2026-24417 - OpenSTAManager has a Time-Based Blind SQL Injection with Amplified Denial of Service","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-11T19:22:01Z","pushed_at":"2026-04-11T19:21:56Z","created_at":"2026-04-11T19:14:07Z","topics":[],"owner":{"login":"lukasz-rybak","html_url":"https://github.com/lukasz-rybak"},"clone_url":"https://github.com/lukasz-rybak/CVE-2026-24417.git"}]},{"cve_id":"CVE-2026-24418","repositories":[{"id":1208065025,"name":"CVE-2026-24418","full_name":"lukasz-rybak/CVE-2026-24418","html_url":"https://github.com/lukasz-rybak/CVE-2026-24418","description":"CVE-2026-24418 - OpenSTAManager has a SQL Injection vulnerability in the Scadenzario bulk operations module","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-11T19:22:05Z","pushed_at":"2026-04-11T19:21:59Z","created_at":"2026-04-11T19:14:13Z","topics":[],"owner":{"login":"lukasz-rybak","html_url":"https://github.com/lukasz-rybak"},"clone_url":"https://github.com/lukasz-rybak/CVE-2026-24418.git"}]},{"cve_id":"CVE-2026-24419","repositories":[{"id":1208065068,"name":"CVE-2026-24419","full_name":"lukasz-rybak/CVE-2026-24419","html_url":"https://github.com/lukasz-rybak/CVE-2026-24419","description":"CVE-2026-24419 - OpenSTAManager has a SQL Injection in the Prima Nota  module ","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-11T19:22:06Z","pushed_at":"2026-04-11T19:22:03Z","created_at":"2026-04-11T19:14:18Z","topics":[],"owner":{"login":"lukasz-rybak","html_url":"https://github.com/lukasz-rybak"},"clone_url":"https://github.com/lukasz-rybak/CVE-2026-24419.git"}]},{"cve_id":"CVE-2026-24423","repositories":[{"id":1145101064,"name":"CVE-2026-24423","full_name":"aavamin/CVE-2026-24423","html_url":"https://github.com/aavamin/CVE-2026-24423","description":"CVE-2026-24423 exp","stargazers_count":7,"forks_count":0,"language":"Python","updated_at":"2026-03-02T10:01:44Z","pushed_at":"2026-01-29T13:10:03Z","created_at":"2026-01-29T12:30:18Z","topics":[],"owner":{"login":"aavamin","html_url":"https://github.com/aavamin"},"clone_url":"https://github.com/aavamin/CVE-2026-24423.git"}]},{"cve_id":"CVE-2026-24512","repositories":[{"id":1176172409,"name":"dependency-guardian-real-advisory-demo","full_name":"mghouse17/dependency-guardian-real-advisory-demo","html_url":"https://github.com/mghouse17/dependency-guardian-real-advisory-demo","description":"Defensive dependency scanning demo using real public advisory MINI-5wmc-5rcx-fp67 (CVE-2026-24512). Detection and remediation only.","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-08T18:03:19Z","pushed_at":"2026-03-08T18:03:19Z","created_at":"2026-03-08T18:03:19Z","topics":[],"owner":{"login":"mghouse17","html_url":"https://github.com/mghouse17"},"clone_url":"https://github.com/mghouse17/dependency-guardian-real-advisory-demo.git"}]},{"cve_id":"CVE-2026-24514","repositories":[{"id":1162217645,"name":"cve-2026-24514-Kubernetes-Dos","full_name":"mbanyamer/cve-2026-24514-Kubernetes-Dos","html_url":"https://github.com/mbanyamer/cve-2026-24514-Kubernetes-Dos","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-20T02:01:17Z","pushed_at":"2026-02-20T02:01:14Z","created_at":"2026-02-20T01:56:59Z","topics":[],"owner":{"login":"mbanyamer","html_url":"https://github.com/mbanyamer"},"clone_url":"https://github.com/mbanyamer/cve-2026-24514-Kubernetes-Dos.git"}]},{"cve_id":"CVE-2026-24516","repositories":[{"id":1188981815,"name":"CVE-2026-24516-DigitalOcean-RCE","full_name":"poxsky/CVE-2026-24516-DigitalOcean-RCE","html_url":"https://github.com/poxsky/CVE-2026-24516-DigitalOcean-RCE","description":"Critical Pre-Auth Root RCE (CVSS 10.0) in DigitalOcean Droplet Agent up to v1.3.2 via Command Injection.","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-04-02T04:58:52Z","pushed_at":"2026-04-02T04:58:49Z","created_at":"2026-03-22T20:52:57Z","topics":[],"owner":{"login":"poxsky","html_url":"https://github.com/poxsky"},"clone_url":"https://github.com/poxsky/CVE-2026-24516-DigitalOcean-RCE.git"},{"id":1200164468,"name":"CVE-2026-24516-DigitalOcean-RCE.","full_name":"poxsky/CVE-2026-24516-DigitalOcean-RCE.","html_url":"https://github.com/poxsky/CVE-2026-24516-DigitalOcean-RCE.","description":"Technical analysis and PoC for CVE-2026-24516: Unauthenticated Root Remote Code Execution in DigitalOcean Droplet Agent (CVSS 10.0).","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-03T05:40:14Z","pushed_at":"2026-04-03T05:40:11Z","created_at":"2026-04-03T05:25:18Z","topics":[],"owner":{"login":"poxsky","html_url":"https://github.com/poxsky"},"clone_url":"https://github.com/poxsky/CVE-2026-24516-DigitalOcean-RCE..git"}]},{"cve_id":"CVE-2026-2461","repositories":[{"id":1146330916,"name":"CVE-2026-2461-poc","full_name":"destiny-creates/CVE-2026-2461-poc","html_url":"https://github.com/destiny-creates/CVE-2026-2461-poc","description":"POC in python for CVE-2026-2461","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-30T23:41:29Z","pushed_at":"2026-01-30T23:41:25Z","created_at":"2026-01-30T23:38:17Z","topics":[],"owner":{"login":"destiny-creates","html_url":"https://github.com/destiny-creates"},"clone_url":"https://github.com/destiny-creates/CVE-2026-2461-poc.git"}]},{"cve_id":"CVE-2026-24688","repositories":[{"id":1143166758,"name":"CVE-2026-24688","full_name":"JoakimBulow/CVE-2026-24688","html_url":"https://github.com/JoakimBulow/CVE-2026-24688","description":"CVE-2026-24688 - pypdf - DoS - POC ","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-27T09:14:34Z","pushed_at":"2026-01-27T09:14:30Z","created_at":"2026-01-27T08:44:59Z","topics":[],"owner":{"login":"JoakimBulow","html_url":"https://github.com/JoakimBulow"},"clone_url":"https://github.com/JoakimBulow/CVE-2026-24688.git"}]},{"cve_id":"CVE-2026-2472","repositories":[{"id":1168579521,"name":"CVE-2026-2472-Vertex-AI-SDK-Google-Cloud","full_name":"JoshuaProvoste/CVE-2026-2472-Vertex-AI-SDK-Google-Cloud","html_url":"https://github.com/JoshuaProvoste/CVE-2026-2472-Vertex-AI-SDK-Google-Cloud","description":"Technical PoC for CVE-2026-2472 (GCP-2026-011): Unauthenticated and Stored Cross-Site Scripting (XSS) in google-cloud-aiplatform _genai/_evals_visualization (Vertex AI Python SDK) affecting Jupyter/Colab.","stargazers_count":5,"forks_count":1,"language":"Python","updated_at":"2026-02-28T09:17:29Z","pushed_at":"2026-02-27T17:32:33Z","created_at":"2026-02-27T14:57:39Z","topics":["colab","colab-notebook","cve-2026-2472","gcp-2026-011","google","google-cloud","google-cloud-platform","jupyter","jupyter-notebook","python-aiplatform","vertex-ai","vertex-ai-sdk","xss","xss-exploitation","xss-injection","xss-payloads","xss-vulnerability"],"owner":{"login":"JoshuaProvoste","html_url":"https://github.com/JoshuaProvoste"},"clone_url":"https://github.com/JoshuaProvoste/CVE-2026-2472-Vertex-AI-SDK-Google-Cloud.git"},{"id":1177953316,"name":"CVE-2026-2472-Vertex-AI-SDK-Google-Cloud","full_name":"megafart1/CVE-2026-2472-Vertex-AI-SDK-Google-Cloud","html_url":"https://github.com/megafart1/CVE-2026-2472-Vertex-AI-SDK-Google-Cloud","description":"Expose and detail an unauthenticated stored XSS vulnerability in the Google Cloud Vertex AI Python SDK affecting versions 1.98.0 to 1.130.9.","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-29T12:08:24Z","pushed_at":"2026-04-29T12:08:20Z","created_at":"2026-03-10T14:40:04Z","topics":["colab","colab-notebook","cve-2026-2472","gcp-2026-011","google","google-cloud","jupyter-notebook","python-aiplatform","vertex-ai","vertex-ai-sdk","xss","xss-exploitation","xss-injection","xss-payloads","xss-vulnerability"],"owner":{"login":"megafart1","html_url":"https://github.com/megafart1"},"clone_url":"https://github.com/megafart1/CVE-2026-2472-Vertex-AI-SDK-Google-Cloud.git"}]},{"cve_id":"CVE-2026-24841","repositories":[{"id":1146408012,"name":"CVE-2026-24841_Range","full_name":"otakuliu/CVE-2026-24841_Range","html_url":"https://github.com/otakuliu/CVE-2026-24841_Range","description":"CVE-2026-24841仿真靶场，用来模拟真实环境，适合搭建Dokploy报错而无法搭建的","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-31T03:43:02Z","pushed_at":"2026-01-31T03:42:58Z","created_at":"2026-01-31T03:40:00Z","topics":[],"owner":{"login":"otakuliu","html_url":"https://github.com/otakuliu"},"clone_url":"https://github.com/otakuliu/CVE-2026-24841_Range.git"}]},{"cve_id":"CVE-2026-24854","repositories":[{"id":1149260940,"name":"CVE-2026-24854-ChurchCRM-6.7.2-Authenticated-Numeric-SQL-Injection","full_name":"mbanyamer/CVE-2026-24854-ChurchCRM-6.7.2-Authenticated-Numeric-SQL-Injection","html_url":"https://github.com/mbanyamer/CVE-2026-24854-ChurchCRM-6.7.2-Authenticated-Numeric-SQL-Injection","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-03T23:00:41Z","pushed_at":"2026-02-03T23:00:19Z","created_at":"2026-02-03T22:59:36Z","topics":[],"owner":{"login":"mbanyamer","html_url":"https://github.com/mbanyamer"},"clone_url":"https://github.com/mbanyamer/CVE-2026-24854-ChurchCRM-6.7.2-Authenticated-Numeric-SQL-Injection.git"}]},{"cve_id":"CVE-2026-24858","repositories":[{"id":1145648365,"name":"CVE-2026-24858-FortiCloud-SSO-Authentication-Bypass","full_name":"absholi7ly/CVE-2026-24858-FortiCloud-SSO-Authentication-Bypass","html_url":"https://github.com/absholi7ly/CVE-2026-24858-FortiCloud-SSO-Authentication-Bypass","description":"CVE-2026-24858 FortiCloud Single Sign On (SSO)  a factory default enabled feature once you register any FortiGate/FortiManager/FortiAnalyzer  contains a critical authentication bypass flaw.","stargazers_count":6,"forks_count":3,"language":"","updated_at":"2026-04-27T18:09:32Z","pushed_at":"2026-01-30T05:25:41Z","created_at":"2026-01-30T03:29:04Z","topics":[],"owner":{"login":"absholi7ly","html_url":"https://github.com/absholi7ly"},"clone_url":"https://github.com/absholi7ly/CVE-2026-24858-FortiCloud-SSO-Authentication-Bypass.git"},{"id":1154722180,"name":"cve-2026-24858","full_name":"gagaltotal/cve-2026-24858","html_url":"https://github.com/gagaltotal/cve-2026-24858","description":"CVE-2026-24858 - Administrative FortiCloud SSO authentication bypass","stargazers_count":1,"forks_count":2,"language":"Python","updated_at":"2026-02-23T10:52:23Z","pushed_at":"2026-02-10T18:20:43Z","created_at":"2026-02-10T17:51:07Z","topics":["exploit","fortigate","fortigate-firewall","fortnite","python","python3","scanner"],"owner":{"login":"gagaltotal","html_url":"https://github.com/gagaltotal"},"clone_url":"https://github.com/gagaltotal/cve-2026-24858.git"},{"id":1146557505,"name":"SCTT-2026-33-0004-FortiCloud-SSO-Identity-Singularity","full_name":"SimoesCTT/SCTT-2026-33-0004-FortiCloud-SSO-Identity-Singularity","html_url":"https://github.com/SimoesCTT/SCTT-2026-33-0004-FortiCloud-SSO-Identity-Singularity","description":"While Fortinet's January 27, 2026 mitigation for **CVE-2026-24858** focuses on blocking specific accounts like `cloud-noc@mail.io`, it fails to address the **Temporal Vulnerability** of the SAML state machine. ","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-31T09:47:07Z","pushed_at":"2026-01-31T09:47:04Z","created_at":"2026-01-31T09:41:04Z","topics":[],"owner":{"login":"SimoesCTT","html_url":"https://github.com/SimoesCTT"},"clone_url":"https://github.com/SimoesCTT/SCTT-2026-33-0004-FortiCloud-SSO-Identity-Singularity.git"},{"id":1145674135,"name":"-CTT-NSP-Convergent-Time-Theory---Network-Stack-Projection-CVE-2026-24858-","full_name":"SimoesCTT/-CTT-NSP-Convergent-Time-Theory---Network-Stack-Projection-CVE-2026-24858-","html_url":"https://github.com/SimoesCTT/-CTT-NSP-Convergent-Time-Theory---Network-Stack-Projection-CVE-2026-24858-","description":" A Proof-of-Concept demonstrating the application of 3D Navier-Stokes CTT formulations to packet flow optimization and defensive bypass.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-30T16:36:46Z","pushed_at":"2026-01-30T16:36:42Z","created_at":"2026-01-30T04:27:24Z","topics":[],"owner":{"login":"SimoesCTT","html_url":"https://github.com/SimoesCTT"},"clone_url":"https://github.com/SimoesCTT/-CTT-NSP-Convergent-Time-Theory---Network-Stack-Projection-CVE-2026-24858-.git"},{"id":1144296671,"name":"CVE-2026-24858","full_name":"m0d0ri205/CVE-2026-24858","html_url":"https://github.com/m0d0ri205/CVE-2026-24858","description":"아직 제로데이인거 같아, 공개되거나 천천히 분석할 예정....","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-01-29T14:23:21Z","pushed_at":"2026-01-29T14:23:17Z","created_at":"2026-01-28T14:34:50Z","topics":[],"owner":{"login":"m0d0ri205","html_url":"https://github.com/m0d0ri205"},"clone_url":"https://github.com/m0d0ri205/CVE-2026-24858.git"}]},{"cve_id":"CVE-2026-25047","repositories":[{"id":1146930237,"name":"deephas-1.0.7-Prototype-Pollution-PoC-CVE-2026-25047-","full_name":"mbanyamer/deephas-1.0.7-Prototype-Pollution-PoC-CVE-2026-25047-","html_url":"https://github.com/mbanyamer/deephas-1.0.7-Prototype-Pollution-PoC-CVE-2026-25047-","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-20T10:41:31Z","pushed_at":"2026-01-31T22:58:32Z","created_at":"2026-01-31T22:57:04Z","topics":[],"owner":{"login":"mbanyamer","html_url":"https://github.com/mbanyamer"},"clone_url":"https://github.com/mbanyamer/deephas-1.0.7-Prototype-Pollution-PoC-CVE-2026-25047-.git"}]},{"cve_id":"CVE-2026-25049","repositories":[{"id":1153346322,"name":"Expression-Sandbox-Escape-Simulation-Lab","full_name":"otakuliu/Expression-Sandbox-Escape-Simulation-Lab","html_url":"https://github.com/otakuliu/Expression-Sandbox-Escape-Simulation-Lab","description":"有关CVE-2026-25049做了一个模拟沙盒来理解","stargazers_count":1,"forks_count":0,"language":"JavaScript","updated_at":"2026-04-27T12:17:05Z","pushed_at":"2026-02-09T07:35:15Z","created_at":"2026-02-09T07:34:28Z","topics":[],"owner":{"login":"otakuliu","html_url":"https://github.com/otakuliu"},"clone_url":"https://github.com/otakuliu/Expression-Sandbox-Escape-Simulation-Lab.git"},{"id":1217003691,"name":"CVE-2026-25049","full_name":"0xBlackash/CVE-2026-25049","html_url":"https://github.com/0xBlackash/CVE-2026-25049","description":"CVE-2026-25049","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-21T13:46:33Z","pushed_at":"2026-04-21T13:46:30Z","created_at":"2026-04-21T12:57:00Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-25049.git"}]},{"cve_id":"CVE-2026-25050","repositories":[{"id":1151613235,"name":"CVE-2026-25050","full_name":"Christbowel/CVE-2026-25050","html_url":"https://github.com/Christbowel/CVE-2026-25050","description":"CVE-2026-25050 – Timing attack PoC enabling user enumeration via GraphQL authentication","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-03-24T15:02:39Z","pushed_at":"2026-02-06T17:30:17Z","created_at":"2026-02-06T17:24:24Z","topics":[],"owner":{"login":"Christbowel","html_url":"https://github.com/Christbowel"},"clone_url":"https://github.com/Christbowel/CVE-2026-25050.git"}]},{"cve_id":"CVE-2026-25053","repositories":[{"id":1122447685,"name":"CVE-2026-25053","full_name":"yadhukrishnam/CVE-2026-25053","html_url":"https://github.com/yadhukrishnam/CVE-2026-25053","description":"Vulnerabilities in the Git node allowed authenticated users with permission to create or modify workflows to execute arbitrary system commands or read arbitrary files on the n8n host.","stargazers_count":2,"forks_count":0,"language":"","updated_at":"2026-03-01T05:43:32Z","pushed_at":"2026-02-16T02:44:52Z","created_at":"2025-12-24T18:43:29Z","topics":[],"owner":{"login":"yadhukrishnam","html_url":"https://github.com/yadhukrishnam"},"clone_url":"https://github.com/yadhukrishnam/CVE-2026-25053.git"}]},{"cve_id":"CVE-2026-25075","repositories":[{"id":1192905194,"name":"CVE-2026-25075-check","full_name":"BishopFox/CVE-2026-25075-check","html_url":"https://github.com/BishopFox/CVE-2026-25075-check","description":"","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-04-15T09:14:13Z","pushed_at":"2026-03-26T21:01:33Z","created_at":"2026-03-26T17:16:37Z","topics":[],"owner":{"login":"BishopFox","html_url":"https://github.com/BishopFox"},"clone_url":"https://github.com/BishopFox/CVE-2026-25075-check.git"}]},{"cve_id":"CVE-2026-25099","repositories":[{"id":1194459072,"name":"CVE-2026-25099","full_name":"yahiahamza/CVE-2026-25099","html_url":"https://github.com/yahiahamza/CVE-2026-25099","description":"CVE-2026-25099 — Bludit CMS API Unrestricted File Upload to Remote Code Execution","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-28T12:31:27Z","pushed_at":"2026-03-28T12:31:24Z","created_at":"2026-03-28T11:40:29Z","topics":[],"owner":{"login":"yahiahamza","html_url":"https://github.com/yahiahamza"},"clone_url":"https://github.com/yahiahamza/CVE-2026-25099.git"}]},{"cve_id":"CVE-2026-25126","repositories":[{"id":1146515749,"name":"CVE-2026-25126","full_name":"Jvr2022/CVE-2026-25126","html_url":"https://github.com/Jvr2022/CVE-2026-25126","description":"CVE-2026-25126 Proof-of-Concept demonstrating vote count manipulation in PolarLearn due to improper runtime validation of the forum vote direction parameter. Published after upstream patch release.","stargazers_count":1,"forks_count":0,"language":"JavaScript","updated_at":"2026-01-31T09:03:26Z","pushed_at":"2026-01-31T08:09:19Z","created_at":"2026-01-31T08:07:44Z","topics":[],"owner":{"login":"Jvr2022","html_url":"https://github.com/Jvr2022"},"clone_url":"https://github.com/Jvr2022/CVE-2026-25126.git"}]},{"cve_id":"CVE-2026-25130","repositories":[{"id":1149259588,"name":"CVE-2026-25130-Cybersecurity-AI-CAI-Framework-0.5.10","full_name":"mbanyamer/CVE-2026-25130-Cybersecurity-AI-CAI-Framework-0.5.10","html_url":"https://github.com/mbanyamer/CVE-2026-25130-Cybersecurity-AI-CAI-Framework-0.5.10","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-03T22:57:17Z","pushed_at":"2026-02-03T22:57:14Z","created_at":"2026-02-03T22:56:18Z","topics":[],"owner":{"login":"mbanyamer","html_url":"https://github.com/mbanyamer"},"clone_url":"https://github.com/mbanyamer/CVE-2026-25130-Cybersecurity-AI-CAI-Framework-0.5.10.git"}]},{"cve_id":"CVE-2026-25177","repositories":[{"id":1181325458,"name":"detect_CVE-2026-25177","full_name":"danaug23/detect_CVE-2026-25177","html_url":"https://github.com/danaug23/detect_CVE-2026-25177","description":"Production-safe scanner that detects CVE-2026-25177 (AD SPN Unicode Collision) exploitation on Active Directory Domain Controllers. Read-only.","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-06T08:53:25Z","pushed_at":"2026-03-14T09:36:33Z","created_at":"2026-03-14T02:03:34Z","topics":[],"owner":{"login":"danaug23","html_url":"https://github.com/danaug23"},"clone_url":"https://github.com/danaug23/detect_CVE-2026-25177.git"}]},{"cve_id":"CVE-2026-25197","repositories":[{"id":1203481461,"name":"CVE-2026-25197","full_name":"MichaelAdamGroberman/CVE-2026-25197","html_url":"https://github.com/MichaelAdamGroberman/CVE-2026-25197","description":"CVE-2026-25197: Authorization Bypass via IDOR — Gardyn Home Kit (ICSA-26-055-03)","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-27T05:46:44Z","pushed_at":"2026-04-27T05:46:40Z","created_at":"2026-04-07T04:37:34Z","topics":["authorization-bypass","cisa","coordinated-disclosure","cve","cve-2026-25197","cwe-639","gardyn","ics-advisory","icsa-26-055-03","idor","iot-security","security-research","vu653116","vulnerability-disclosure"],"owner":{"login":"MichaelAdamGroberman","html_url":"https://github.com/MichaelAdamGroberman"},"clone_url":"https://github.com/MichaelAdamGroberman/CVE-2026-25197.git"}]},{"cve_id":"CVE-2026-25211","repositories":[{"id":1146925319,"name":"Llama-Stack-0.4.0rc3-local-CVE-2026-25211","full_name":"mbanyamer/Llama-Stack-0.4.0rc3-local-CVE-2026-25211","html_url":"https://github.com/mbanyamer/Llama-Stack-0.4.0rc3-local-CVE-2026-25211","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-20T10:41:33Z","pushed_at":"2026-01-31T22:43:28Z","created_at":"2026-01-31T22:42:09Z","topics":[],"owner":{"login":"mbanyamer","html_url":"https://github.com/mbanyamer"},"clone_url":"https://github.com/mbanyamer/Llama-Stack-0.4.0rc3-local-CVE-2026-25211.git"}]},{"cve_id":"CVE-2026-25232","repositories":[{"id":1214562295,"name":"CVE-2026-25232-PoC","full_name":"H1sok444/CVE-2026-25232-PoC","html_url":"https://github.com/H1sok444/CVE-2026-25232-PoC","description":"Proof of concept for the recent CVE-2026-25232 which is a priv esc vulnerability present in Gogs. ","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-04-19T02:02:24Z","pushed_at":"2026-04-18T18:41:14Z","created_at":"2026-04-18T18:40:54Z","topics":[],"owner":{"login":"H1sok444","html_url":"https://github.com/H1sok444"},"clone_url":"https://github.com/H1sok444/CVE-2026-25232-PoC.git"}]},{"cve_id":"CVE-2026-25242","repositories":[{"id":1162161290,"name":"CVE-2026-25242","full_name":"mindkernel/CVE-2026-25242","html_url":"https://github.com/mindkernel/CVE-2026-25242","description":"PoC for CVE-2026-25242 gogs unauthenticated file upload  ","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-19T23:49:48Z","pushed_at":"2026-02-19T23:49:48Z","created_at":"2026-02-19T23:49:48Z","topics":[],"owner":{"login":"mindkernel","html_url":"https://github.com/mindkernel"},"clone_url":"https://github.com/mindkernel/CVE-2026-25242.git"}]},{"cve_id":"CVE-2026-25253","repositories":[{"id":1142868567,"name":"moltbot-1click-rce","full_name":"ethiack/moltbot-1click-rce","html_url":"https://github.com/ethiack/moltbot-1click-rce","description":"Clawdbot/Moltbot/OpenClaw One-click RCE PoC 🦞 (CVE-2026-25253)","stargazers_count":92,"forks_count":15,"language":"Python","updated_at":"2026-04-18T15:48:24Z","pushed_at":"2026-01-27T01:32:52Z","created_at":"2026-01-27T00:11:25Z","topics":[],"owner":{"login":"ethiack","html_url":"https://github.com/ethiack"},"clone_url":"https://github.com/ethiack/moltbot-1click-rce.git"},{"id":1150364522,"name":"openclaw-security-monitor","full_name":"adibirzu/openclaw-security-monitor","html_url":"https://github.com/adibirzu/openclaw-security-monitor","description":"Proactive security monitoring for OpenClaw deployments. Detects ClawHavoc, AMOS stealer, CVE-2026-25253, memory poisoning, and supply chain attacks.","stargazers_count":39,"forks_count":5,"language":"Shell","updated_at":"2026-04-26T05:58:55Z","pushed_at":"2026-04-26T05:58:50Z","created_at":"2026-02-05T07:31:07Z","topics":[],"owner":{"login":"adibirzu","html_url":"https://github.com/adibirzu"},"clone_url":"https://github.com/adibirzu/openclaw-security-monitor.git"},{"id":1152671546,"name":"CVE-2026-25253-research","full_name":"al4n4n/CVE-2026-25253-research","html_url":"https://github.com/al4n4n/CVE-2026-25253-research","description":"","stargazers_count":7,"forks_count":1,"language":"HTML","updated_at":"2026-03-27T06:09:37Z","pushed_at":"2026-02-08T09:28:11Z","created_at":"2026-02-08T08:35:39Z","topics":[],"owner":{"login":"al4n4n","html_url":"https://github.com/al4n4n"},"clone_url":"https://github.com/al4n4n/CVE-2026-25253-research.git"},{"id":1176659401,"name":"CVE-2026-25253","full_name":"EQSTLab/CVE-2026-25253","html_url":"https://github.com/EQSTLab/CVE-2026-25253","description":"","stargazers_count":2,"forks_count":0,"language":"HTML","updated_at":"2026-04-16T12:41:56Z","pushed_at":"2026-04-16T12:41:52Z","created_at":"2026-03-09T08:43:53Z","topics":[],"owner":{"login":"EQSTLab","html_url":"https://github.com/EQSTLab"},"clone_url":"https://github.com/EQSTLab/CVE-2026-25253.git"},{"id":1163654790,"name":"openclaw_vulnerabilities_and_solutions","full_name":"FrigateCaptain/openclaw_vulnerabilities_and_solutions","html_url":"https://github.com/FrigateCaptain/openclaw_vulnerabilities_and_solutions","description":"\u003e OpenClaw security audit and hardened deployment guide — known vulnerabilities (CVE-2026-25253, malicious skills, credential leakage), architectural mitigations, and a step-by-step VPS deployment plan","stargazers_count":2,"forks_count":0,"language":"","updated_at":"2026-03-13T10:43:51Z","pushed_at":"2026-03-13T10:43:47Z","created_at":"2026-02-22T00:03:15Z","topics":["ai-agent","ai-agents","clawdbot","cybersecurity","deployment-guide","hardening-llm-security","llm-security","openclaw","security-audit","self-hosted","vps-deployment"],"owner":{"login":"FrigateCaptain","html_url":"https://github.com/FrigateCaptain"},"clone_url":"https://github.com/FrigateCaptain/openclaw_vulnerabilities_and_solutions.git"},{"id":1214288905,"name":"CVE-2026-25253","full_name":"KajzingerAkos/CVE-2026-25253","html_url":"https://github.com/KajzingerAkos/CVE-2026-25253","description":"CVE-2026-25253: One-Click RCE in OpenClaw via Auth Token Theft","stargazers_count":0,"forks_count":0,"language":"HTML","updated_at":"2026-04-18T11:20:30Z","pushed_at":"2026-04-18T11:20:26Z","created_at":"2026-04-18T11:19:03Z","topics":[],"owner":{"login":"KajzingerAkos","html_url":"https://github.com/KajzingerAkos"},"clone_url":"https://github.com/KajzingerAkos/CVE-2026-25253.git"},{"id":1144272889,"name":"start-here","full_name":"msaleme/start-here","html_url":"https://github.com/msaleme/start-here","description":"Michael Saleme — Decision Governance for Autonomous Agents. 5 DOIs, 3 NIST submissions, CVE-2026-25253, 358 security tests.","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-09T02:35:58Z","pushed_at":"2026-04-09T02:35:55Z","created_at":"2026-01-28T14:02:03Z","topics":["agentforce","ai-integration","decision-making","enterprise-architecture","mulesoft","oil-and-gas","salesforce"],"owner":{"login":"msaleme","html_url":"https://github.com/msaleme"},"clone_url":"https://github.com/msaleme/start-here.git"},{"id":1189474081,"name":"openclaw-1click-rce-env","full_name":"ZhaoymOvO/openclaw-1click-rce-env","html_url":"https://github.com/ZhaoymOvO/openclaw-1click-rce-env","description":"THIS FORK IS FOR CVE-2026-25253 TARGET DRONE DEPLOYMENT ONLY, DON'T USE IT FOR OTHER PURPOSE","stargazers_count":0,"forks_count":0,"language":"TypeScript","updated_at":"2026-03-24T09:38:33Z","pushed_at":"2026-03-24T09:29:16Z","created_at":"2026-03-23T11:04:57Z","topics":[],"owner":{"login":"ZhaoymOvO","html_url":"https://github.com/ZhaoymOvO"},"clone_url":"https://github.com/ZhaoymOvO/openclaw-1click-rce-env.git"},{"id":1162685708,"name":"moatbot-security","full_name":"Ckokoski/moatbot-security","html_url":"https://github.com/Ckokoski/moatbot-security","description":"Security-hardened AI agent platform addressing OpenClaw/Moltbot vulnerabilities (CVE-2026-25253)","stargazers_count":0,"forks_count":0,"language":"TypeScript","updated_at":"2026-02-20T15:42:25Z","pushed_at":"2026-02-20T15:42:21Z","created_at":"2026-02-20T15:13:02Z","topics":[],"owner":{"login":"Ckokoski","html_url":"https://github.com/Ckokoski"},"clone_url":"https://github.com/Ckokoski/moatbot-security.git"},{"id":1151296434,"name":"openclaw-vuln-report","full_name":"Joseph19820124/openclaw-vuln-report","html_url":"https://github.com/Joseph19820124/openclaw-vuln-report","description":"OpenClaw CVE-2026-25253 漏洞分析中文版","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-06T09:40:00Z","pushed_at":"2026-02-06T09:39:56Z","created_at":"2026-02-06T09:39:29Z","topics":[],"owner":{"login":"Joseph19820124","html_url":"https://github.com/Joseph19820124"},"clone_url":"https://github.com/Joseph19820124/openclaw-vuln-report.git"}]},{"cve_id":"CVE-2026-25512","repositories":[{"id":1150125429,"name":"CVE-2026-25512-PoC-Group-Office-Authenticated-RCE","full_name":"mbanyamer/CVE-2026-25512-PoC-Group-Office-Authenticated-RCE","html_url":"https://github.com/mbanyamer/CVE-2026-25512-PoC-Group-Office-Authenticated-RCE","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-04T23:00:34Z","pushed_at":"2026-02-04T23:00:31Z","created_at":"2026-02-04T22:59:46Z","topics":[],"owner":{"login":"mbanyamer","html_url":"https://github.com/mbanyamer"},"clone_url":"https://github.com/mbanyamer/CVE-2026-25512-PoC-Group-Office-Authenticated-RCE.git"},{"id":1149608935,"name":"CVE-2026-25512","full_name":"NumberOreo1/CVE-2026-25512","html_url":"https://github.com/NumberOreo1/CVE-2026-25512","description":"RCE - Command Injection via TNEF Attachment Handler","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-04T10:30:05Z","pushed_at":"2026-02-04T10:30:01Z","created_at":"2026-02-04T10:05:21Z","topics":[],"owner":{"login":"NumberOreo1","html_url":"https://github.com/NumberOreo1"},"clone_url":"https://github.com/NumberOreo1/CVE-2026-25512.git"}]},{"cve_id":"CVE-2026-25513","repositories":[{"id":1208065127,"name":"CVE-2026-25513","full_name":"lukasz-rybak/CVE-2026-25513","html_url":"https://github.com/lukasz-rybak/CVE-2026-25513","description":"CVE-2026-25513 - FacturaScripts has SQL Injection in API ORDER BY Clause","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-11T19:22:13Z","pushed_at":"2026-04-11T19:22:06Z","created_at":"2026-04-11T19:14:24Z","topics":[],"owner":{"login":"lukasz-rybak","html_url":"https://github.com/lukasz-rybak"},"clone_url":"https://github.com/lukasz-rybak/CVE-2026-25513.git"}]},{"cve_id":"CVE-2026-25514","repositories":[{"id":1208065171,"name":"CVE-2026-25514","full_name":"lukasz-rybak/CVE-2026-25514","html_url":"https://github.com/lukasz-rybak/CVE-2026-25514","description":"CVE-2026-25514 - FacturaScripts has SQL Injection in Autocomplete Actions","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-11T19:22:12Z","pushed_at":"2026-04-11T19:22:09Z","created_at":"2026-04-11T19:14:29Z","topics":[],"owner":{"login":"lukasz-rybak","html_url":"https://github.com/lukasz-rybak"},"clone_url":"https://github.com/lukasz-rybak/CVE-2026-25514.git"}]},{"cve_id":"CVE-2026-25526","repositories":[{"id":1154384232,"name":"jinjava-cve-2026-25526-poc","full_name":"av4nth1ka/jinjava-cve-2026-25526-poc","html_url":"https://github.com/av4nth1ka/jinjava-cve-2026-25526-poc","description":"lab setup + exploits for CVE-2026-25526","stargazers_count":1,"forks_count":0,"language":"Java","updated_at":"2026-02-26T13:15:41Z","pushed_at":"2026-02-12T11:31:26Z","created_at":"2026-02-10T10:24:52Z","topics":["cve","cve-2026-25526","java","jinjava"],"owner":{"login":"av4nth1ka","html_url":"https://github.com/av4nth1ka"},"clone_url":"https://github.com/av4nth1ka/jinjava-cve-2026-25526-poc.git"}]},{"cve_id":"CVE-2026-25546","repositories":[{"id":1150115684,"name":"CVE-2026-25546-godot-mcp-0.1.1-OS-Command-Injection","full_name":"mbanyamer/CVE-2026-25546-godot-mcp-0.1.1-OS-Command-Injection","html_url":"https://github.com/mbanyamer/CVE-2026-25546-godot-mcp-0.1.1-OS-Command-Injection","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-04T22:49:30Z","pushed_at":"2026-02-04T22:49:26Z","created_at":"2026-02-04T22:37:41Z","topics":[],"owner":{"login":"mbanyamer","html_url":"https://github.com/mbanyamer"},"clone_url":"https://github.com/mbanyamer/CVE-2026-25546-godot-mcp-0.1.1-OS-Command-Injection.git"}]},{"cve_id":"CVE-2026-25548","repositories":[{"id":1182545012,"name":"CVE-2026-25548","full_name":"lagathos/CVE-2026-25548","html_url":"https://github.com/lagathos/CVE-2026-25548","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-15T17:39:08Z","pushed_at":"2026-03-15T17:39:05Z","created_at":"2026-03-15T17:01:07Z","topics":[],"owner":{"login":"lagathos","html_url":"https://github.com/lagathos"},"clone_url":"https://github.com/lagathos/CVE-2026-25548.git"}]},{"cve_id":"CVE-2026-25594","repositories":[{"id":1182589524,"name":"CVE-2026-25594","full_name":"lagathos/CVE-2026-25594","html_url":"https://github.com/lagathos/CVE-2026-25594","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-15T18:09:32Z","pushed_at":"2026-03-15T18:09:29Z","created_at":"2026-03-15T18:09:01Z","topics":[],"owner":{"login":"lagathos","html_url":"https://github.com/lagathos"},"clone_url":"https://github.com/lagathos/CVE-2026-25594.git"}]},{"cve_id":"CVE-2026-25595","repositories":[{"id":1182590057,"name":"CVE-2026-25595","full_name":"lagathos/CVE-2026-25595","html_url":"https://github.com/lagathos/CVE-2026-25595","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-15T18:10:11Z","pushed_at":"2026-03-15T18:10:08Z","created_at":"2026-03-15T18:09:55Z","topics":[],"owner":{"login":"lagathos","html_url":"https://github.com/lagathos"},"clone_url":"https://github.com/lagathos/CVE-2026-25595.git"}]},{"cve_id":"CVE-2026-25596","repositories":[{"id":1182590472,"name":"CVE-2026-25596","full_name":"lagathos/CVE-2026-25596","html_url":"https://github.com/lagathos/CVE-2026-25596","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-15T18:10:46Z","pushed_at":"2026-03-15T18:10:43Z","created_at":"2026-03-15T18:10:29Z","topics":[],"owner":{"login":"lagathos","html_url":"https://github.com/lagathos"},"clone_url":"https://github.com/lagathos/CVE-2026-25596.git"}]},{"cve_id":"CVE-2026-25604","repositories":[{"id":1217528713,"name":"CVE-2026-25604-PoC","full_name":"John-Jung/CVE-2026-25604-PoC","html_url":"https://github.com/John-Jung/CVE-2026-25604-PoC","description":"A PoC for demonstrating CVE-2026-25604","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-22T01:41:58Z","pushed_at":"2026-04-22T01:41:55Z","created_at":"2026-04-22T01:22:04Z","topics":[],"owner":{"login":"John-Jung","html_url":"https://github.com/John-Jung"},"clone_url":"https://github.com/John-Jung/CVE-2026-25604-PoC.git"}]},{"cve_id":"CVE-2026-25643","repositories":[{"id":1166075340,"name":"CVE-2026-25643","full_name":"joshuavanderpoll/CVE-2026-25643","html_url":"https://github.com/joshuavanderpoll/CVE-2026-25643","description":"CVE-2026-25643: Frigate ≤0.16.3 Blind RCE via go2rtc exec injection","stargazers_count":5,"forks_count":0,"language":"Python","updated_at":"2026-04-03T07:15:10Z","pushed_at":"2026-02-24T21:34:55Z","created_at":"2026-02-24T21:14:24Z","topics":["cve","cve-2026-25643","exploit","exploits","frigate","pentest-tool","pentesting","python","rce","security","security-tools","vulnerabilities","vulnerability"],"owner":{"login":"joshuavanderpoll","html_url":"https://github.com/joshuavanderpoll"},"clone_url":"https://github.com/joshuavanderpoll/CVE-2026-25643.git"},{"id":1175517671,"name":"CVE-2026-25643","full_name":"DyniePro/CVE-2026-25643","html_url":"https://github.com/DyniePro/CVE-2026-25643","description":"Exploit Frigate NVR ≤0.16.3 to execute commands remotely by abusing a configuration flaw without needing shell access or output capture.","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-04-29T12:06:10Z","pushed_at":"2026-04-29T12:06:06Z","created_at":"2026-03-07T20:23:08Z","topics":["cve","cve-2026-25643","exploit","frigate","pentest-tool","pentesting","python","rce","security","vulnerabilities","vulnerability"],"owner":{"login":"DyniePro","html_url":"https://github.com/DyniePro"},"clone_url":"https://github.com/DyniePro/CVE-2026-25643.git"},{"id":1150930488,"name":"CVE-2026-25643-Frigate-RCE","full_name":"jduardo2704/CVE-2026-25643-Frigate-RCE","html_url":"https://github.com/jduardo2704/CVE-2026-25643-Frigate-RCE","description":"","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-04-20T08:38:11Z","pushed_at":"2026-02-05T21:31:30Z","created_at":"2026-02-05T21:23:22Z","topics":[],"owner":{"login":"jduardo2704","html_url":"https://github.com/jduardo2704"},"clone_url":"https://github.com/jduardo2704/CVE-2026-25643-Frigate-RCE.git"}]},{"cve_id":"CVE-2026-25676","repositories":[{"id":1157607226,"name":"cve-2026-25676","full_name":"Nexxus67/cve-2026-25676","html_url":"https://github.com/Nexxus67/cve-2026-25676","description":"","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-07T18:04:16Z","pushed_at":"2026-02-14T03:08:01Z","created_at":"2026-02-14T03:02:50Z","topics":[],"owner":{"login":"Nexxus67","html_url":"https://github.com/Nexxus67"},"clone_url":"https://github.com/Nexxus67/cve-2026-25676.git"}]},{"cve_id":"CVE-2026-25731","repositories":[{"id":1151358112,"name":"CVE-2026-25731","full_name":"dxlerYT/CVE-2026-25731","html_url":"https://github.com/dxlerYT/CVE-2026-25731","description":"Proof of Concept for a Server-Side Template Injection (SSTI) vulnerability in Calibre’s Templite engine (GHSA-xrh9-w7qx-3gcc). Demonstrates arbitrary Python code execution via user-supplied HTML export templates in affected versions (≤ 9.1.0).","stargazers_count":5,"forks_count":0,"language":"","updated_at":"2026-04-25T02:27:56Z","pushed_at":"2026-02-07T21:36:58Z","created_at":"2026-02-06T11:14:08Z","topics":[],"owner":{"login":"dxlerYT","html_url":"https://github.com/dxlerYT"},"clone_url":"https://github.com/dxlerYT/CVE-2026-25731.git"}]},{"cve_id":"CVE-2026-25732","repositories":[{"id":1152718279,"name":"CVE-2026-25732-NiceGUI-3.6.1","full_name":"mbanyamer/CVE-2026-25732-NiceGUI-3.6.1","html_url":"https://github.com/mbanyamer/CVE-2026-25732-NiceGUI-3.6.1","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-08T12:07:01Z","pushed_at":"2026-02-08T12:06:57Z","created_at":"2026-02-08T10:18:51Z","topics":[],"owner":{"login":"mbanyamer","html_url":"https://github.com/mbanyamer"},"clone_url":"https://github.com/mbanyamer/CVE-2026-25732-NiceGUI-3.6.1.git"}]},{"cve_id":"CVE-2026-25746","repositories":[{"id":1148937975,"name":"CVE-2026-25746_SqlInjectionVulnerabilityOpenEMR7.0.4","full_name":"ChrisSub08/CVE-2026-25746_SqlInjectionVulnerabilityOpenEMR7.0.4","html_url":"https://github.com/ChrisSub08/CVE-2026-25746_SqlInjectionVulnerabilityOpenEMR7.0.4","description":"CVE-2026-25746 - SQL Injection Vulnerability in OpenEMR \u003c8.0.0","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-25T08:47:30Z","pushed_at":"2026-03-25T08:47:26Z","created_at":"2026-02-03T14:41:25Z","topics":["cve","cve-2026-25746","exploit","openemr","openemr-exploit","openemr-vulnerability","sql-injection","sqli","vulnerability"],"owner":{"login":"ChrisSub08","html_url":"https://github.com/ChrisSub08"},"clone_url":"https://github.com/ChrisSub08/CVE-2026-25746_SqlInjectionVulnerabilityOpenEMR7.0.4.git"}]},{"cve_id":"CVE-2026-25747","repositories":[{"id":1153427497,"name":"CVE-2026-25747","full_name":"oscerd/CVE-2026-25747","html_url":"https://github.com/oscerd/CVE-2026-25747","description":"CVE-2026-25747 - Camel LevelDB Deserialization Vulnerability","stargazers_count":0,"forks_count":0,"language":"Java","updated_at":"2026-02-18T10:26:03Z","pushed_at":"2026-02-09T09:37:56Z","created_at":"2026-02-09T09:37:26Z","topics":[],"owner":{"login":"oscerd","html_url":"https://github.com/oscerd"},"clone_url":"https://github.com/oscerd/CVE-2026-25747.git"}]},{"cve_id":"CVE-2026-25755","repositories":[{"id":1165493970,"name":"jsPDF-Object-Injection","full_name":"absholi7ly/jsPDF-Object-Injection","html_url":"https://github.com/absholi7ly/jsPDF-Object-Injection","description":"CVE-2026-25755 A critical PDF Object Injection vulnerability in jsPDF allows attackers to inject arbitrary PDF objects through the addJS() function, enabling AcroJS sandbox bypass and automatic script execution when PDFs are opened.","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-24T08:56:10Z","pushed_at":"2026-02-24T08:56:04Z","created_at":"2026-02-24T08:18:41Z","topics":[],"owner":{"login":"absholi7ly","html_url":"https://github.com/absholi7ly"},"clone_url":"https://github.com/absholi7ly/jsPDF-Object-Injection.git"}]},{"cve_id":"CVE-2026-2576","repositories":[{"id":1193152600,"name":"CVE_2026_2576_PoC","full_name":"SowatKheang/CVE_2026_2576_PoC","html_url":"https://github.com/SowatKheang/CVE_2026_2576_PoC","description":"CVE-2026-2576 — Business Directory Plugin SQLi PoC (Local Setup). Unauthenticated Time-Based Blind SQL Injection Business Directory Plugin for WordPress ≤ 6.4.21","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-27T00:03:40Z","pushed_at":"2026-03-27T00:03:37Z","created_at":"2026-03-26T23:37:39Z","topics":[],"owner":{"login":"SowatKheang","html_url":"https://github.com/SowatKheang"},"clone_url":"https://github.com/SowatKheang/CVE_2026_2576_PoC.git"}]},{"cve_id":"CVE-2026-25769","repositories":[{"id":1155639382,"name":"CVE-2026-25769","full_name":"hakaioffsec/CVE-2026-25769","html_url":"https://github.com/hakaioffsec/CVE-2026-25769","description":"Remote Code Execution via Insecure Deserialization in Wazuh Cluster ","stargazers_count":39,"forks_count":8,"language":"Python","updated_at":"2026-04-13T01:42:50Z","pushed_at":"2026-03-17T19:59:33Z","created_at":"2026-02-11T18:29:02Z","topics":[],"owner":{"login":"hakaioffsec","html_url":"https://github.com/hakaioffsec"},"clone_url":"https://github.com/hakaioffsec/CVE-2026-25769.git"},{"id":1209259358,"name":"CVE-2026-25769","full_name":"0xBlackash/CVE-2026-25769","html_url":"https://github.com/0xBlackash/CVE-2026-25769","description":"CVE-2026-25769","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-13T08:58:59Z","pushed_at":"2026-04-13T08:58:56Z","created_at":"2026-04-13T08:46:54Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-25769.git"},{"id":1201944490,"name":"CVE-2026-25769","full_name":"njeru-codes/CVE-2026-25769","html_url":"https://github.com/njeru-codes/CVE-2026-25769","description":"POC for deserialization of untrusted data in wazuh leading to RCE","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-05T11:45:52Z","pushed_at":"2026-04-05T11:45:48Z","created_at":"2026-04-05T11:31:47Z","topics":[],"owner":{"login":"njeru-codes","html_url":"https://github.com/njeru-codes"},"clone_url":"https://github.com/njeru-codes/CVE-2026-25769.git"},{"id":1187946935,"name":"CVE-2026-25769---CVE-2026-25770","full_name":"Samres27/CVE-2026-25769---CVE-2026-25770","html_url":"https://github.com/Samres27/CVE-2026-25769---CVE-2026-25770","description":"repo con las pruebas de concepto","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-21T12:09:24Z","pushed_at":"2026-03-21T12:09:21Z","created_at":"2026-03-21T12:09:05Z","topics":[],"owner":{"login":"Samres27","html_url":"https://github.com/Samres27"},"clone_url":"https://github.com/Samres27/CVE-2026-25769---CVE-2026-25770.git"}]},{"cve_id":"CVE-2026-25770","repositories":[{"id":1187946935,"name":"CVE-2026-25769---CVE-2026-25770","full_name":"Samres27/CVE-2026-25769---CVE-2026-25770","html_url":"https://github.com/Samres27/CVE-2026-25769---CVE-2026-25770","description":"repo con las pruebas de concepto","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-21T12:09:24Z","pushed_at":"2026-03-21T12:09:21Z","created_at":"2026-03-21T12:09:05Z","topics":[],"owner":{"login":"Samres27","html_url":"https://github.com/Samres27"},"clone_url":"https://github.com/Samres27/CVE-2026-25769---CVE-2026-25770.git"}]},{"cve_id":"CVE-2026-25807","repositories":[{"id":1154111630,"name":"CVE-2026-25807-Exploit","full_name":"ibrahmsql/CVE-2026-25807-Exploit","html_url":"https://github.com/ibrahmsql/CVE-2026-25807-Exploit","description":"CVE-2026-25807  Unauthenticated Remote Code Execution via P2P Sharing in ZAI-Shell Exploit and PoC","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-03-28T15:21:06Z","pushed_at":"2026-02-10T03:03:43Z","created_at":"2026-02-10T02:54:13Z","topics":[],"owner":{"login":"ibrahmsql","html_url":"https://github.com/ibrahmsql"},"clone_url":"https://github.com/ibrahmsql/CVE-2026-25807-Exploit.git"}]},{"cve_id":"CVE-2026-25854","repositories":[{"id":1175838181,"name":"cve-2026-25854","full_name":"gregk4sec/cve-2026-25854","html_url":"https://github.com/gregk4sec/cve-2026-25854","description":"","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-04-12T09:13:16Z","pushed_at":"2026-04-12T09:06:38Z","created_at":"2026-03-08T08:40:17Z","topics":[],"owner":{"login":"gregk4sec","html_url":"https://github.com/gregk4sec"},"clone_url":"https://github.com/gregk4sec/cve-2026-25854.git"}]},{"cve_id":"CVE-2026-25890","repositories":[{"id":1162086192,"name":"CVE-2026-25890-FileBrowser-Access-Control-Bypass","full_name":"mbanyamer/CVE-2026-25890-FileBrowser-Access-Control-Bypass","html_url":"https://github.com/mbanyamer/CVE-2026-25890-FileBrowser-Access-Control-Bypass","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-19T21:22:12Z","pushed_at":"2026-02-19T21:22:08Z","created_at":"2026-02-19T21:20:27Z","topics":[],"owner":{"login":"mbanyamer","html_url":"https://github.com/mbanyamer"},"clone_url":"https://github.com/mbanyamer/CVE-2026-25890-FileBrowser-Access-Control-Bypass.git"}]},{"cve_id":"CVE-2026-25895","repositories":[{"id":1220398537,"name":"FUXAPWN","full_name":"Hann1bl3L3ct3r/FUXAPWN","html_url":"https://github.com/Hann1bl3L3ct3r/FUXAPWN","description":"POC exploit for CVE-2026-25895 FUXA Unauthenticated Path Traversal -\u003e Arbitrary File Write -\u003e RCE","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-24T21:30:36Z","pushed_at":"2026-04-24T21:30:33Z","created_at":"2026-04-24T21:26:44Z","topics":[],"owner":{"login":"Hann1bl3L3ct3r","html_url":"https://github.com/Hann1bl3L3ct3r"},"clone_url":"https://github.com/Hann1bl3L3ct3r/FUXAPWN.git"}]},{"cve_id":"CVE-2026-25916","repositories":[{"id":1153455916,"name":"CVE-2026-25916-Roundcube-Webmail-DOM-based-XSS-Exploit-via-SVG-href-Attribute","full_name":"mbanyamer/CVE-2026-25916-Roundcube-Webmail-DOM-based-XSS-Exploit-via-SVG-href-Attribute","html_url":"https://github.com/mbanyamer/CVE-2026-25916-Roundcube-Webmail-DOM-based-XSS-Exploit-via-SVG-href-Attribute","description":"","stargazers_count":3,"forks_count":1,"language":"Python","updated_at":"2026-04-27T03:43:04Z","pushed_at":"2026-02-09T10:20:38Z","created_at":"2026-02-09T10:17:48Z","topics":[],"owner":{"login":"mbanyamer","html_url":"https://github.com/mbanyamer"},"clone_url":"https://github.com/mbanyamer/CVE-2026-25916-Roundcube-Webmail-DOM-based-XSS-Exploit-via-SVG-href-Attribute.git"}]},{"cve_id":"CVE-2026-25924","repositories":[{"id":1157115324,"name":"CVE-2026-25924","full_name":"drkim-dev/CVE-2026-25924","html_url":"https://github.com/drkim-dev/CVE-2026-25924","description":"CVE-2026-25924 | Kanboad Exploit ","stargazers_count":2,"forks_count":2,"language":"PHP","updated_at":"2026-04-23T04:55:11Z","pushed_at":"2026-02-17T16:12:53Z","created_at":"2026-02-13T12:57:21Z","topics":[],"owner":{"login":"drkim-dev","html_url":"https://github.com/drkim-dev"},"clone_url":"https://github.com/drkim-dev/CVE-2026-25924.git"}]},{"cve_id":"CVE-2026-25939","repositories":[{"id":1154396057,"name":"CVE-2026-25939-SCADA-FUXA-Unauthenticated-Remote-Arbitrary","full_name":"mbanyamer/CVE-2026-25939-SCADA-FUXA-Unauthenticated-Remote-Arbitrary","html_url":"https://github.com/mbanyamer/CVE-2026-25939-SCADA-FUXA-Unauthenticated-Remote-Arbitrary","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-10T10:47:58Z","pushed_at":"2026-02-10T10:47:54Z","created_at":"2026-02-10T10:41:44Z","topics":[],"owner":{"login":"mbanyamer","html_url":"https://github.com/mbanyamer"},"clone_url":"https://github.com/mbanyamer/CVE-2026-25939-SCADA-FUXA-Unauthenticated-Remote-Arbitrary.git"}]},{"cve_id":"CVE-2026-25940","repositories":[{"id":1170340021,"name":"CVE-2026-25940","full_name":"dajneem23/CVE-2026-25940","html_url":"https://github.com/dajneem23/CVE-2026-25940","description":"","stargazers_count":0,"forks_count":0,"language":"HTML","updated_at":"2026-03-02T02:32:20Z","pushed_at":"2026-03-02T02:32:17Z","created_at":"2026-03-02T02:32:14Z","topics":[],"owner":{"login":"dajneem23","html_url":"https://github.com/dajneem23"},"clone_url":"https://github.com/dajneem23/CVE-2026-25940.git"}]},{"cve_id":"CVE-2026-25961","repositories":[{"id":1154306774,"name":"CVE-2026-25961-SumatraPDF-3.5.0---3.5.2-RCE","full_name":"mbanyamer/CVE-2026-25961-SumatraPDF-3.5.0---3.5.2-RCE","html_url":"https://github.com/mbanyamer/CVE-2026-25961-SumatraPDF-3.5.0---3.5.2-RCE","description":"SumatraPDF versions 3.5.0 to 3.5.2 disable TLS hostname verification during update checks #   (using INTERNET_FLAG_IGNORE_CERT_CN_INVALID) and do not perform any signature or integrity #   validation on the downloaded installer.","stargazers_count":1,"forks_count":1,"language":"Python","updated_at":"2026-03-20T01:28:04Z","pushed_at":"2026-02-10T08:40:08Z","created_at":"2026-02-10T08:36:32Z","topics":[],"owner":{"login":"mbanyamer","html_url":"https://github.com/mbanyamer"},"clone_url":"https://github.com/mbanyamer/CVE-2026-25961-SumatraPDF-3.5.0---3.5.2-RCE.git"}]},{"cve_id":"CVE-2026-25964","repositories":[{"id":1160171678,"name":"CVE-2026-25964","full_name":"drkim-dev/CVE-2026-25964","html_url":"https://github.com/drkim-dev/CVE-2026-25964","description":"CVE-2026-25964 | Tandoor Recipes LFI","stargazers_count":2,"forks_count":1,"language":"Shell","updated_at":"2026-03-05T16:37:54Z","pushed_at":"2026-02-17T16:33:26Z","created_at":"2026-02-17T16:17:43Z","topics":[],"owner":{"login":"drkim-dev","html_url":"https://github.com/drkim-dev"},"clone_url":"https://github.com/drkim-dev/CVE-2026-25964.git"}]},{"cve_id":"CVE-2026-25991","repositories":[{"id":1160184927,"name":"CVE-2026-25991","full_name":"drkim-dev/CVE-2026-25991","html_url":"https://github.com/drkim-dev/CVE-2026-25991","description":"CVE-2026-25991 | Tandoor Recipes SSRF","stargazers_count":2,"forks_count":1,"language":"","updated_at":"2026-03-18T06:22:27Z","pushed_at":"2026-03-18T06:22:24Z","created_at":"2026-02-17T16:34:33Z","topics":[],"owner":{"login":"drkim-dev","html_url":"https://github.com/drkim-dev"},"clone_url":"https://github.com/drkim-dev/CVE-2026-25991.git"}]},{"cve_id":"CVE-2026-25994","repositories":[{"id":1203350268,"name":"cve-2026-25994_PJSIP","full_name":"VABISMO/cve-2026-25994_PJSIP","html_url":"https://github.com/VABISMO/cve-2026-25994_PJSIP","description":"PJSIP cve-2026-25994 BUFFER OVERFLOW POC","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-04-15T19:30:28Z","pushed_at":"2026-04-08T17:23:07Z","created_at":"2026-04-07T00:54:30Z","topics":["buffer-overflow","cve","cve-scanning","dos-attack","exploit"],"owner":{"login":"VABISMO","html_url":"https://github.com/VABISMO"},"clone_url":"https://github.com/VABISMO/cve-2026-25994_PJSIP.git"}]},{"cve_id":"CVE-2026-2600","repositories":[{"id":1216240382,"name":"CVE-2026-2600-POC","full_name":"FOLKS-iwd/CVE-2026-2600-POC","html_url":"https://github.com/FOLKS-iwd/CVE-2026-2600-POC","description":"CVE-2026-2600 PoC - ElementsKit Elementor Addons \u003c= 3.7.9 Stored XSS (Contributor+)","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-20T21:38:25Z","pushed_at":"2026-04-20T18:14:11Z","created_at":"2026-04-20T17:55:49Z","topics":[],"owner":{"login":"FOLKS-iwd","html_url":"https://github.com/FOLKS-iwd"},"clone_url":"https://github.com/FOLKS-iwd/CVE-2026-2600-POC.git"}]},{"cve_id":"CVE-2026-26012","repositories":[{"id":1159101450,"name":"CVE-2026-26012","full_name":"Dulieno/CVE-2026-26012","html_url":"https://github.com/Dulieno/CVE-2026-26012","description":"CVE-2026-26012 — Proof of Concept Vaultwarden — Full Cipher Enumeration Ignoring Organization Collection Permissions","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-02-17T10:42:32Z","pushed_at":"2026-02-17T10:42:29Z","created_at":"2026-02-16T10:14:06Z","topics":[],"owner":{"login":"Dulieno","html_url":"https://github.com/Dulieno"},"clone_url":"https://github.com/Dulieno/CVE-2026-26012.git"},{"id":1160695720,"name":"CVE-2026-26012","full_name":"diegobaelen/CVE-2026-26012","html_url":"https://github.com/diegobaelen/CVE-2026-26012","description":"CVE-2026-26012 - Vaultwarden - Authentified Organization Collection Permissions Bypass \u0026 Cipher Enumeration ","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-18T11:17:56Z","pushed_at":"2026-02-18T11:16:55Z","created_at":"2026-02-18T09:05:00Z","topics":[],"owner":{"login":"diegobaelen","html_url":"https://github.com/diegobaelen"},"clone_url":"https://github.com/diegobaelen/CVE-2026-26012.git"}]},{"cve_id":"CVE-2026-26026","repositories":[{"id":1218037364,"name":"CVE-2026-26026-PoC","full_name":"CEAarab/CVE-2026-26026-PoC","html_url":"https://github.com/CEAarab/CVE-2026-26026-PoC","description":"","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-04-22T13:23:05Z","pushed_at":"2026-04-22T13:23:01Z","created_at":"2026-04-22T13:21:45Z","topics":[],"owner":{"login":"CEAarab","html_url":"https://github.com/CEAarab"},"clone_url":"https://github.com/CEAarab/CVE-2026-26026-PoC.git"}]},{"cve_id":"CVE-2026-26030","repositories":[{"id":1165890005,"name":"CVE-2026-26030-Microsoft-Semantic-Kernel-1.39.4-RCE","full_name":"mbanyamer/CVE-2026-26030-Microsoft-Semantic-Kernel-1.39.4-RCE","html_url":"https://github.com/mbanyamer/CVE-2026-26030-Microsoft-Semantic-Kernel-1.39.4-RCE","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-24T16:58:19Z","pushed_at":"2026-02-24T16:57:56Z","created_at":"2026-02-24T16:50:25Z","topics":[],"owner":{"login":"mbanyamer","html_url":"https://github.com/mbanyamer"},"clone_url":"https://github.com/mbanyamer/CVE-2026-26030-Microsoft-Semantic-Kernel-1.39.4-RCE.git"}]},{"cve_id":"CVE-2026-26118","repositories":[{"id":1184496656,"name":"mcp-attack-detection-sentinel","full_name":"j-dahl7/mcp-attack-detection-sentinel","html_url":"https://github.com/j-dahl7/mcp-attack-detection-sentinel","description":"Sentinel detection lab for MCP attack chains: CVE-2026-26118 SSRF token theft, tool poisoning, cross-server exfiltration, identity post-exploitation. Maps to OWASP Agentic Top 10. 5 analytics rules, 7 hunting queries, workbook. Companion to nineliveszerotrust.com.","stargazers_count":1,"forks_count":1,"language":"PowerShell","updated_at":"2026-03-27T22:05:38Z","pushed_at":"2026-03-17T16:46:39Z","created_at":"2026-03-17T16:37:53Z","topics":[],"owner":{"login":"j-dahl7","html_url":"https://github.com/j-dahl7"},"clone_url":"https://github.com/j-dahl7/mcp-attack-detection-sentinel.git"}]},{"cve_id":"CVE-2026-26198","repositories":[{"id":1214857030,"name":"CVE-2026-26198","full_name":"NetVanguard-cmd/CVE-2026-26198","html_url":"https://github.com/NetVanguard-cmd/CVE-2026-26198","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-19T06:21:48Z","pushed_at":"2026-04-19T06:21:45Z","created_at":"2026-04-19T06:21:44Z","topics":[],"owner":{"login":"NetVanguard-cmd","html_url":"https://github.com/NetVanguard-cmd"},"clone_url":"https://github.com/NetVanguard-cmd/CVE-2026-26198.git"},{"id":1191655539,"name":"CVE-2026-26198-analysis","full_name":"sergicortesabadia/CVE-2026-26198-analysis","html_url":"https://github.com/sergicortesabadia/CVE-2026-26198-analysis","description":"Deep dive into a critical SQL injection in Python's Ormar ORM — reproduction, fix, and tests","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-25T13:37:30Z","pushed_at":"2026-03-25T13:37:26Z","created_at":"2026-03-25T13:09:40Z","topics":[],"owner":{"login":"sergicortesabadia","html_url":"https://github.com/sergicortesabadia"},"clone_url":"https://github.com/sergicortesabadia/CVE-2026-26198-analysis.git"}]},{"cve_id":"CVE-2026-26215","repositories":[{"id":1155916109,"name":"-CVE-2026-26215-manga-image-translator-RCE","full_name":"mbanyamer/-CVE-2026-26215-manga-image-translator-RCE","html_url":"https://github.com/mbanyamer/-CVE-2026-26215-manga-image-translator-RCE","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-12T03:40:53Z","pushed_at":"2026-02-12T03:40:50Z","created_at":"2026-02-12T03:39:42Z","topics":[],"owner":{"login":"mbanyamer","html_url":"https://github.com/mbanyamer"},"clone_url":"https://github.com/mbanyamer/-CVE-2026-26215-manga-image-translator-RCE.git"}]},{"cve_id":"CVE-2026-26221","repositories":[{"id":1160677858,"name":"CVE-2026-26221-Hyland-OnBase-Timer-Service-Unauthenticated-RCE","full_name":"mbanyamer/CVE-2026-26221-Hyland-OnBase-Timer-Service-Unauthenticated-RCE","html_url":"https://github.com/mbanyamer/CVE-2026-26221-Hyland-OnBase-Timer-Service-Unauthenticated-RCE","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-18T08:38:52Z","pushed_at":"2026-02-18T08:38:48Z","created_at":"2026-02-18T08:36:53Z","topics":[],"owner":{"login":"mbanyamer","html_url":"https://github.com/mbanyamer"},"clone_url":"https://github.com/mbanyamer/CVE-2026-26221-Hyland-OnBase-Timer-Service-Unauthenticated-RCE.git"}]},{"cve_id":"CVE-2026-26235","repositories":[{"id":1156082295,"name":"CVE-2026-26235-JUNG-Smart-Visu-Server-Unauthenticated-Reboot-Shutdown","full_name":"mbanyamer/CVE-2026-26235-JUNG-Smart-Visu-Server-Unauthenticated-Reboot-Shutdown","html_url":"https://github.com/mbanyamer/CVE-2026-26235-JUNG-Smart-Visu-Server-Unauthenticated-Reboot-Shutdown","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-12T08:40:38Z","pushed_at":"2026-02-12T08:40:34Z","created_at":"2026-02-12T08:38:41Z","topics":[],"owner":{"login":"mbanyamer","html_url":"https://github.com/mbanyamer"},"clone_url":"https://github.com/mbanyamer/CVE-2026-26235-JUNG-Smart-Visu-Server-Unauthenticated-Reboot-Shutdown.git"}]},{"cve_id":"CVE-2026-2631","repositories":[{"id":1213839664,"name":"Mass-Scanner-CVE-2026-2631","full_name":"AnggaTechI/Mass-Scanner-CVE-2026-2631","html_url":"https://github.com/AnggaTechI/Mass-Scanner-CVE-2026-2631","description":"Async mass-checker for authorized internal testing of CVE-2026-2631 exposure.","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-04-17T21:14:45Z","pushed_at":"2026-04-17T20:24:30Z","created_at":"2026-04-17T20:20:58Z","topics":[],"owner":{"login":"AnggaTechI","html_url":"https://github.com/AnggaTechI"},"clone_url":"https://github.com/AnggaTechI/Mass-Scanner-CVE-2026-2631.git"},{"id":1187050172,"name":"CVE-2026-2631","full_name":"Nxploited/CVE-2026-2631","html_url":"https://github.com/Nxploited/CVE-2026-2631","description":"Datalogics Ecommerce Delivery – Datalogics \u003c 2.6.60 - Unauthenticated Privilege Escalation","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-14T22:53:13Z","pushed_at":"2026-03-20T09:35:32Z","created_at":"2026-03-20T09:32:15Z","topics":[],"owner":{"login":"Nxploited","html_url":"https://github.com/Nxploited"},"clone_url":"https://github.com/Nxploited/CVE-2026-2631.git"}]},{"cve_id":"CVE-2026-26331","repositories":[{"id":1164069736,"name":"CVE-2026-26331","full_name":"dxlerYT/CVE-2026-26331","html_url":"https://github.com/dxlerYT/CVE-2026-26331","description":"Proof of Concept for an arbitrary command injection vulnerability in yt-dlp’s --netrc-cmd option (GHSA-g3gw-q23r-pgqm / CVE-2026-26331). Demonstrates shell command execution via maliciously crafted URLs in affected versions (≥ 2023.06.21, \u003c 2026.02.21).","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-02-22T15:51:14Z","pushed_at":"2026-02-22T15:45:28Z","created_at":"2026-02-22T15:42:57Z","topics":[],"owner":{"login":"dxlerYT","html_url":"https://github.com/dxlerYT"},"clone_url":"https://github.com/dxlerYT/CVE-2026-26331.git"}]},{"cve_id":"CVE-2026-26335","repositories":[{"id":1157720826,"name":"CVE-2026-26335-Calero-VeraSMART-RCE","full_name":"mbanyamer/CVE-2026-26335-Calero-VeraSMART-RCE","html_url":"https://github.com/mbanyamer/CVE-2026-26335-Calero-VeraSMART-RCE","description":"","stargazers_count":0,"forks_count":1,"language":"Python","updated_at":"2026-02-14T07:35:29Z","pushed_at":"2026-02-14T07:35:26Z","created_at":"2026-02-14T07:25:30Z","topics":[],"owner":{"login":"mbanyamer","html_url":"https://github.com/mbanyamer"},"clone_url":"https://github.com/mbanyamer/CVE-2026-26335-Calero-VeraSMART-RCE.git"}]},{"cve_id":"CVE-2026-2636","repositories":[{"id":1167790479,"name":"CVE-2026-2636_PoC","full_name":"oxfemale/CVE-2026-2636_PoC","html_url":"https://github.com/oxfemale/CVE-2026-2636_PoC","description":"**CVE-2026-2636** is a vulnerability in the Windows Common Log File System (CLFS) driver (`CLFS.sys`). An unprivileged user can trigger an unrecoverable system state by calling the `ReadFile` API on a handle opened via `CreateLogFile`. This results in a Blue Screen of Death (BSoD), leading to a denial of service (DoS)","stargazers_count":11,"forks_count":2,"language":"C++","updated_at":"2026-04-14T05:18:32Z","pushed_at":"2026-02-26T17:41:12Z","created_at":"2026-02-26T17:28:02Z","topics":[],"owner":{"login":"oxfemale","html_url":"https://github.com/oxfemale"},"clone_url":"https://github.com/oxfemale/CVE-2026-2636_PoC.git"},{"id":1173468464,"name":"CVE-2026-2636","full_name":"uname1able/CVE-2026-2636","html_url":"https://github.com/uname1able/CVE-2026-2636","description":"","stargazers_count":0,"forks_count":0,"language":"C++","updated_at":"2026-03-19T03:34:10Z","pushed_at":"2026-03-19T03:34:06Z","created_at":"2026-03-05T11:56:54Z","topics":[],"owner":{"login":"uname1able","html_url":"https://github.com/uname1able"},"clone_url":"https://github.com/uname1able/CVE-2026-2636.git"}]},{"cve_id":"CVE-2026-26399","repositories":[{"id":1215192633,"name":"CVE-2026-26399-Disclosure","full_name":"Acen28/CVE-2026-26399-Disclosure","html_url":"https://github.com/Acen28/CVE-2026-26399-Disclosure","description":"","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-04-19T16:00:39Z","pushed_at":"2026-04-19T15:50:33Z","created_at":"2026-04-19T15:49:34Z","topics":[],"owner":{"login":"Acen28","html_url":"https://github.com/Acen28"},"clone_url":"https://github.com/Acen28/CVE-2026-26399-Disclosure.git"}]},{"cve_id":"CVE-2026-26416","repositories":[{"id":1172051057,"name":"CVE-2026-26416","full_name":"aksalsalimi/CVE-2026-26416","html_url":"https://github.com/aksalsalimi/CVE-2026-26416","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-05T18:14:29Z","pushed_at":"2026-03-05T18:13:38Z","created_at":"2026-03-03T22:28:49Z","topics":[],"owner":{"login":"aksalsalimi","html_url":"https://github.com/aksalsalimi"},"clone_url":"https://github.com/aksalsalimi/CVE-2026-26416.git"}]},{"cve_id":"CVE-2026-26417","repositories":[{"id":1172053220,"name":"CVE-2026-26417","full_name":"aksalsalimi/CVE-2026-26417","html_url":"https://github.com/aksalsalimi/CVE-2026-26417","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-05T18:14:09Z","pushed_at":"2026-03-05T18:14:05Z","created_at":"2026-03-03T22:32:46Z","topics":[],"owner":{"login":"aksalsalimi","html_url":"https://github.com/aksalsalimi"},"clone_url":"https://github.com/aksalsalimi/CVE-2026-26417.git"}]},{"cve_id":"CVE-2026-26418","repositories":[{"id":1172054067,"name":"CVE-2026-26418","full_name":"aksalsalimi/CVE-2026-26418","html_url":"https://github.com/aksalsalimi/CVE-2026-26418","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-05T18:14:53Z","pushed_at":"2026-03-05T18:14:32Z","created_at":"2026-03-03T22:34:17Z","topics":[],"owner":{"login":"aksalsalimi","html_url":"https://github.com/aksalsalimi"},"clone_url":"https://github.com/aksalsalimi/CVE-2026-26418.git"}]},{"cve_id":"CVE-2026-2670","repositories":[{"id":1162237521,"name":"exploit-CVE-2026-2670","full_name":"ali-py3/exploit-CVE-2026-2670","html_url":"https://github.com/ali-py3/exploit-CVE-2026-2670","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-20T12:48:54Z","pushed_at":"2026-02-20T03:04:18Z","created_at":"2026-02-20T02:43:04Z","topics":[],"owner":{"login":"ali-py3","html_url":"https://github.com/ali-py3"},"clone_url":"https://github.com/ali-py3/exploit-CVE-2026-2670.git"}]},{"cve_id":"CVE-2026-26717","repositories":[{"id":1165997901,"name":"CVE-2026-26717","full_name":"Rickidevs/CVE-2026-26717","html_url":"https://github.com/Rickidevs/CVE-2026-26717","description":"I discovered a Timing Attack vulnerability in the Richie LMS, developed by France Université Numérique (OpenFUN), and it was assigned the ID CVE-2026-26717 by MITRE.","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-24T20:20:51Z","pushed_at":"2026-02-24T20:20:47Z","created_at":"2026-02-24T19:14:24Z","topics":[],"owner":{"login":"Rickidevs","html_url":"https://github.com/Rickidevs"},"clone_url":"https://github.com/Rickidevs/CVE-2026-26717.git"}]},{"cve_id":"CVE-2026-26720","repositories":[{"id":1130776076,"name":"CVE-2026-26720-Twenty-RCE","full_name":"dillonkirsch/CVE-2026-26720-Twenty-RCE","html_url":"https://github.com/dillonkirsch/CVE-2026-26720-Twenty-RCE","description":"","stargazers_count":0,"forks_count":0,"language":"TypeScript","updated_at":"2026-02-27T22:07:49Z","pushed_at":"2026-01-09T02:06:48Z","created_at":"2026-01-09T02:02:33Z","topics":[],"owner":{"login":"dillonkirsch","html_url":"https://github.com/dillonkirsch"},"clone_url":"https://github.com/dillonkirsch/CVE-2026-26720-Twenty-RCE.git"}]},{"cve_id":"CVE-2026-26744","repositories":[{"id":1161877388,"name":"CVE-2026-26744","full_name":"lorenzobruno7/CVE-2026-26744","html_url":"https://github.com/lorenzobruno7/CVE-2026-26744","description":"CVE-2026-26744","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-19T16:16:14Z","pushed_at":"2026-02-19T16:16:10Z","created_at":"2026-02-19T16:11:44Z","topics":[],"owner":{"login":"lorenzobruno7","html_url":"https://github.com/lorenzobruno7"},"clone_url":"https://github.com/lorenzobruno7/CVE-2026-26744.git"}]},{"cve_id":"CVE-2026-26746","repositories":[{"id":1162456944,"name":"CVE-2026-26746","full_name":"hungnqdz/CVE-2026-26746","html_url":"https://github.com/hungnqdz/CVE-2026-26746","description":"","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-04-22T12:12:10Z","pushed_at":"2026-04-22T12:12:07Z","created_at":"2026-02-20T09:35:49Z","topics":[],"owner":{"login":"hungnqdz","html_url":"https://github.com/hungnqdz"},"clone_url":"https://github.com/hungnqdz/CVE-2026-26746.git"}]},{"cve_id":"CVE-2026-26801","repositories":[{"id":1185167253,"name":"CVE-2026-26801-pdfmake-ssrf","full_name":"mariopepe/CVE-2026-26801-pdfmake-ssrf","html_url":"https://github.com/mariopepe/CVE-2026-26801-pdfmake-ssrf","description":"PoC for CVE-2026-26801: SSRF in pdfmake URLResolver.js (\u003e= 0.3.0-beta.2, \u003c= 0.3.5)","stargazers_count":0,"forks_count":0,"language":"JavaScript","updated_at":"2026-03-18T10:21:28Z","pushed_at":"2026-03-18T10:21:25Z","created_at":"2026-03-18T09:59:12Z","topics":[],"owner":{"login":"mariopepe","html_url":"https://github.com/mariopepe"},"clone_url":"https://github.com/mariopepe/CVE-2026-26801-pdfmake-ssrf.git"}]},{"cve_id":"CVE-2026-26830","repositories":[{"id":1190786248,"name":"npm-cve-2026-26830-26833","full_name":"zebbernCVE/npm-cve-2026-26830-26833","html_url":"https://github.com/zebbernCVE/npm-cve-2026-26830-26833","description":"Directory page for CVE-2026-26830 through CVE-2026-26833 advisories","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-03-25T23:24:14Z","pushed_at":"2026-03-24T16:39:14Z","created_at":"2026-03-24T16:06:40Z","topics":[],"owner":{"login":"zebbernCVE","html_url":"https://github.com/zebbernCVE"},"clone_url":"https://github.com/zebbernCVE/npm-cve-2026-26830-26833.git"},{"id":1190794055,"name":"CVE-2026-26830","full_name":"zebbernCVE/CVE-2026-26830","html_url":"https://github.com/zebbernCVE/CVE-2026-26830","description":"Advisory for pdf-image ⌯⌲ 10 000 weekly downloads","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-10T15:28:00Z","pushed_at":"2026-03-24T16:39:16Z","created_at":"2026-03-24T16:15:10Z","topics":["critical","cve-2026-26830","cwe-78"],"owner":{"login":"zebbernCVE","html_url":"https://github.com/zebbernCVE"},"clone_url":"https://github.com/zebbernCVE/CVE-2026-26830.git"}]},{"cve_id":"CVE-2026-26831","repositories":[{"id":1190794132,"name":"CVE-2026-26831","full_name":"zebbernCVE/CVE-2026-26831","html_url":"https://github.com/zebbernCVE/CVE-2026-26831","description":"Advisory for textract ⌯⌲ 15 000 weekly downloads","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-10T15:26:58Z","pushed_at":"2026-03-24T16:39:18Z","created_at":"2026-03-24T16:15:15Z","topics":["critical","cve-2026-26831","cwe-78"],"owner":{"login":"zebbernCVE","html_url":"https://github.com/zebbernCVE"},"clone_url":"https://github.com/zebbernCVE/CVE-2026-26831.git"}]},{"cve_id":"CVE-2026-26832","repositories":[{"id":1190794205,"name":"CVE-2026-26832","full_name":"zebbernCVE/CVE-2026-26832","html_url":"https://github.com/zebbernCVE/CVE-2026-26832","description":"Advisory for node-tesseract-ocr  ⌯⌲ 50 000 weekly downloads","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-10T15:25:57Z","pushed_at":"2026-03-24T16:39:22Z","created_at":"2026-03-24T16:15:20Z","topics":["critical","cve-2026-26832","cwe-78"],"owner":{"login":"zebbernCVE","html_url":"https://github.com/zebbernCVE"},"clone_url":"https://github.com/zebbernCVE/CVE-2026-26832.git"}]},{"cve_id":"CVE-2026-26833","repositories":[{"id":1190786248,"name":"npm-cve-2026-26830-26833","full_name":"zebbernCVE/npm-cve-2026-26830-26833","html_url":"https://github.com/zebbernCVE/npm-cve-2026-26830-26833","description":"Directory page for CVE-2026-26830 through CVE-2026-26833 advisories","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-03-25T23:24:14Z","pushed_at":"2026-03-24T16:39:14Z","created_at":"2026-03-24T16:06:40Z","topics":[],"owner":{"login":"zebbernCVE","html_url":"https://github.com/zebbernCVE"},"clone_url":"https://github.com/zebbernCVE/npm-cve-2026-26830-26833.git"},{"id":1190794462,"name":"CVE-2026-26833","full_name":"zebbernCVE/CVE-2026-26833","html_url":"https://github.com/zebbernCVE/CVE-2026-26833","description":"Advisory for thumbler","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-10T15:23:55Z","pushed_at":"2026-03-24T16:39:25Z","created_at":"2026-03-24T16:15:38Z","topics":["critical","cve-2026-26833","cwe-78"],"owner":{"login":"zebbernCVE","html_url":"https://github.com/zebbernCVE"},"clone_url":"https://github.com/zebbernCVE/CVE-2026-26833.git"}]},{"cve_id":"CVE-2026-26903","repositories":[{"id":1217501461,"name":"CVE-2026-26903-PoC","full_name":"John-Jung/CVE-2026-26903-PoC","html_url":"https://github.com/John-Jung/CVE-2026-26903-PoC","description":"A PoC for demonstrating CVE-2026-26903","stargazers_count":0,"forks_count":0,"language":"HTML","updated_at":"2026-04-22T01:21:53Z","pushed_at":"2026-04-22T01:11:37Z","created_at":"2026-04-22T00:28:41Z","topics":[],"owner":{"login":"John-Jung","html_url":"https://github.com/John-Jung"},"clone_url":"https://github.com/John-Jung/CVE-2026-26903-PoC.git"}]},{"cve_id":"CVE-2026-26980","repositories":[{"id":1213795823,"name":"ghost-cve-2026-26980","full_name":"dinosn/ghost-cve-2026-26980","html_url":"https://github.com/dinosn/ghost-cve-2026-26980","description":"CVE-2026-26980 — Ghost CMS Content API SQL Injection Lab (unauthenticated blind SQLi via slug filter ordering)","stargazers_count":9,"forks_count":1,"language":"Python","updated_at":"2026-04-25T22:25:23Z","pushed_at":"2026-04-18T02:55:16Z","created_at":"2026-04-17T19:15:20Z","topics":[],"owner":{"login":"dinosn","html_url":"https://github.com/dinosn"},"clone_url":"https://github.com/dinosn/ghost-cve-2026-26980.git"},{"id":1195618864,"name":"CVE-2026-26980","full_name":"vognik/CVE-2026-26980","html_url":"https://github.com/vognik/CVE-2026-26980","description":"💣 Exploit for CVE-2026-26980 — 👻 Ghost CMS Unauthenticated SQLi via Content API","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-04-19T15:15:02Z","pushed_at":"2026-04-19T15:14:58Z","created_at":"2026-03-29T22:00:18Z","topics":[],"owner":{"login":"vognik","html_url":"https://github.com/vognik"},"clone_url":"https://github.com/vognik/CVE-2026-26980.git"}]},{"cve_id":"CVE-2026-26988","repositories":[{"id":1162548398,"name":"CVE-2026-26988-LibreNMS-SQLi","full_name":"mbanyamer/CVE-2026-26988-LibreNMS-SQLi","html_url":"https://github.com/mbanyamer/CVE-2026-26988-LibreNMS-SQLi","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-20T11:57:55Z","pushed_at":"2026-02-20T11:57:52Z","created_at":"2026-02-20T11:55:53Z","topics":[],"owner":{"login":"mbanyamer","html_url":"https://github.com/mbanyamer"},"clone_url":"https://github.com/mbanyamer/CVE-2026-26988-LibreNMS-SQLi.git"}]},{"cve_id":"CVE-2026-2699","repositories":[{"id":1191973011,"name":"watchTowr-vs-Progress-ShareFile-CVE-2026-2699","full_name":"watchtowrlabs/watchTowr-vs-Progress-ShareFile-CVE-2026-2699","html_url":"https://github.com/watchtowrlabs/watchTowr-vs-Progress-ShareFile-CVE-2026-2699","description":"","stargazers_count":3,"forks_count":0,"language":"Python","updated_at":"2026-04-19T15:08:52Z","pushed_at":"2026-03-25T19:11:17Z","created_at":"2026-03-25T19:09:25Z","topics":[],"owner":{"login":"watchtowrlabs","html_url":"https://github.com/watchtowrlabs"},"clone_url":"https://github.com/watchtowrlabs/watchTowr-vs-Progress-ShareFile-CVE-2026-2699.git"},{"id":1204256019,"name":"CVE-2026-2699","full_name":"0xBlackash/CVE-2026-2699","html_url":"https://github.com/0xBlackash/CVE-2026-2699","description":"CVE-2026-2699","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-09T07:36:21Z","pushed_at":"2026-04-09T07:36:18Z","created_at":"2026-04-07T20:55:23Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-2699.git"}]},{"cve_id":"CVE-2026-27174","repositories":[{"id":1167530565,"name":"majordomo-CVE-2026-27174-poc","full_name":"MaxMnMl/majordomo-CVE-2026-27174-poc","html_url":"https://github.com/MaxMnMl/majordomo-CVE-2026-27174-poc","description":"CVE-2026-27174 - An unauthenticated remote code execution via the admin panel's PHP console feature","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-04T19:15:23Z","pushed_at":"2026-02-26T13:17:36Z","created_at":"2026-02-26T11:51:44Z","topics":[],"owner":{"login":"MaxMnMl","html_url":"https://github.com/MaxMnMl"},"clone_url":"https://github.com/MaxMnMl/majordomo-CVE-2026-27174-poc.git"}]},{"cve_id":"CVE-2026-27179","repositories":[{"id":1170530280,"name":"MajorDoMo-CVE-2026-27179","full_name":"p3Nt3st3r-sTAr/MajorDoMo-CVE-2026-27179","html_url":"https://github.com/p3Nt3st3r-sTAr/MajorDoMo-CVE-2026-27179","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-23T09:59:39Z","pushed_at":"2026-03-23T09:59:36Z","created_at":"2026-03-02T08:20:08Z","topics":[],"owner":{"login":"p3Nt3st3r-sTAr","html_url":"https://github.com/p3Nt3st3r-sTAr"},"clone_url":"https://github.com/p3Nt3st3r-sTAr/MajorDoMo-CVE-2026-27179.git"}]},{"cve_id":"CVE-2026-27180","repositories":[{"id":1161876658,"name":"CVE-2026-27180-MajorDoMo-unauthenticated-RCE","full_name":"mbanyamer/CVE-2026-27180-MajorDoMo-unauthenticated-RCE","html_url":"https://github.com/mbanyamer/CVE-2026-27180-MajorDoMo-unauthenticated-RCE","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-19T21:04:21Z","pushed_at":"2026-02-19T21:04:18Z","created_at":"2026-02-19T16:10:49Z","topics":[],"owner":{"login":"mbanyamer","html_url":"https://github.com/mbanyamer"},"clone_url":"https://github.com/mbanyamer/CVE-2026-27180-MajorDoMo-unauthenticated-RCE.git"}]},{"cve_id":"CVE-2026-27199","repositories":[{"id":1162449379,"name":"CVE-2026-27199-werkzeug-safe-join-bypass-PoC","full_name":"alimezar/CVE-2026-27199-werkzeug-safe-join-bypass-PoC","html_url":"https://github.com/alimezar/CVE-2026-27199-werkzeug-safe-join-bypass-PoC","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-20T09:35:11Z","pushed_at":"2026-02-20T09:31:43Z","created_at":"2026-02-20T09:24:33Z","topics":[],"owner":{"login":"alimezar","html_url":"https://github.com/alimezar"},"clone_url":"https://github.com/alimezar/CVE-2026-27199-werkzeug-safe-join-bypass-PoC.git"}]},{"cve_id":"CVE-2026-27470","repositories":[{"id":1163460083,"name":"CVE-2026-27470","full_name":"kocaemre/CVE-2026-27470","html_url":"https://github.com/kocaemre/CVE-2026-27470","description":"ZoneMinder Second-Order SQL Injection PoC — CVE-2026-27470","stargazers_count":5,"forks_count":0,"language":"Python","updated_at":"2026-03-26T22:08:10Z","pushed_at":"2026-02-22T19:58:29Z","created_at":"2026-02-21T17:05:22Z","topics":[],"owner":{"login":"kocaemre","html_url":"https://github.com/kocaemre"},"clone_url":"https://github.com/kocaemre/CVE-2026-27470.git"},{"id":1180998758,"name":"CVE-2026-27470-POC","full_name":"d3vn0mi/CVE-2026-27470-POC","html_url":"https://github.com/d3vn0mi/CVE-2026-27470-POC","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-13T17:59:39Z","pushed_at":"2026-03-13T21:52:43Z","created_at":"2026-03-13T16:31:56Z","topics":[],"owner":{"login":"d3vn0mi","html_url":"https://github.com/d3vn0mi"},"clone_url":"https://github.com/d3vn0mi/CVE-2026-27470-POC.git"}]},{"cve_id":"CVE-2026-27483","repositories":[{"id":1174228220,"name":"cve-2026-27483","full_name":"thewhiteh4t/cve-2026-27483","html_url":"https://github.com/thewhiteh4t/cve-2026-27483","description":"MindsDB Path Traversal to RCE PoC","stargazers_count":5,"forks_count":0,"language":"Python","updated_at":"2026-04-04T16:47:16Z","pushed_at":"2026-03-07T05:04:01Z","created_at":"2026-03-06T07:52:36Z","topics":[],"owner":{"login":"thewhiteh4t","html_url":"https://github.com/thewhiteh4t"},"clone_url":"https://github.com/thewhiteh4t/cve-2026-27483.git"}]},{"cve_id":"CVE-2026-2749","repositories":[{"id":1166040116,"name":"Centreon-Exploits-2026","full_name":"hakaioffsec/Centreon-Exploits-2026","html_url":"https://github.com/hakaioffsec/Centreon-Exploits-2026","description":"Centreon exploits CVE-2026-2749, CVE-2026-2751 and CVE-2026-2750","stargazers_count":9,"forks_count":1,"language":"Python","updated_at":"2026-03-08T16:16:20Z","pushed_at":"2026-03-02T17:54:39Z","created_at":"2026-02-24T20:17:49Z","topics":[],"owner":{"login":"hakaioffsec","html_url":"https://github.com/hakaioffsec"},"clone_url":"https://github.com/hakaioffsec/Centreon-Exploits-2026.git"}]},{"cve_id":"CVE-2026-2750","repositories":[{"id":1166040116,"name":"Centreon-Exploits-2026","full_name":"hakaioffsec/Centreon-Exploits-2026","html_url":"https://github.com/hakaioffsec/Centreon-Exploits-2026","description":"Centreon exploits CVE-2026-2749, CVE-2026-2751 and CVE-2026-2750","stargazers_count":9,"forks_count":1,"language":"Python","updated_at":"2026-03-08T16:16:20Z","pushed_at":"2026-03-02T17:54:39Z","created_at":"2026-02-24T20:17:49Z","topics":[],"owner":{"login":"hakaioffsec","html_url":"https://github.com/hakaioffsec"},"clone_url":"https://github.com/hakaioffsec/Centreon-Exploits-2026.git"}]},{"cve_id":"CVE-2026-27507","repositories":[{"id":1214857203,"name":"CVE-2026-27507","full_name":"NetVanguard-cmd/CVE-2026-27507","html_url":"https://github.com/NetVanguard-cmd/CVE-2026-27507","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-19T06:22:10Z","pushed_at":"2026-04-19T06:22:07Z","created_at":"2026-04-19T06:22:06Z","topics":[],"owner":{"login":"NetVanguard-cmd","html_url":"https://github.com/NetVanguard-cmd"},"clone_url":"https://github.com/NetVanguard-cmd/CVE-2026-27507.git"}]},{"cve_id":"CVE-2026-2751","repositories":[{"id":1166040116,"name":"Centreon-Exploits-2026","full_name":"hakaioffsec/Centreon-Exploits-2026","html_url":"https://github.com/hakaioffsec/Centreon-Exploits-2026","description":"Centreon exploits CVE-2026-2749, CVE-2026-2751 and CVE-2026-2750","stargazers_count":9,"forks_count":1,"language":"Python","updated_at":"2026-03-08T16:16:20Z","pushed_at":"2026-03-02T17:54:39Z","created_at":"2026-02-24T20:17:49Z","topics":[],"owner":{"login":"hakaioffsec","html_url":"https://github.com/hakaioffsec"},"clone_url":"https://github.com/hakaioffsec/Centreon-Exploits-2026.git"}]},{"cve_id":"CVE-2026-2754","repositories":[{"id":1216175128,"name":"Pegasus-CVE-2026-2754-Framework-","full_name":"PegasusMetaSec/Pegasus-CVE-2026-2754-Framework-","html_url":"https://github.com/PegasusMetaSec/Pegasus-CVE-2026-2754-Framework-","description":"","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-04-21T19:04:56Z","pushed_at":"2026-04-20T16:37:04Z","created_at":"2026-04-20T16:37:04Z","topics":[],"owner":{"login":"PegasusMetaSec","html_url":"https://github.com/PegasusMetaSec"},"clone_url":"https://github.com/PegasusMetaSec/Pegasus-CVE-2026-2754-Framework-.git"}]},{"cve_id":"CVE-2026-27540","repositories":[{"id":1178524927,"name":"CVE-2026-27540-WordPress-Exploit-PoC","full_name":"DeadExpl0it/CVE-2026-27540-WordPress-Exploit-PoC","html_url":"https://github.com/DeadExpl0it/CVE-2026-27540-WordPress-Exploit-PoC","description":"PoC for CVE-2026-27540 - critical unauthenticated arbitrary file upload in WooCommerce Wholesale Lead Capture (WordPress)","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-03-14T00:21:30Z","pushed_at":"2026-03-14T00:21:27Z","created_at":"2026-03-11T05:23:27Z","topics":[],"owner":{"login":"DeadExpl0it","html_url":"https://github.com/DeadExpl0it"},"clone_url":"https://github.com/DeadExpl0it/CVE-2026-27540-WordPress-Exploit-PoC.git"},{"id":1214203447,"name":"CVE-2026-27542-CVE-2026-27540-","full_name":"Nxploited/CVE-2026-27542-CVE-2026-27540-","html_url":"https://github.com/Nxploited/CVE-2026-27542-CVE-2026-27540-","description":"Unauthenticated Privilege | Unauthenticated Arbitrary File Upload","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-18T08:56:37Z","pushed_at":"2026-04-18T08:56:33Z","created_at":"2026-04-18T08:51:10Z","topics":[],"owner":{"login":"Nxploited","html_url":"https://github.com/Nxploited"},"clone_url":"https://github.com/Nxploited/CVE-2026-27542-CVE-2026-27540-.git"}]},{"cve_id":"CVE-2026-27541","repositories":[{"id":1186075145,"name":"CVE-2026-27541-Analysis-Lab","full_name":"rootdirective-sec/CVE-2026-27541-Analysis-Lab","html_url":"https://github.com/rootdirective-sec/CVE-2026-27541-Analysis-Lab","description":"","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-03-19T08:59:35Z","pushed_at":"2026-03-19T08:59:31Z","created_at":"2026-03-19T08:38:30Z","topics":[],"owner":{"login":"rootdirective-sec","html_url":"https://github.com/rootdirective-sec"},"clone_url":"https://github.com/rootdirective-sec/CVE-2026-27541-Analysis-Lab.git"}]},{"cve_id":"CVE-2026-27542","repositories":[{"id":1214203447,"name":"CVE-2026-27542-CVE-2026-27540-","full_name":"Nxploited/CVE-2026-27542-CVE-2026-27540-","html_url":"https://github.com/Nxploited/CVE-2026-27542-CVE-2026-27540-","description":"Unauthenticated Privilege | Unauthenticated Arbitrary File Upload","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-18T08:56:37Z","pushed_at":"2026-04-18T08:56:33Z","created_at":"2026-04-18T08:51:10Z","topics":[],"owner":{"login":"Nxploited","html_url":"https://github.com/Nxploited"},"clone_url":"https://github.com/Nxploited/CVE-2026-27542-CVE-2026-27540-.git"}]},{"cve_id":"CVE-2026-27574","repositories":[{"id":1163425668,"name":"CVE-2026-27574-OneUptime-RCE","full_name":"mbanyamer/CVE-2026-27574-OneUptime-RCE","html_url":"https://github.com/mbanyamer/CVE-2026-27574-OneUptime-RCE","description":"","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-02-27T16:57:01Z","pushed_at":"2026-02-21T16:07:34Z","created_at":"2026-02-21T16:06:04Z","topics":[],"owner":{"login":"mbanyamer","html_url":"https://github.com/mbanyamer"},"clone_url":"https://github.com/mbanyamer/CVE-2026-27574-OneUptime-RCE.git"}]},{"cve_id":"CVE-2026-27579","repositories":[{"id":1169806761,"name":"CVE-2026-27579-CORS-Misconfiguration-Leading-to-Authenticated-Data-Exposure","full_name":"AdityaBhatt3010/CVE-2026-27579-CORS-Misconfiguration-Leading-to-Authenticated-Data-Exposure","html_url":"https://github.com/AdityaBhatt3010/CVE-2026-27579-CORS-Misconfiguration-Leading-to-Authenticated-Data-Exposure","description":"CVE-2026-27579 - CORS Misconfiguration – Arbitrary Origin with Credentials → Authenticated Cross-Origin Account Data Exposure","stargazers_count":2,"forks_count":0,"language":"JavaScript","updated_at":"2026-03-05T20:20:01Z","pushed_at":"2026-03-01T08:48:41Z","created_at":"2026-03-01T08:41:29Z","topics":["collab","cors","cross-origin-resource-sharing","cve","cybersecurity","exploit"],"owner":{"login":"AdityaBhatt3010","html_url":"https://github.com/AdityaBhatt3010"},"clone_url":"https://github.com/AdityaBhatt3010/CVE-2026-27579-CORS-Misconfiguration-Leading-to-Authenticated-Data-Exposure.git"},{"id":1164235357,"name":"CVE-2026-27579-CollabPlatform-Appwrite-CORS-Misconfiguration","full_name":"mbanyamer/CVE-2026-27579-CollabPlatform-Appwrite-CORS-Misconfiguration","html_url":"https://github.com/mbanyamer/CVE-2026-27579-CollabPlatform-Appwrite-CORS-Misconfiguration","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-22T20:47:08Z","pushed_at":"2026-02-22T20:47:04Z","created_at":"2026-02-22T20:46:03Z","topics":[],"owner":{"login":"mbanyamer","html_url":"https://github.com/mbanyamer"},"clone_url":"https://github.com/mbanyamer/CVE-2026-27579-CollabPlatform-Appwrite-CORS-Misconfiguration.git"}]},{"cve_id":"CVE-2026-27597","repositories":[{"id":1214857428,"name":"CVE-2026-27597","full_name":"NetVanguard-cmd/CVE-2026-27597","html_url":"https://github.com/NetVanguard-cmd/CVE-2026-27597","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-19T06:22:45Z","pushed_at":"2026-04-19T06:22:41Z","created_at":"2026-04-19T06:22:33Z","topics":[],"owner":{"login":"NetVanguard-cmd","html_url":"https://github.com/NetVanguard-cmd"},"clone_url":"https://github.com/NetVanguard-cmd/CVE-2026-27597.git"}]},{"cve_id":"CVE-2026-27607","repositories":[{"id":1165549663,"name":"CVE-2026-27607","full_name":"nikeee/CVE-2026-27607","html_url":"https://github.com/nikeee/CVE-2026-27607","description":"Missing post-policy validation in RustFS","stargazers_count":1,"forks_count":0,"language":"JavaScript","updated_at":"2026-04-06T18:47:49Z","pushed_at":"2026-02-24T09:53:03Z","created_at":"2026-02-24T09:34:26Z","topics":["cve"],"owner":{"login":"nikeee","html_url":"https://github.com/nikeee"},"clone_url":"https://github.com/nikeee/CVE-2026-27607.git"}]},{"cve_id":"CVE-2026-27621","repositories":[{"id":1208065684,"name":"CVE-2026-27621","full_name":"lukasz-rybak/CVE-2026-27621","html_url":"https://github.com/lukasz-rybak/CVE-2026-27621","description":"CVE-2026-27621 - TypiCMS Core has Stored Cross-Site Scripting (XSS) via SVG File Upload","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-11T19:22:47Z","pushed_at":"2026-04-11T19:22:42Z","created_at":"2026-04-11T19:15:23Z","topics":[],"owner":{"login":"lukasz-rybak","html_url":"https://github.com/lukasz-rybak"},"clone_url":"https://github.com/lukasz-rybak/CVE-2026-27621.git"}]},{"cve_id":"CVE-2026-2763","repositories":[{"id":1172905607,"name":"CVE-2026-2763-POC","full_name":"ppwwiinn/CVE-2026-2763-POC","html_url":"https://github.com/ppwwiinn/CVE-2026-2763-POC","description":"","stargazers_count":2,"forks_count":0,"language":"JavaScript","updated_at":"2026-03-07T15:15:56Z","pushed_at":"2026-03-04T22:32:55Z","created_at":"2026-03-04T20:13:49Z","topics":[],"owner":{"login":"ppwwiinn","html_url":"https://github.com/ppwwiinn"},"clone_url":"https://github.com/ppwwiinn/CVE-2026-2763-POC.git"}]},{"cve_id":"CVE-2026-27636","repositories":[{"id":1172191469,"name":"CVE-2026-27636","full_name":"rav1010/CVE-2026-27636","html_url":"https://github.com/rav1010/CVE-2026-27636","description":"Freescout-passive-scanner","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-03-12T10:57:26Z","pushed_at":"2026-03-04T03:17:43Z","created_at":"2026-03-04T03:12:39Z","topics":[],"owner":{"login":"rav1010","html_url":"https://github.com/rav1010"},"clone_url":"https://github.com/rav1010/CVE-2026-27636.git"}]},{"cve_id":"CVE-2026-27639","repositories":[{"id":1165064827,"name":"CVE-2026-27639-Mercator-XSS","full_name":"hadhub/CVE-2026-27639-Mercator-XSS","html_url":"https://github.com/hadhub/CVE-2026-27639-Mercator-XSS","description":"","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-03-12T09:48:39Z","pushed_at":"2026-02-25T19:55:45Z","created_at":"2026-02-23T19:37:36Z","topics":[],"owner":{"login":"hadhub","html_url":"https://github.com/hadhub"},"clone_url":"https://github.com/hadhub/CVE-2026-27639-Mercator-XSS.git"}]},{"cve_id":"CVE-2026-27654","repositories":[{"id":1203065092,"name":"CVE-2026-27654","full_name":"JohannesLks/CVE-2026-27654","html_url":"https://github.com/JohannesLks/CVE-2026-27654","description":"NGINX `ngx_http_dav_module` Heap Buffer Overflow via `size_t` Underflow (Remote DoS / Potential RCE)","stargazers_count":3,"forks_count":1,"language":"Python","updated_at":"2026-04-20T03:07:14Z","pushed_at":"2026-04-06T17:36:57Z","created_at":"2026-04-06T17:27:29Z","topics":[],"owner":{"login":"JohannesLks","html_url":"https://github.com/JohannesLks"},"clone_url":"https://github.com/JohannesLks/CVE-2026-27654.git"}]},{"cve_id":"CVE-2026-27739","repositories":[{"id":1204499537,"name":"CVE-2026-27739-POC","full_name":"mr-redoo7/CVE-2026-27739-POC","html_url":"https://github.com/mr-redoo7/CVE-2026-27739-POC","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-08T04:15:09Z","pushed_at":"2026-04-08T04:12:56Z","created_at":"2026-04-08T04:12:23Z","topics":[],"owner":{"login":"mr-redoo7","html_url":"https://github.com/mr-redoo7"},"clone_url":"https://github.com/mr-redoo7/CVE-2026-27739-POC.git"}]},{"cve_id":"CVE-2026-27825","repositories":[{"id":1167457009,"name":"MCPwnfluence","full_name":"plutosecurity/MCPwnfluence","html_url":"https://github.com/plutosecurity/MCPwnfluence","description":"Information about CVE-2026-27825 \u0026 CVE-2026-27826 discovered by Pluto Security and a bash script for identifying vulnerable mcp-atlassian instances allowing for automatic update to a fixed version. ","stargazers_count":7,"forks_count":1,"language":"Shell","updated_at":"2026-03-10T06:17:17Z","pushed_at":"2026-02-26T10:24:30Z","created_at":"2026-02-26T10:09:32Z","topics":[],"owner":{"login":"plutosecurity","html_url":"https://github.com/plutosecurity"},"clone_url":"https://github.com/plutosecurity/MCPwnfluence.git"}]},{"cve_id":"CVE-2026-27826","repositories":[{"id":1167457009,"name":"MCPwnfluence","full_name":"plutosecurity/MCPwnfluence","html_url":"https://github.com/plutosecurity/MCPwnfluence","description":"Information about CVE-2026-27825 \u0026 CVE-2026-27826 discovered by Pluto Security and a bash script for identifying vulnerable mcp-atlassian instances allowing for automatic update to a fixed version. ","stargazers_count":7,"forks_count":1,"language":"Shell","updated_at":"2026-03-10T06:17:17Z","pushed_at":"2026-02-26T10:24:30Z","created_at":"2026-02-26T10:09:32Z","topics":[],"owner":{"login":"plutosecurity","html_url":"https://github.com/plutosecurity"},"clone_url":"https://github.com/plutosecurity/MCPwnfluence.git"}]},{"cve_id":"CVE-2026-27831","repositories":[{"id":1167318129,"name":"CVE-2026-27831-POC","full_name":"bluedragonsecurity/CVE-2026-27831-POC","html_url":"https://github.com/bluedragonsecurity/CVE-2026-27831-POC","description":"Poc Exploit for CVE-2026-27831 - vulnerability discovered by : Antonius","stargazers_count":5,"forks_count":1,"language":"C","updated_at":"2026-04-19T11:39:30Z","pushed_at":"2026-02-26T06:59:12Z","created_at":"2026-02-26T06:57:14Z","topics":[],"owner":{"login":"bluedragonsecurity","html_url":"https://github.com/bluedragonsecurity"},"clone_url":"https://github.com/bluedragonsecurity/CVE-2026-27831-POC.git"}]},{"cve_id":"CVE-2026-27876","repositories":[{"id":1196256465,"name":"CVE-2026-27876","full_name":"0xBlackash/CVE-2026-27876","html_url":"https://github.com/0xBlackash/CVE-2026-27876","description":"CVE-2026-27876","stargazers_count":3,"forks_count":0,"language":"Python","updated_at":"2026-04-21T18:26:16Z","pushed_at":"2026-03-30T14:50:45Z","created_at":"2026-03-30T14:19:58Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-27876.git"}]},{"cve_id":"CVE-2026-27884","repositories":[{"id":1180240020,"name":"CVE-2026-27884","full_name":"RaynLight/CVE-2026-27884","html_url":"https://github.com/RaynLight/CVE-2026-27884","description":"","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-03-13T13:57:20Z","pushed_at":"2026-03-12T21:22:30Z","created_at":"2026-03-12T21:02:05Z","topics":[],"owner":{"login":"RaynLight","html_url":"https://github.com/RaynLight"},"clone_url":"https://github.com/RaynLight/CVE-2026-27884.git"}]},{"cve_id":"CVE-2026-27940","repositories":[{"id":1195282286,"name":"CVE-2026-27940","full_name":"ngtuonghung/CVE-2026-27940","html_url":"https://github.com/ngtuonghung/CVE-2026-27940","description":"","stargazers_count":0,"forks_count":0,"language":"C","updated_at":"2026-04-04T11:21:14Z","pushed_at":"2026-03-29T13:34:53Z","created_at":"2026-03-29T13:30:04Z","topics":[],"owner":{"login":"ngtuonghung","html_url":"https://github.com/ngtuonghung"},"clone_url":"https://github.com/ngtuonghung/CVE-2026-27940.git"}]},{"cve_id":"CVE-2026-27944","repositories":[{"id":1181342373,"name":"CVE-2026-27944","full_name":"Skynoxk/CVE-2026-27944","html_url":"https://github.com/Skynoxk/CVE-2026-27944","description":"Automated exploit script for CVE-2026-27944 (Nginx UI). Downloads/decrypts backups, extracts system secrets, and creates rogue admin accounts for full dashboard access.","stargazers_count":5,"forks_count":0,"language":"Python","updated_at":"2026-04-22T18:34:34Z","pushed_at":"2026-03-14T04:26:33Z","created_at":"2026-03-14T02:43:49Z","topics":[],"owner":{"login":"Skynoxk","html_url":"https://github.com/Skynoxk"},"clone_url":"https://github.com/Skynoxk/CVE-2026-27944.git"},{"id":1177921709,"name":"CVE-2026-27944","full_name":"NULL200OK/CVE-2026-27944","html_url":"https://github.com/NULL200OK/CVE-2026-27944","description":"CVE-2026-27944 - Nginx UI Unauthenticated Backup Download \u0026 Decryption","stargazers_count":4,"forks_count":0,"language":"Python","updated_at":"2026-04-09T00:30:02Z","pushed_at":"2026-03-10T14:16:03Z","created_at":"2026-03-10T14:05:26Z","topics":[],"owner":{"login":"NULL200OK","html_url":"https://github.com/NULL200OK"},"clone_url":"https://github.com/NULL200OK/CVE-2026-27944.git"},{"id":1177984848,"name":"-nginxui_discover","full_name":"NULL200OK/-nginxui_discover","html_url":"https://github.com/NULL200OK/-nginxui_discover","description":"Nginx UI Discovery Scanner - CVE-2026-27944 Version Detector","stargazers_count":2,"forks_count":1,"language":"Python","updated_at":"2026-04-24T20:06:45Z","pushed_at":"2026-03-11T14:46:59Z","created_at":"2026-03-10T15:14:21Z","topics":[],"owner":{"login":"NULL200OK","html_url":"https://github.com/NULL200OK"},"clone_url":"https://github.com/NULL200OK/-nginxui_discover.git"},{"id":1199972441,"name":"CVE-2026-27944-poc","full_name":"Goultarde/CVE-2026-27944-poc","html_url":"https://github.com/Goultarde/CVE-2026-27944-poc","description":"poc for CVE-2026-27944","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-02T22:45:04Z","pushed_at":"2026-04-02T22:45:04Z","created_at":"2026-04-02T22:45:04Z","topics":[],"owner":{"login":"Goultarde","html_url":"https://github.com/Goultarde"},"clone_url":"https://github.com/Goultarde/CVE-2026-27944-poc.git"}]},{"cve_id":"CVE-2026-27959","repositories":[{"id":1177181765,"name":"CVE-2026-27959-mini-lab","full_name":"mlouazir/CVE-2026-27959-mini-lab","html_url":"https://github.com/mlouazir/CVE-2026-27959-mini-lab","description":"","stargazers_count":0,"forks_count":0,"language":"JavaScript","updated_at":"2026-03-09T19:38:49Z","pushed_at":"2026-03-09T19:34:30Z","created_at":"2026-03-09T19:22:55Z","topics":[],"owner":{"login":"mlouazir","html_url":"https://github.com/mlouazir"},"clone_url":"https://github.com/mlouazir/CVE-2026-27959-mini-lab.git"}]},{"cve_id":"CVE-2026-2796","repositories":[{"id":1205429595,"name":"CVE-2026-2796","full_name":"WostGit/CVE-2026-2796","html_url":"https://github.com/WostGit/CVE-2026-2796","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-09T13:41:11Z","pushed_at":"2026-04-09T13:40:24Z","created_at":"2026-04-09T00:42:22Z","topics":[],"owner":{"login":"WostGit","html_url":"https://github.com/WostGit"},"clone_url":"https://github.com/WostGit/CVE-2026-2796.git"},{"id":1205424865,"name":"cve-2026-2796-repro","full_name":"WostGit/cve-2026-2796-repro","html_url":"https://github.com/WostGit/cve-2026-2796-repro","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-09T00:37:36Z","pushed_at":"2026-04-09T00:37:32Z","created_at":"2026-04-09T00:33:41Z","topics":[],"owner":{"login":"WostGit","html_url":"https://github.com/WostGit"},"clone_url":"https://github.com/WostGit/cve-2026-2796-repro.git"}]},{"cve_id":"CVE-2026-27966","repositories":[{"id":1171750433,"name":"CVE-2026-27966--RCE-in-Langflow","full_name":"Anon-Cyber-Team/CVE-2026-27966--RCE-in-Langflow","html_url":"https://github.com/Anon-Cyber-Team/CVE-2026-27966--RCE-in-Langflow","description":"Exploit Tools For new CVE","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-03-12T09:45:10Z","pushed_at":"2026-03-06T12:57:22Z","created_at":"2026-03-03T15:12:34Z","topics":[],"owner":{"login":"Anon-Cyber-Team","html_url":"https://github.com/Anon-Cyber-Team"},"clone_url":"https://github.com/Anon-Cyber-Team/CVE-2026-27966--RCE-in-Langflow.git"}]},{"cve_id":"CVE-2026-27978","repositories":[{"id":1220911425,"name":"Next.js-Proof-of-Concept","full_name":"Nayekah/Next.js-Proof-of-Concept","html_url":"https://github.com/Nayekah/Next.js-Proof-of-Concept","description":"Some Proof-of-Concept (POCs) for CVE-2025-29927, CVE-2026-27978, and CVE-2026-29057 in Next.js.","stargazers_count":0,"forks_count":0,"language":"JavaScript","updated_at":"2026-04-26T05:57:14Z","pushed_at":"2026-04-26T05:53:18Z","created_at":"2026-04-25T13:57:54Z","topics":[],"owner":{"login":"Nayekah","html_url":"https://github.com/Nayekah"},"clone_url":"https://github.com/Nayekah/Next.js-Proof-of-Concept.git"}]},{"cve_id":"CVE-2026-28286","repositories":[{"id":1202187731,"name":"zimaos-cve-2026-28286-arbitrary-file-write","full_name":"Rushi9/zimaos-cve-2026-28286-arbitrary-file-write","html_url":"https://github.com/Rushi9/zimaos-cve-2026-28286-arbitrary-file-write","description":"ZimaOS CVE-2026-28286 arbitrary file write PoC \u0026 verification toolkit","stargazers_count":2,"forks_count":1,"language":"Python","updated_at":"2026-04-10T20:11:04Z","pushed_at":"2026-04-05T18:48:36Z","created_at":"2026-04-05T18:01:16Z","topics":["api-security","arbitrary-file-write","bugbounty","cve-2026-28286","cybersecurity","exploit","penetration-testing","zimaos"],"owner":{"login":"Rushi9","html_url":"https://github.com/Rushi9"},"clone_url":"https://github.com/Rushi9/zimaos-cve-2026-28286-arbitrary-file-write.git"}]},{"cve_id":"CVE-2026-28289","repositories":[{"id":1173744396,"name":"CVE-2026-28289","full_name":"0xBlackash/CVE-2026-28289","html_url":"https://github.com/0xBlackash/CVE-2026-28289","description":"CVE-2026-28289","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-03-12T09:41:24Z","pushed_at":"2026-03-05T19:22:11Z","created_at":"2026-03-05T17:48:00Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-28289.git"}]},{"cve_id":"CVE-2026-28363","repositories":[{"id":1201666272,"name":"CVE-2026-28363","full_name":"kaleth4/CVE-2026-28363","html_url":"https://github.com/kaleth4/CVE-2026-28363","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-05T01:45:23Z","pushed_at":"2026-04-05T01:45:19Z","created_at":"2026-04-05T01:41:19Z","topics":[],"owner":{"login":"kaleth4","html_url":"https://github.com/kaleth4"},"clone_url":"https://github.com/kaleth4/CVE-2026-28363.git"}]},{"cve_id":"CVE-2026-28372","repositories":[{"id":1175014507,"name":"CVE-2026-28372-telnetd-Privilege-Escalation","full_name":"Rohitberiwala/CVE-2026-28372-telnetd-Privilege-Escalation","html_url":"https://github.com/Rohitberiwala/CVE-2026-28372-telnetd-Privilege-Escalation","description":"This Proof‑of‑Concept demonstrates a **Local Privilege Escalation** vulnerability in GNU inetutils `telnetd`.  `telnetd` improperly passes client‑controlled environment variables to `login(1)`. By setting:","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-03-12T05:50:19Z","pushed_at":"2026-03-07T08:35:32Z","created_at":"2026-03-07T05:31:00Z","topics":[],"owner":{"login":"Rohitberiwala","html_url":"https://github.com/Rohitberiwala"},"clone_url":"https://github.com/Rohitberiwala/CVE-2026-28372-telnetd-Privilege-Escalation.git"},{"id":1168789243,"name":"CVE-2026-28372-GNU-inetutils-telnetd-Privilege-Escalation","full_name":"mbanyamer/CVE-2026-28372-GNU-inetutils-telnetd-Privilege-Escalation","html_url":"https://github.com/mbanyamer/CVE-2026-28372-GNU-inetutils-telnetd-Privilege-Escalation","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-02T09:00:48Z","pushed_at":"2026-04-02T09:00:45Z","created_at":"2026-02-27T19:54:43Z","topics":[],"owner":{"login":"mbanyamer","html_url":"https://github.com/mbanyamer"},"clone_url":"https://github.com/mbanyamer/CVE-2026-28372-GNU-inetutils-telnetd-Privilege-Escalation.git"},{"id":1168949890,"name":"CVE-2026-28372-GNU-inetutils-telnetd-Privilege-Escalation-main","full_name":"kalibb/CVE-2026-28372-GNU-inetutils-telnetd-Privilege-Escalation-main","html_url":"https://github.com/kalibb/CVE-2026-28372-GNU-inetutils-telnetd-Privilege-Escalation-main","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-28T01:32:37Z","pushed_at":"2026-02-28T01:32:34Z","created_at":"2026-02-28T01:28:54Z","topics":[],"owner":{"login":"kalibb","html_url":"https://github.com/kalibb"},"clone_url":"https://github.com/kalibb/CVE-2026-28372-GNU-inetutils-telnetd-Privilege-Escalation-main.git"}]},{"cve_id":"CVE-2026-28466","repositories":[{"id":1194505607,"name":"CVE-2026-28466","full_name":"Orioning/CVE-2026-28466","html_url":"https://github.com/Orioning/CVE-2026-28466","description":"CVE-2026-28466复现脚本","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-04-01T14:58:16Z","pushed_at":"2026-03-28T13:05:52Z","created_at":"2026-03-28T12:59:12Z","topics":["cve-2026-28466","openclaw"],"owner":{"login":"Orioning","html_url":"https://github.com/Orioning"},"clone_url":"https://github.com/Orioning/CVE-2026-28466.git"}]},{"cve_id":"CVE-2026-28766","repositories":[{"id":1203481484,"name":"CVE-2026-28766","full_name":"MichaelAdamGroberman/CVE-2026-28766","html_url":"https://github.com/MichaelAdamGroberman/CVE-2026-28766","description":"CVE-2026-28766: Missing Authentication on User Account Endpoint — Gardyn Home Kit (ICSA-26-055-03)","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-27T13:15:38Z","pushed_at":"2026-04-27T13:14:56Z","created_at":"2026-04-07T04:37:37Z","topics":["cisa","coordinated-disclosure","cve","cve-2026-28766","cwe-306","gardyn","ics-advisory","icsa-26-055-03","iot-security","missing-authentication","pii-exposure","security-research","vu653116","vulnerability-disclosure"],"owner":{"login":"MichaelAdamGroberman","html_url":"https://github.com/MichaelAdamGroberman"},"clone_url":"https://github.com/MichaelAdamGroberman/CVE-2026-28766.git"}]},{"cve_id":"CVE-2026-28767","repositories":[{"id":1203481513,"name":"CVE-2026-28767","full_name":"MichaelAdamGroberman/CVE-2026-28767","html_url":"https://github.com/MichaelAdamGroberman/CVE-2026-28767","description":"CVE-2026-28767: Missing Authentication on Admin Notifications Endpoint — Gardyn Home Kit (ICSA-26-055-03)","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-27T05:46:36Z","pushed_at":"2026-04-27T05:46:30Z","created_at":"2026-04-07T04:37:39Z","topics":["admin-api","cisa","coordinated-disclosure","cve","cve-2026-28767","cwe-306","gardyn","ics-advisory","icsa-26-055-03","iot-security","missing-authentication","security-research","vu653116","vulnerability-disclosure"],"owner":{"login":"MichaelAdamGroberman","html_url":"https://github.com/MichaelAdamGroberman"},"clone_url":"https://github.com/MichaelAdamGroberman/CVE-2026-28767.git"}]},{"cve_id":"CVE-2026-28858","repositories":[{"id":1203088044,"name":"CVE-2026-28858","full_name":"kaleth4/CVE-2026-28858","html_url":"https://github.com/kaleth4/CVE-2026-28858","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-06T17:57:10Z","pushed_at":"2026-04-06T17:57:06Z","created_at":"2026-04-06T17:54:28Z","topics":[],"owner":{"login":"kaleth4","html_url":"https://github.com/kaleth4"},"clone_url":"https://github.com/kaleth4/CVE-2026-28858.git"}]},{"cve_id":"CVE-2026-2898","repositories":[{"id":1165409806,"name":"CVE-2026-2898-FunAdmin-Deserialization","full_name":"aykhan32/CVE-2026-2898-FunAdmin-Deserialization","html_url":"https://github.com/aykhan32/CVE-2026-2898-FunAdmin-Deserialization","description":"","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-02-26T10:41:37Z","pushed_at":"2026-02-24T06:25:45Z","created_at":"2026-02-24T06:12:18Z","topics":[],"owner":{"login":"aykhan32","html_url":"https://github.com/aykhan32"},"clone_url":"https://github.com/aykhan32/CVE-2026-2898-FunAdmin-Deserialization.git"}]},{"cve_id":"CVE-2026-29000","repositories":[{"id":1173849939,"name":"CVE-2026-29000","full_name":"kernelzeroday/CVE-2026-29000","html_url":"https://github.com/kernelzeroday/CVE-2026-29000","description":"pac4j-jwt JwtAuthenticator auth bypass (CVE-2026-29000) writeup and PoCs","stargazers_count":7,"forks_count":3,"language":"Python","updated_at":"2026-04-22T03:56:21Z","pushed_at":"2026-03-06T02:08:21Z","created_at":"2026-03-05T20:19:58Z","topics":[],"owner":{"login":"kernelzeroday","html_url":"https://github.com/kernelzeroday"},"clone_url":"https://github.com/kernelzeroday/CVE-2026-29000.git"},{"id":1182907446,"name":"cve-2026-29000","full_name":"RootX111/cve-2026-29000","html_url":"https://github.com/RootX111/cve-2026-29000","description":"cve-2026-29000 exploit","stargazers_count":2,"forks_count":1,"language":"Python","updated_at":"2026-03-31T12:26:41Z","pushed_at":"2026-03-16T17:25:18Z","created_at":"2026-03-16T04:32:05Z","topics":[],"owner":{"login":"RootX111","html_url":"https://github.com/RootX111"},"clone_url":"https://github.com/RootX111/cve-2026-29000.git"},{"id":1181119944,"name":"CVE-2026-29000","full_name":"otuva/CVE-2026-29000","html_url":"https://github.com/otuva/CVE-2026-29000","description":"","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-03-13T20:55:25Z","pushed_at":"2026-03-13T19:30:00Z","created_at":"2026-03-13T19:15:29Z","topics":[],"owner":{"login":"otuva","html_url":"https://github.com/otuva"},"clone_url":"https://github.com/otuva/CVE-2026-29000.git"},{"id":1180413307,"name":"CVE-2026-29000---pac4j-jwt-Authentication-Bypass-PoC","full_name":"manbahadurthapa1248/CVE-2026-29000---pac4j-jwt-Authentication-Bypass-PoC","html_url":"https://github.com/manbahadurthapa1248/CVE-2026-29000---pac4j-jwt-Authentication-Bypass-PoC","description":"CVE-2026-29000 - pac4j-jwt Authentication Bypass PoC","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-03-15T22:45:40Z","pushed_at":"2026-03-13T02:43:08Z","created_at":"2026-03-13T02:38:37Z","topics":[],"owner":{"login":"manbahadurthapa1248","html_url":"https://github.com/manbahadurthapa1248"},"clone_url":"https://github.com/manbahadurthapa1248/CVE-2026-29000---pac4j-jwt-Authentication-Bypass-PoC.git"},{"id":1206632346,"name":"CVE-2026-29000","full_name":"Gajraj238/CVE-2026-29000","html_url":"https://github.com/Gajraj238/CVE-2026-29000","description":"","stargazers_count":0,"forks_count":1,"language":"","updated_at":"2026-04-17T12:28:23Z","pushed_at":"2026-04-17T12:28:19Z","created_at":"2026-04-10T05:23:54Z","topics":[],"owner":{"login":"Gajraj238","html_url":"https://github.com/Gajraj238"},"clone_url":"https://github.com/Gajraj238/CVE-2026-29000.git"},{"id":1213015916,"name":"CVE-2026-29000","full_name":"cipher1x1/CVE-2026-29000","html_url":"https://github.com/cipher1x1/CVE-2026-29000","description":"Proof of Concept for CVE-2026-29000, a vulnerability in pac4j-jwt","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-17T00:53:08Z","pushed_at":"2026-04-17T00:53:04Z","created_at":"2026-04-17T00:51:16Z","topics":[],"owner":{"login":"cipher1x1","html_url":"https://github.com/cipher1x1"},"clone_url":"https://github.com/cipher1x1/CVE-2026-29000.git"},{"id":1200207711,"name":"CVE-2026-29000","full_name":"yasirr10/CVE-2026-29000","html_url":"https://github.com/yasirr10/CVE-2026-29000","description":"CVE-2026-29000: Critical Authentication Bypass in pac4j-jwt - Using Only a Public Key (CVSS 10)","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-03T06:41:03Z","pushed_at":"2026-04-03T06:40:59Z","created_at":"2026-04-03T06:37:06Z","topics":[],"owner":{"login":"yasirr10","html_url":"https://github.com/yasirr10"},"clone_url":"https://github.com/yasirr10/CVE-2026-29000.git"},{"id":1197028303,"name":"CVE-2026-29000","full_name":"ClayOfGilgamesh/CVE-2026-29000","html_url":"https://github.com/ClayOfGilgamesh/CVE-2026-29000","description":"CVE-2026-29000","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-01T03:32:03Z","pushed_at":"2026-04-01T03:31:59Z","created_at":"2026-03-31T09:06:17Z","topics":[],"owner":{"login":"ClayOfGilgamesh","html_url":"https://github.com/ClayOfGilgamesh"},"clone_url":"https://github.com/ClayOfGilgamesh/CVE-2026-29000.git"},{"id":1197132524,"name":"CVE-2026-29000","full_name":"0xW1LD/CVE-2026-29000","html_url":"https://github.com/0xW1LD/CVE-2026-29000","description":"Just a simple Rust automation for CVE-2026-29000, designed to work against ippsec's Principal box on HackTheBox","stargazers_count":0,"forks_count":0,"language":"Rust","updated_at":"2026-04-27T13:11:40Z","pushed_at":"2026-03-31T11:21:08Z","created_at":"2026-03-31T10:58:29Z","topics":["cve-2026-29000"],"owner":{"login":"0xW1LD","html_url":"https://github.com/0xW1LD"},"clone_url":"https://github.com/0xW1LD/CVE-2026-29000.git"},{"id":1190432524,"name":"CVE-2026-29000-pac4j-jwt-auth-bypass","full_name":"PtechAmanja/CVE-2026-29000-pac4j-jwt-auth-bypass","html_url":"https://github.com/PtechAmanja/CVE-2026-29000-pac4j-jwt-auth-bypass","description":"Proof-of-Concept (PoC) for an authentication bypass vulnerability affecting applications using pac4j-jwt with JWE (JSON Web Encryption).","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-24T09:40:59Z","pushed_at":"2026-03-24T09:40:55Z","created_at":"2026-03-24T09:24:49Z","topics":["authentication-bypass","cve-2026-29000","hackthebox"],"owner":{"login":"PtechAmanja","html_url":"https://github.com/PtechAmanja"},"clone_url":"https://github.com/PtechAmanja/CVE-2026-29000-pac4j-jwt-auth-bypass.git"},{"id":1180708593,"name":"CVE-2026-29000-Python-PoC-pac4j-JWT-AuthenticationBypass-Poc","full_name":"alihussainzada/CVE-2026-29000-Python-PoC-pac4j-JWT-AuthenticationBypass-Poc","html_url":"https://github.com/alihussainzada/CVE-2026-29000-Python-PoC-pac4j-JWT-AuthenticationBypass-Poc","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-13T10:32:31Z","pushed_at":"2026-03-13T10:27:07Z","created_at":"2026-03-13T10:23:19Z","topics":[],"owner":{"login":"alihussainzada","html_url":"https://github.com/alihussainzada"},"clone_url":"https://github.com/alihussainzada/CVE-2026-29000-Python-PoC-pac4j-JWT-AuthenticationBypass-Poc.git"},{"id":1180680792,"name":"CVE-2026-29000","full_name":"Crims-on/CVE-2026-29000","html_url":"https://github.com/Crims-on/CVE-2026-29000","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-13T09:48:26Z","pushed_at":"2026-03-13T09:48:23Z","created_at":"2026-03-13T09:46:45Z","topics":[],"owner":{"login":"Crims-on","html_url":"https://github.com/Crims-on"},"clone_url":"https://github.com/Crims-on/CVE-2026-29000.git"},{"id":1178685428,"name":"CVE-2026-29000-Lab","full_name":"rootdirective-sec/CVE-2026-29000-Lab","html_url":"https://github.com/rootdirective-sec/CVE-2026-29000-Lab","description":"","stargazers_count":0,"forks_count":0,"language":"Java","updated_at":"2026-03-11T09:11:38Z","pushed_at":"2026-03-11T09:11:34Z","created_at":"2026-03-11T09:09:24Z","topics":[],"owner":{"login":"rootdirective-sec","html_url":"https://github.com/rootdirective-sec"},"clone_url":"https://github.com/rootdirective-sec/CVE-2026-29000-Lab.git"}]},{"cve_id":"CVE-2026-29041","repositories":[{"id":1174315237,"name":"CVE-2026-29041","full_name":"kx00007/CVE-2026-29041","html_url":"https://github.com/kx00007/CVE-2026-29041","description":"Hi, I’m K, This is my first CVE, which is a Remote Code Execution (RCE) vulnerability. It is the beginning of my journey as a security researcher.","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-03-24T08:00:07Z","pushed_at":"2026-03-06T10:26:04Z","created_at":"2026-03-06T09:54:58Z","topics":[],"owner":{"login":"kx00007","html_url":"https://github.com/kx00007"},"clone_url":"https://github.com/kx00007/CVE-2026-29041.git"}]},{"cve_id":"CVE-2026-29053","repositories":[{"id":1217483818,"name":"CVE-2026-29053","full_name":"AC8999/CVE-2026-29053","html_url":"https://github.com/AC8999/CVE-2026-29053","description":"(RCE) vulnerability discovered in Ghost CMS (specifically affecting versions 0.7.2 through 6.19.0)","stargazers_count":0,"forks_count":0,"language":"CSS","updated_at":"2026-04-21T23:57:24Z","pushed_at":"2026-04-21T23:57:20Z","created_at":"2026-04-21T23:50:12Z","topics":[],"owner":{"login":"AC8999","html_url":"https://github.com/AC8999"},"clone_url":"https://github.com/AC8999/CVE-2026-29053.git"},{"id":1179712158,"name":"CVE-2026-29053","full_name":"rootxran/CVE-2026-29053","html_url":"https://github.com/rootxran/CVE-2026-29053","description":"","stargazers_count":0,"forks_count":0,"language":"CSS","updated_at":"2026-03-12T10:04:01Z","pushed_at":"2026-03-12T10:03:57Z","created_at":"2026-03-12T09:55:54Z","topics":[],"owner":{"login":"rootxran","html_url":"https://github.com/rootxran"},"clone_url":"https://github.com/rootxran/CVE-2026-29053.git"}]},{"cve_id":"CVE-2026-29057","repositories":[{"id":1220911425,"name":"Next.js-Proof-of-Concept","full_name":"Nayekah/Next.js-Proof-of-Concept","html_url":"https://github.com/Nayekah/Next.js-Proof-of-Concept","description":"Some Proof-of-Concept (POCs) for CVE-2025-29927, CVE-2026-27978, and CVE-2026-29057 in Next.js.","stargazers_count":0,"forks_count":0,"language":"JavaScript","updated_at":"2026-04-26T05:57:14Z","pushed_at":"2026-04-26T05:53:18Z","created_at":"2026-04-25T13:57:54Z","topics":[],"owner":{"login":"Nayekah","html_url":"https://github.com/Nayekah"},"clone_url":"https://github.com/Nayekah/Next.js-Proof-of-Concept.git"}]},{"cve_id":"CVE-2026-29059","repositories":[{"id":1131928459,"name":"Windfall","full_name":"Chocapikk/Windfall","html_url":"https://github.com/Chocapikk/Windfall","description":"Windfall - Unauthenticated RCE exploit chain for Windmill \u0026 Nextcloud Flow (CVE-2026-29059). Path traversal + credential leak + PostgreSQL heap dump + Nextcloud AppAPI takeover.","stargazers_count":13,"forks_count":2,"language":"Ruby","updated_at":"2026-04-15T23:10:42Z","pushed_at":"2026-04-07T17:20:20Z","created_at":"2026-01-11T00:57:54Z","topics":["cve","cve-2026-22683","cve-2026-23696","cve-2026-29059","exploit","nextcloud","path-traversal","pentesting","python","rce","security","security-research","sql-injection","windmill"],"owner":{"login":"Chocapikk","html_url":"https://github.com/Chocapikk"},"clone_url":"https://github.com/Chocapikk/Windfall.git"}]},{"cve_id":"CVE-2026-29145","repositories":[{"id":1219250671,"name":"CVE-2026-29145-Tester","full_name":"sancliffe/CVE-2026-29145-Tester","html_url":"https://github.com/sancliffe/CVE-2026-29145-Tester","description":"This repository contains a proof-of-concept (PoC) environment designed to test for CVE-2026-29145.","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-04-25T03:37:23Z","pushed_at":"2026-04-25T07:02:06Z","created_at":"2026-04-23T17:26:33Z","topics":["bash","python","tls","tomcat"],"owner":{"login":"sancliffe","html_url":"https://github.com/sancliffe"},"clone_url":"https://github.com/sancliffe/CVE-2026-29145-Tester.git"},{"id":1175839127,"name":"cve-2026-29145","full_name":"gregk4sec/cve-2026-29145","html_url":"https://github.com/gregk4sec/cve-2026-29145","description":"","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-04-12T09:12:43Z","pushed_at":"2026-04-12T09:07:16Z","created_at":"2026-03-08T08:42:07Z","topics":[],"owner":{"login":"gregk4sec","html_url":"https://github.com/gregk4sec"},"clone_url":"https://github.com/gregk4sec/cve-2026-29145.git"}]},{"cve_id":"CVE-2026-29187","repositories":[{"id":1154250273,"name":"CVE-2026-29187_SqlInjectionVulnerabilityOpenEMR7.0.4","full_name":"ChrisSub08/CVE-2026-29187_SqlInjectionVulnerabilityOpenEMR7.0.4","html_url":"https://github.com/ChrisSub08/CVE-2026-29187_SqlInjectionVulnerabilityOpenEMR7.0.4","description":"CVE-2026-29187: SQL Injection Vulnerability in OpenEMR \u003c8.0.0.3","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-26T08:48:04Z","pushed_at":"2026-03-26T08:38:44Z","created_at":"2026-02-10T07:08:38Z","topics":[],"owner":{"login":"ChrisSub08","html_url":"https://github.com/ChrisSub08"},"clone_url":"https://github.com/ChrisSub08/CVE-2026-29187_SqlInjectionVulnerabilityOpenEMR7.0.4.git"}]},{"cve_id":"CVE-2026-29597","repositories":[{"id":1195941277,"name":"CVE-2026-29597","full_name":"padayali-JD/CVE-2026-29597","html_url":"https://github.com/padayali-JD/CVE-2026-29597","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-31T04:35:21Z","pushed_at":"2026-03-31T04:35:18Z","created_at":"2026-03-30T08:04:28Z","topics":[],"owner":{"login":"padayali-JD","html_url":"https://github.com/padayali-JD"},"clone_url":"https://github.com/padayali-JD/CVE-2026-29597.git"}]},{"cve_id":"CVE-2026-29598","repositories":[{"id":1196820327,"name":"CVE-2026-29598","full_name":"padayali-JD/CVE-2026-29598","html_url":"https://github.com/padayali-JD/CVE-2026-29598","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-31T04:27:27Z","pushed_at":"2026-03-31T04:27:23Z","created_at":"2026-03-31T04:26:38Z","topics":[],"owner":{"login":"padayali-JD","html_url":"https://github.com/padayali-JD"},"clone_url":"https://github.com/padayali-JD/CVE-2026-29598.git"}]},{"cve_id":"CVE-2026-29628","repositories":[{"id":1203852501,"name":"CVE-2026-29628","full_name":"kiyochii/CVE-2026-29628","html_url":"https://github.com/kiyochii/CVE-2026-29628","description":"","stargazers_count":0,"forks_count":0,"language":"C++","updated_at":"2026-04-13T12:57:47Z","pushed_at":"2026-04-13T12:57:44Z","created_at":"2026-04-07T12:54:09Z","topics":[],"owner":{"login":"kiyochii","html_url":"https://github.com/kiyochii"},"clone_url":"https://github.com/kiyochii/CVE-2026-29628.git"}]},{"cve_id":"CVE-2026-2964","repositories":[{"id":1187125326,"name":"CVE-2026-2964-Lab","full_name":"thegenetic/CVE-2026-2964-Lab","html_url":"https://github.com/thegenetic/CVE-2026-2964-Lab","description":"","stargazers_count":0,"forks_count":0,"language":"JavaScript","updated_at":"2026-03-20T13:36:26Z","pushed_at":"2026-03-20T13:36:23Z","created_at":"2026-03-20T11:19:09Z","topics":[],"owner":{"login":"thegenetic","html_url":"https://github.com/thegenetic"},"clone_url":"https://github.com/thegenetic/CVE-2026-2964-Lab.git"}]},{"cve_id":"CVE-2026-29780","repositories":[{"id":1177536555,"name":"CVE-2026-29780","full_name":"redyank/CVE-2026-29780","html_url":"https://github.com/redyank/CVE-2026-29780","description":"CVE-2026-29780 eml-parser","stargazers_count":0,"forks_count":1,"language":"","updated_at":"2026-04-03T02:29:13Z","pushed_at":"2026-04-03T02:29:10Z","created_at":"2026-03-10T05:46:46Z","topics":[],"owner":{"login":"redyank","html_url":"https://github.com/redyank"},"clone_url":"https://github.com/redyank/CVE-2026-29780.git"}]},{"cve_id":"CVE-2026-29781","repositories":[{"id":1168921965,"name":"CVE-2026-29781","full_name":"skoveit/CVE-2026-29781","html_url":"https://github.com/skoveit/CVE-2026-29781","description":"CVE-2026-29781 PoC - uno reverse","stargazers_count":4,"forks_count":1,"language":"Go","updated_at":"2026-04-25T23:56:28Z","pushed_at":"2026-03-23T16:07:47Z","created_at":"2026-02-28T00:20:22Z","topics":["cve-2026-29781","exploit","poc","red-teaming","sliver","sliver-c2","vulnerability-research"],"owner":{"login":"skoveit","html_url":"https://github.com/skoveit"},"clone_url":"https://github.com/skoveit/CVE-2026-29781.git"}]},{"cve_id":"CVE-2026-29786","repositories":[{"id":1177571914,"name":"NodeJS-Tar-Symlink-Exploit-CVE-2026-29786","full_name":"Rohitberiwala/NodeJS-Tar-Symlink-Exploit-CVE-2026-29786","html_url":"https://github.com/Rohitberiwala/NodeJS-Tar-Symlink-Exploit-CVE-2026-29786","description":"Technical analysis and Proof-of-Concept (PoC) for a critical Path Traversal vulnerability via Symlink manipulation in the Node.js 'tar' package (CVE-2026-29786)","stargazers_count":1,"forks_count":0,"language":"JavaScript","updated_at":"2026-03-10T15:21:06Z","pushed_at":"2026-03-10T06:48:39Z","created_at":"2026-03-10T06:40:34Z","topics":[],"owner":{"login":"Rohitberiwala","html_url":"https://github.com/Rohitberiwala"},"clone_url":"https://github.com/Rohitberiwala/NodeJS-Tar-Symlink-Exploit-CVE-2026-29786.git"},{"id":1173939877,"name":"CVE-2026-29786","full_name":"Jvr2022/CVE-2026-29786","html_url":"https://github.com/Jvr2022/CVE-2026-29786","description":"PoC for CVE-2026-29786 demonstrating a node-tar hardlink path traversal that allows overwriting files outside the extraction directory.","stargazers_count":1,"forks_count":0,"language":"JavaScript","updated_at":"2026-03-05T22:57:04Z","pushed_at":"2026-03-05T22:56:51Z","created_at":"2026-03-05T22:53:22Z","topics":[],"owner":{"login":"Jvr2022","html_url":"https://github.com/Jvr2022"},"clone_url":"https://github.com/Jvr2022/CVE-2026-29786.git"}]},{"cve_id":"CVE-2026-29861","repositories":[{"id":1206551996,"name":"CVE-2026-29861","full_name":"amanyadav78/CVE-2026-29861","html_url":"https://github.com/amanyadav78/CVE-2026-29861","description":"","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-04-10T16:19:31Z","pushed_at":"2026-04-10T03:00:23Z","created_at":"2026-04-10T02:58:07Z","topics":[],"owner":{"login":"amanyadav78","html_url":"https://github.com/amanyadav78"},"clone_url":"https://github.com/amanyadav78/CVE-2026-29861.git"}]},{"cve_id":"CVE-2026-29905","repositories":[{"id":1192852197,"name":"CVE-2026-29905","full_name":"Stalin-143/CVE-2026-29905","html_url":"https://github.com/Stalin-143/CVE-2026-29905","description":"CVE-2026-29905","stargazers_count":20,"forks_count":0,"language":"","updated_at":"2026-04-12T09:02:34Z","pushed_at":"2026-03-31T07:18:41Z","created_at":"2026-03-26T16:15:08Z","topics":[],"owner":{"login":"Stalin-143","html_url":"https://github.com/Stalin-143"},"clone_url":"https://github.com/Stalin-143/CVE-2026-29905.git"}]},{"cve_id":"CVE-2026-29909","repositories":[{"id":1193158185,"name":"CVE-2026-29909-MRCMS-vulnerability","full_name":"qflksheep/CVE-2026-29909-MRCMS-vulnerability","html_url":"https://github.com/qflksheep/CVE-2026-29909-MRCMS-vulnerability","description":"MRCMS V3.1.2 contains an unauthenticated directory enumeration vulnerability in the file management module. The `/admin/file/list.do` endpoint lacks authentication controls and proper input validation, allowing remote attackers to enumerate directory contents on the server without any credentials.","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-27T00:01:17Z","pushed_at":"2026-03-27T00:01:13Z","created_at":"2026-03-26T23:49:16Z","topics":[],"owner":{"login":"qflksheep","html_url":"https://github.com/qflksheep"},"clone_url":"https://github.com/qflksheep/CVE-2026-29909-MRCMS-vulnerability.git"}]},{"cve_id":"CVE-2026-2991","repositories":[{"id":1185612959,"name":"CVE-2026-2991","full_name":"joshuavanderpoll/CVE-2026-2991","html_url":"https://github.com/joshuavanderpoll/CVE-2026-2991","description":"PoC exploit for CVE-2026-2991 — authentication bypass in KiviCare WordPress plugin (≤4.1.2) allowing unauthenticated patient account takeover and admin session extraction.","stargazers_count":1,"forks_count":0,"language":"PHP","updated_at":"2026-03-18T19:38:20Z","pushed_at":"2026-03-18T19:25:25Z","created_at":"2026-03-18T19:09:24Z","topics":["auth-bypass","cve","cve-2026-2991","exploit","exploits","pentest-tool","pentesting","python","secrity-tools","security","vulnerabilities","vulnerability","wordpress","wordpress-exploit"],"owner":{"login":"joshuavanderpoll","html_url":"https://github.com/joshuavanderpoll"},"clone_url":"https://github.com/joshuavanderpoll/CVE-2026-2991.git"},{"id":1200782960,"name":"CVE-2026-2991","full_name":"Jumpthereness578/CVE-2026-2991","html_url":"https://github.com/Jumpthereness578/CVE-2026-2991","description":"Explore a PoC for CVE-2026-2991, an auth bypass in KiviCare 4.1.2 and earlier via the patient social-login REST endpoint","stargazers_count":0,"forks_count":0,"language":"PHP","updated_at":"2026-04-29T12:24:51Z","pushed_at":"2026-04-29T12:24:47Z","created_at":"2026-04-03T20:26:43Z","topics":["auth-bypass","cve","cve-2026-2991","exploit","pentest-tool","pentesting","python","secrity-tools","security","vulnerabilities","vulnerability","wordpress","wordpress-exploit"],"owner":{"login":"Jumpthereness578","html_url":"https://github.com/Jumpthereness578"},"clone_url":"https://github.com/Jumpthereness578/CVE-2026-2991.git"}]},{"cve_id":"CVE-2026-29923","repositories":[{"id":1206971957,"name":"CVE-2026-29923","full_name":"athenasec16/CVE-2026-29923","html_url":"https://github.com/athenasec16/CVE-2026-29923","description":"A newly discovered vulnerable driver, pstrip64.sys (CVE-2026-29923) allows an unprivileged user to escalate privileges to SYSTEM via a crafted IOCTL request ","stargazers_count":21,"forks_count":2,"language":"C++","updated_at":"2026-04-28T19:55:21Z","pushed_at":"2026-04-11T13:56:20Z","created_at":"2026-04-10T12:48:55Z","topics":[],"owner":{"login":"athenasec16","html_url":"https://github.com/athenasec16"},"clone_url":"https://github.com/athenasec16/CVE-2026-29923.git"},{"id":1140186908,"name":"CVE-2026-29923","full_name":"Smarttfoxx/CVE-2026-29923","html_url":"https://github.com/Smarttfoxx/CVE-2026-29923","description":"The pstrip64.sys kernel driver exposes an IOCTL that allows low-privileged users to map arbitrary ranges of physical memory into their own virtual address space. This primitive allows full read/write access to the system's physical RAM, enabling attackers to modify   critical kernel structures and escalate privileges to NT AUTHORITY\\SYSTEM.","stargazers_count":4,"forks_count":1,"language":"","updated_at":"2026-04-22T00:58:54Z","pushed_at":"2026-04-05T19:00:54Z","created_at":"2026-01-23T00:02:29Z","topics":[],"owner":{"login":"Smarttfoxx","html_url":"https://github.com/Smarttfoxx"},"clone_url":"https://github.com/Smarttfoxx/CVE-2026-29923.git"}]},{"cve_id":"CVE-2026-29954","repositories":[{"id":1193356379,"name":"CVE-2026-29954","full_name":"b0b0haha/CVE-2026-29954","html_url":"https://github.com/b0b0haha/CVE-2026-29954","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-27T06:12:39Z","pushed_at":"2026-03-27T06:12:36Z","created_at":"2026-03-27T06:11:47Z","topics":[],"owner":{"login":"b0b0haha","html_url":"https://github.com/b0b0haha"},"clone_url":"https://github.com/b0b0haha/CVE-2026-29954.git"}]},{"cve_id":"CVE-2026-29955","repositories":[{"id":1193350545,"name":"CVE-2026-29955","full_name":"b0b0haha/CVE-2026-29955","html_url":"https://github.com/b0b0haha/CVE-2026-29955","description":"The details for CVE-2026-29955","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-27T06:04:45Z","pushed_at":"2026-03-27T06:04:42Z","created_at":"2026-03-27T06:02:37Z","topics":[],"owner":{"login":"b0b0haha","html_url":"https://github.com/b0b0haha"},"clone_url":"https://github.com/b0b0haha/CVE-2026-29955.git"}]},{"cve_id":"CVE-2026-29971","repositories":[{"id":1193133149,"name":"CVE-2026-29971","full_name":"Tharooon/CVE-2026-29971","html_url":"https://github.com/Tharooon/CVE-2026-29971","description":"An attacker can execute arbitrary JavaScript in the victim's browser, potentially leading to session hijacking or privilege escalation.","stargazers_count":0,"forks_count":1,"language":"","updated_at":"2026-04-27T20:23:59Z","pushed_at":"2026-04-27T20:23:55Z","created_at":"2026-03-26T22:56:31Z","topics":[],"owner":{"login":"Tharooon","html_url":"https://github.com/Tharooon"},"clone_url":"https://github.com/Tharooon/CVE-2026-29971.git"},{"id":1193124402,"name":"BACkupCVE-2026-29971","full_name":"tharunchidurala-cyber/BACkupCVE-2026-29971","html_url":"https://github.com/tharunchidurala-cyber/BACkupCVE-2026-29971","description":"An attacker can execute arbitrary JavaScript in the victim's browser, potentially leading to session hijacking or privilege escalation.","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-26T22:57:01Z","pushed_at":"2026-03-26T22:56:58Z","created_at":"2026-03-26T22:39:43Z","topics":[],"owner":{"login":"tharunchidurala-cyber","html_url":"https://github.com/tharunchidurala-cyber"},"clone_url":"https://github.com/tharunchidurala-cyber/BACkupCVE-2026-29971.git"}]},{"cve_id":"CVE-2026-30","repositories":[{"id":1196656918,"name":"ICS-MoxieManager-FileUpload-PoC","full_name":"itsismarcos/ICS-MoxieManager-FileUpload-PoC","html_url":"https://github.com/itsismarcos/ICS-MoxieManager-FileUpload-PoC","description":"CVE-2026-30-03 9.8 (Crítico) Possível RCE Jenzabar ICS + MoxieManager","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-18T06:12:33Z","pushed_at":"2026-03-31T00:22:12Z","created_at":"2026-03-30T23:06:10Z","topics":[],"owner":{"login":"itsismarcos","html_url":"https://github.com/itsismarcos"},"clone_url":"https://github.com/itsismarcos/ICS-MoxieManager-FileUpload-PoC.git"}]},{"cve_id":"CVE-2026-30039","repositories":[{"id":1192232315,"name":"CVE-2026-30039","full_name":"bx33661/CVE-2026-30039","html_url":"https://github.com/bx33661/CVE-2026-30039","description":"Security advisory and bilingual write-up for CVE-2026-30039 in rarfile","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-26T02:46:41Z","pushed_at":"2026-03-26T02:46:37Z","created_at":"2026-03-26T02:38:23Z","topics":["archive-extraction","cve","python","rarfile","security","symlink","vulnerability"],"owner":{"login":"bx33661","html_url":"https://github.com/bx33661"},"clone_url":"https://github.com/bx33661/CVE-2026-30039.git"}]},{"cve_id":"CVE-2026-30048","repositories":[{"id":1184532570,"name":"CVE-2026-30048","full_name":"0xN4no/CVE-2026-30048","html_url":"https://github.com/0xN4no/CVE-2026-30048","description":"Stored XSS in NotChatbot WebChat \u003c= 1.5.0 (CVE-2026-30048)","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-17T21:18:47Z","pushed_at":"2026-03-17T21:09:55Z","created_at":"2026-03-17T17:19:01Z","topics":[],"owner":{"login":"0xN4no","html_url":"https://github.com/0xN4no"},"clone_url":"https://github.com/0xN4no/CVE-2026-30048.git"}]},{"cve_id":"CVE-2026-3008","repositories":[{"id":1215949678,"name":"cve-2026-3008","full_name":"llgsjsm/cve-2026-3008","html_url":"https://github.com/llgsjsm/cve-2026-3008","description":"repo for cve-2026-3008","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-27T06:00:40Z","pushed_at":"2026-04-20T12:23:25Z","created_at":"2026-04-20T12:16:23Z","topics":[],"owner":{"login":"llgsjsm","html_url":"https://github.com/llgsjsm"},"clone_url":"https://github.com/llgsjsm/cve-2026-3008.git"}]},{"cve_id":"CVE-2026-30081","repositories":[{"id":1196874045,"name":"CVE-2026-30081","full_name":"rakeshelamaran98/CVE-2026-30081","html_url":"https://github.com/rakeshelamaran98/CVE-2026-30081","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-31T07:20:10Z","pushed_at":"2026-03-31T07:20:06Z","created_at":"2026-03-31T05:56:25Z","topics":[],"owner":{"login":"rakeshelamaran98","html_url":"https://github.com/rakeshelamaran98"},"clone_url":"https://github.com/rakeshelamaran98/CVE-2026-30081.git"}]},{"cve_id":"CVE-2026-30082","repositories":[{"id":1195714122,"name":"CVE-2026-30082","full_name":"Cr0wld3r/CVE-2026-30082","html_url":"https://github.com/Cr0wld3r/CVE-2026-30082","description":"Stored cross-site scripting (XSS) vulnerabilities in IngEstate Server v11.14.0","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-30T02:14:53Z","pushed_at":"2026-03-30T02:14:50Z","created_at":"2026-03-30T01:46:48Z","topics":[],"owner":{"login":"Cr0wld3r","html_url":"https://github.com/Cr0wld3r"},"clone_url":"https://github.com/Cr0wld3r/CVE-2026-30082.git"}]},{"cve_id":"CVE-2026-30332","repositories":[{"id":1198472052,"name":"CVE-2026-30332","full_name":"B1tBreaker/CVE-2026-30332","html_url":"https://github.com/B1tBreaker/CVE-2026-30332","description":"Balena Etcher versions prior to v2.1.4 on Windows are affected by a Time-of-Check to Time-of-Use (TOCTOU) race condition in the temporary file handling.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-02T16:22:53Z","pushed_at":"2026-04-02T16:22:49Z","created_at":"2026-04-01T13:06:15Z","topics":[],"owner":{"login":"B1tBreaker","html_url":"https://github.com/B1tBreaker"},"clone_url":"https://github.com/B1tBreaker/CVE-2026-30332.git"}]},{"cve_id":"CVE-2026-30345","repositories":[{"id":1184381642,"name":"CVE-2026-30345","full_name":"syphonetic/CVE-2026-30345","html_url":"https://github.com/syphonetic/CVE-2026-30345","description":"","stargazers_count":5,"forks_count":0,"language":"Python","updated_at":"2026-03-28T04:46:54Z","pushed_at":"2026-03-18T02:39:18Z","created_at":"2026-03-17T14:32:24Z","topics":[],"owner":{"login":"syphonetic","html_url":"https://github.com/syphonetic"},"clone_url":"https://github.com/syphonetic/CVE-2026-30345.git"}]},{"cve_id":"CVE-2026-30368","repositories":[{"id":1217604950,"name":"ls-poc","full_name":"truekas/ls-poc","html_url":"https://github.com/truekas/ls-poc","description":"CVE-2026-30368 proof of concept","stargazers_count":14,"forks_count":2,"language":"JavaScript","updated_at":"2026-04-28T20:46:28Z","pushed_at":"2026-04-26T22:34:05Z","created_at":"2026-04-22T03:40:06Z","topics":[],"owner":{"login":"truekas","html_url":"https://github.com/truekas"},"clone_url":"https://github.com/truekas/ls-poc.git"}]},{"cve_id":"CVE-2026-30480","repositories":[{"id":1147174396,"name":"CVE-2026-30480","full_name":"parlakbarann/CVE-2026-30480","html_url":"https://github.com/parlakbarann/CVE-2026-30480","description":"","stargazers_count":1,"forks_count":0,"language":"PHP","updated_at":"2026-04-14T19:33:21Z","pushed_at":"2026-04-14T19:33:17Z","created_at":"2026-02-01T10:23:07Z","topics":[],"owner":{"login":"parlakbarann","html_url":"https://github.com/parlakbarann"},"clone_url":"https://github.com/parlakbarann/CVE-2026-30480.git"}]},{"cve_id":"CVE-2026-30498","repositories":[{"id":1189833005,"name":"CVE-2026-30498","full_name":"Mehdi-Ben-Hamou/CVE-2026-30498","html_url":"https://github.com/Mehdi-Ben-Hamou/CVE-2026-30498","description":"CVE-2026-30498 - CSRF vulnerability in AdminPanel 4.0","stargazers_count":1,"forks_count":0,"language":"PHP","updated_at":"2026-04-18T12:58:39Z","pushed_at":"2026-03-24T21:55:23Z","created_at":"2026-03-23T17:58:37Z","topics":["csrf","cve","cybersecurity","exploit","pentesting","vulnerability"],"owner":{"login":"Mehdi-Ben-Hamou","html_url":"https://github.com/Mehdi-Ben-Hamou"},"clone_url":"https://github.com/Mehdi-Ben-Hamou/CVE-2026-30498.git"}]},{"cve_id":"CVE-2026-3055","repositories":[{"id":1214857509,"name":"CVE-2026-3055","full_name":"NetVanguard-cmd/CVE-2026-3055","html_url":"https://github.com/NetVanguard-cmd/CVE-2026-3055","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-19T06:22:47Z","pushed_at":"2026-04-19T06:22:45Z","created_at":"2026-04-19T06:22:41Z","topics":[],"owner":{"login":"NetVanguard-cmd","html_url":"https://github.com/NetVanguard-cmd"},"clone_url":"https://github.com/NetVanguard-cmd/CVE-2026-3055.git"},{"id":1198828793,"name":"check-cve-2026-3055-netscaler","full_name":"l0lsec/check-cve-2026-3055-netscaler","html_url":"https://github.com/l0lsec/check-cve-2026-3055-netscaler","description":"Low-impact probe for Citrix NetScaler CVE-2026-3055 (SAML IdP memory overread)","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-01T19:53:32Z","pushed_at":"2026-04-01T19:53:27Z","created_at":"2026-04-01T19:53:25Z","topics":[],"owner":{"login":"l0lsec","html_url":"https://github.com/l0lsec"},"clone_url":"https://github.com/l0lsec/check-cve-2026-3055-netscaler.git"},{"id":1197500915,"name":"CVE-2026-3055-Scanner---Herramienta-de-Detecci-n","full_name":"fevar54/CVE-2026-3055-Scanner---Herramienta-de-Detecci-n","html_url":"https://github.com/fevar54/CVE-2026-3055-Scanner---Herramienta-de-Detecci-n","description":"Herramienta de detección para CVE-2026-3055 que identifica NetScaler ADC y Gateway vulnerables a memory overread. Realiza escaneo individual, por red o lista de hosts, detecta memory leak en /wsfed/passive?wctx, extrae session IDs, verifica versiones y genera reportes JSON, HTML o CSV con hosts vulnerables.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-31T16:28:02Z","pushed_at":"2026-03-31T16:27:58Z","created_at":"2026-03-31T16:23:12Z","topics":[],"owner":{"login":"fevar54","html_url":"https://github.com/fevar54"},"clone_url":"https://github.com/fevar54/CVE-2026-3055-Scanner---Herramienta-de-Detecci-n.git"},{"id":1197484845,"name":"CVE-2026-3055---Citrix-NetScaler-Memory-Overread-PoC","full_name":"fevar54/CVE-2026-3055---Citrix-NetScaler-Memory-Overread-PoC","html_url":"https://github.com/fevar54/CVE-2026-3055---Citrix-NetScaler-Memory-Overread-PoC","description":"Exploit funcional para CVE-2026-3055 en Citrix NetScaler ADC y Gateway. Aprovecha memory overread en endpoint /wsfed/passive?wctx para filtrar memoria del sistema, extrayendo session IDs administrativas, cookies y datos sensibles que permiten hijacking de sesiones y compromiso total del appliance vulnerable.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-31T16:13:32Z","pushed_at":"2026-03-31T16:13:26Z","created_at":"2026-03-31T16:07:38Z","topics":[],"owner":{"login":"fevar54","html_url":"https://github.com/fevar54"},"clone_url":"https://github.com/fevar54/CVE-2026-3055---Citrix-NetScaler-Memory-Overread-PoC.git"},{"id":1195190427,"name":"CVE-2026-3055","full_name":"0xBlackash/CVE-2026-3055","html_url":"https://github.com/0xBlackash/CVE-2026-3055","description":"CVE-2026-3055","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-29T11:01:40Z","pushed_at":"2026-03-29T11:01:36Z","created_at":"2026-03-29T10:58:13Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-3055.git"}]},{"cve_id":"CVE-2026-30615","repositories":[{"id":1215681296,"name":"ai-ide-config-guard","full_name":"TreRB/ai-ide-config-guard","html_url":"https://github.com/TreRB/ai-ide-config-guard","description":"Scan a repo for AI-IDE config files that can trigger RCE via Claude Code hooks, Cursor rules, MCP auto-registration. Detects CVE-2025-59536, CVE-2026-21852, CVE-2026-30615 + Pillar Rules File Backdoor patterns.","stargazers_count":0,"forks_count":0,"language":"JavaScript","updated_at":"2026-04-20T06:41:08Z","pushed_at":"2026-04-20T06:41:05Z","created_at":"2026-04-20T06:41:02Z","topics":[],"owner":{"login":"TreRB","html_url":"https://github.com/TreRB"},"clone_url":"https://github.com/TreRB/ai-ide-config-guard.git"}]},{"cve_id":"CVE-2026-30655","repositories":[{"id":1190123495,"name":"CVE-2026-30655","full_name":"brynax/CVE-2026-30655","html_url":"https://github.com/brynax/CVE-2026-30655","description":"Security advisory for CVE-2026-30655: unauthenticated SQL injection in esiclivre (/reset/index.php).","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-24T01:44:47Z","pushed_at":"2026-03-24T01:44:44Z","created_at":"2026-03-24T01:43:34Z","topics":[],"owner":{"login":"brynax","html_url":"https://github.com/brynax"},"clone_url":"https://github.com/brynax/CVE-2026-30655.git"}]},{"cve_id":"CVE-2026-30695","repositories":[{"id":1186342293,"name":"CVE-2026-30695","full_name":"iremnurylmz/CVE-2026-30695","html_url":"https://github.com/iremnurylmz/CVE-2026-30695","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-19T14:47:54Z","pushed_at":"2026-03-19T14:44:15Z","created_at":"2026-03-19T14:24:11Z","topics":[],"owner":{"login":"iremnurylmz","html_url":"https://github.com/iremnurylmz"},"clone_url":"https://github.com/iremnurylmz/CVE-2026-30695.git"}]},{"cve_id":"CVE-2026-30741","repositories":[{"id":1177954059,"name":"CVE-2026-30741","full_name":"Named1ess/CVE-2026-30741","html_url":"https://github.com/Named1ess/CVE-2026-30741","description":"","stargazers_count":4,"forks_count":0,"language":"JavaScript","updated_at":"2026-04-09T07:12:00Z","pushed_at":"2026-03-10T15:02:40Z","created_at":"2026-03-10T14:40:51Z","topics":[],"owner":{"login":"Named1ess","html_url":"https://github.com/Named1ess"},"clone_url":"https://github.com/Named1ess/CVE-2026-30741.git"}]},{"cve_id":"CVE-2026-30862","repositories":[{"id":1176879171,"name":"CVE-2026-30862","full_name":"drkim-dev/CVE-2026-30862","html_url":"https://github.com/drkim-dev/CVE-2026-30862","description":"CVE-2026-30862 | appsmith Privilege Escalation(xss)","stargazers_count":2,"forks_count":1,"language":"","updated_at":"2026-04-23T04:54:56Z","pushed_at":"2026-04-10T22:48:05Z","created_at":"2026-03-09T13:24:42Z","topics":[],"owner":{"login":"drkim-dev","html_url":"https://github.com/drkim-dev"},"clone_url":"https://github.com/drkim-dev/CVE-2026-30862.git"}]},{"cve_id":"CVE-2026-30863","repositories":[{"id":1175872718,"name":"CVE-2026-30863-Exploit","full_name":"Worthes/CVE-2026-30863-Exploit","html_url":"https://github.com/Worthes/CVE-2026-30863-Exploit","description":"CWE-287: Improper Authentication in parse-community parse-server","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-08T10:08:27Z","pushed_at":"2026-03-08T10:08:24Z","created_at":"2026-03-08T09:47:38Z","topics":[],"owner":{"login":"Worthes","html_url":"https://github.com/Worthes"},"clone_url":"https://github.com/Worthes/CVE-2026-30863-Exploit.git"}]},{"cve_id":"CVE-2026-30944","repositories":[{"id":1178374703,"name":"CVE-2026-30944-PoC","full_name":"FilipeGaudard/CVE-2026-30944-PoC","html_url":"https://github.com/FilipeGaudard/CVE-2026-30944-PoC","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-11T00:58:31Z","pushed_at":"2026-03-11T00:58:28Z","created_at":"2026-03-11T00:53:54Z","topics":[],"owner":{"login":"FilipeGaudard","html_url":"https://github.com/FilipeGaudard"},"clone_url":"https://github.com/FilipeGaudard/CVE-2026-30944-PoC.git"}]},{"cve_id":"CVE-2026-30945","repositories":[{"id":1179303156,"name":"CVE-2026-30945-PoC","full_name":"FilipeGaudard/CVE-2026-30945-PoC","html_url":"https://github.com/FilipeGaudard/CVE-2026-30945-PoC","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-11T22:34:53Z","pushed_at":"2026-03-11T22:34:50Z","created_at":"2026-03-11T22:33:02Z","topics":[],"owner":{"login":"FilipeGaudard","html_url":"https://github.com/FilipeGaudard"},"clone_url":"https://github.com/FilipeGaudard/CVE-2026-30945-PoC.git"}]},{"cve_id":"CVE-2026-30951","repositories":[{"id":1202173227,"name":"CVE-2026-30951","full_name":"EQSTLab/CVE-2026-30951","html_url":"https://github.com/EQSTLab/CVE-2026-30951","description":"Sequelize JSON Cast SQL Injection","stargazers_count":1,"forks_count":0,"language":"JavaScript","updated_at":"2026-04-27T06:20:03Z","pushed_at":"2026-04-27T06:20:00Z","created_at":"2026-04-05T17:37:20Z","topics":[],"owner":{"login":"EQSTLab","html_url":"https://github.com/EQSTLab"},"clone_url":"https://github.com/EQSTLab/CVE-2026-30951.git"}]},{"cve_id":"CVE-2026-30952","repositories":[{"id":1178681193,"name":"CVE-2026-30952-PoC","full_name":"MorielHarush/CVE-2026-30952-PoC","html_url":"https://github.com/MorielHarush/CVE-2026-30952-PoC","description":"PoC for CVE-2026-30952: Path Traversal vulnerability in liquidjs via absolute paths in layout, render, and include tags.","stargazers_count":0,"forks_count":0,"language":"JavaScript","updated_at":"2026-03-11T09:40:31Z","pushed_at":"2026-03-11T09:40:28Z","created_at":"2026-03-11T09:04:20Z","topics":[],"owner":{"login":"MorielHarush","html_url":"https://github.com/MorielHarush"},"clone_url":"https://github.com/MorielHarush/CVE-2026-30952-PoC.git"}]},{"cve_id":"CVE-2026-3098","repositories":[{"id":1159531043,"name":"LLM-Jailbreak-via-Chain-of-Logic-Injection-CVE-2026-3098","full_name":"George0Papasotiriou/LLM-Jailbreak-via-Chain-of-Logic-Injection-CVE-2026-3098","html_url":"https://github.com/George0Papasotiriou/LLM-Jailbreak-via-Chain-of-Logic-Injection-CVE-2026-3098","description":"Report","stargazers_count":4,"forks_count":0,"language":"","updated_at":"2026-04-25T17:23:52Z","pushed_at":"2026-02-16T21:16:20Z","created_at":"2026-02-16T20:57:08Z","topics":[],"owner":{"login":"George0Papasotiriou","html_url":"https://github.com/George0Papasotiriou"},"clone_url":"https://github.com/George0Papasotiriou/LLM-Jailbreak-via-Chain-of-Logic-Injection-CVE-2026-3098.git"}]},{"cve_id":"CVE-2026-31048","repositories":[{"id":1207154083,"name":"security-advisories","full_name":"Sif-0x01/security-advisories","html_url":"https://github.com/Sif-0x01/security-advisories","description":"Security advisory for CVE-2026-31048","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-10T16:25:50Z","pushed_at":"2026-04-10T16:25:42Z","created_at":"2026-04-10T16:25:41Z","topics":[],"owner":{"login":"Sif-0x01","html_url":"https://github.com/Sif-0x01"},"clone_url":"https://github.com/Sif-0x01/security-advisories.git"}]},{"cve_id":"CVE-2026-31266","repositories":[{"id":1150067674,"name":"Craftcms-PoC-CVE-2026-31266","full_name":"0xrixet/Craftcms-PoC-CVE-2026-31266","html_url":"https://github.com/0xrixet/Craftcms-PoC-CVE-2026-31266","description":"Security research on Craft CMS authentication mechanism","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-21T16:17:38Z","pushed_at":"2026-04-09T05:52:42Z","created_at":"2026-02-04T21:01:26Z","topics":["craft-cms","cve-2026-31266","missing-authorization-check","poc","security"],"owner":{"login":"0xrixet","html_url":"https://github.com/0xrixet"},"clone_url":"https://github.com/0xrixet/Craftcms-PoC-CVE-2026-31266.git"}]},{"cve_id":"CVE-2026-31280","repositories":[{"id":1207264865,"name":"CVE-2026-31280-Insecure-Bluetooth-RFCOMM-Leading-to-Device-Crash-in-Parani-M10-Intercom","full_name":"CipherX1802/CVE-2026-31280-Insecure-Bluetooth-RFCOMM-Leading-to-Device-Crash-in-Parani-M10-Intercom","html_url":"https://github.com/CipherX1802/CVE-2026-31280-Insecure-Bluetooth-RFCOMM-Leading-to-Device-Crash-in-Parani-M10-Intercom","description":"A Bluetooth Classic RFCOMM service is exposed without enforcing secure authentication or proper access control.  Once within range, any device can:  Establish a connection without proper pairing restrictions Access RFCOMM channels directly Send arbitrary or malformed payloads","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-10T18:54:09Z","pushed_at":"2026-04-10T18:54:04Z","created_at":"2026-04-10T18:51:42Z","topics":[],"owner":{"login":"CipherX1802","html_url":"https://github.com/CipherX1802"},"clone_url":"https://github.com/CipherX1802/CVE-2026-31280-Insecure-Bluetooth-RFCOMM-Leading-to-Device-Crash-in-Parani-M10-Intercom.git"}]},{"cve_id":"CVE-2026-31281","repositories":[{"id":1209211666,"name":"CVE-2026-31281","full_name":"saykino/CVE-2026-31281","html_url":"https://github.com/saykino/CVE-2026-31281","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-13T08:07:45Z","pushed_at":"2026-04-13T08:07:42Z","created_at":"2026-04-13T07:48:27Z","topics":[],"owner":{"login":"saykino","html_url":"https://github.com/saykino"},"clone_url":"https://github.com/saykino/CVE-2026-31281.git"}]},{"cve_id":"CVE-2026-31282","repositories":[{"id":1209232901,"name":"CVE-2026-31282","full_name":"saykino/CVE-2026-31282","html_url":"https://github.com/saykino/CVE-2026-31282","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-13T08:21:28Z","pushed_at":"2026-04-13T08:21:25Z","created_at":"2026-04-13T08:14:55Z","topics":[],"owner":{"login":"saykino","html_url":"https://github.com/saykino"},"clone_url":"https://github.com/saykino/CVE-2026-31282.git"}]},{"cve_id":"CVE-2026-31283","repositories":[{"id":1209204855,"name":"CVE-2026-31283","full_name":"saykino/CVE-2026-31283","html_url":"https://github.com/saykino/CVE-2026-31283","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-13T08:13:13Z","pushed_at":"2026-04-13T08:13:10Z","created_at":"2026-04-13T07:39:47Z","topics":[],"owner":{"login":"saykino","html_url":"https://github.com/saykino"},"clone_url":"https://github.com/saykino/CVE-2026-31283.git"}]},{"cve_id":"CVE-2026-31402","repositories":[{"id":1206290660,"name":"CVE-2026-31402","full_name":"0xBlackash/CVE-2026-31402","html_url":"https://github.com/0xBlackash/CVE-2026-31402","description":"CVE-2026-31402","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-04-09T19:31:45Z","pushed_at":"2026-04-09T19:31:39Z","created_at":"2026-04-09T19:10:44Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-31402.git"}]},{"cve_id":"CVE-2026-31413","repositories":[{"id":1208478299,"name":"CVE-2026-31413-BPF-Container-Escape","full_name":"Rat5ak/CVE-2026-31413-BPF-Container-Escape","html_url":"https://github.com/Rat5ak/CVE-2026-31413-BPF-Container-Escape","description":"CVE-2026-31413: BPF verifier soundness bug - container escape","stargazers_count":1,"forks_count":1,"language":"C","updated_at":"2026-04-18T03:55:58Z","pushed_at":"2026-04-18T03:55:54Z","created_at":"2026-04-12T10:41:02Z","topics":[],"owner":{"login":"Rat5ak","html_url":"https://github.com/Rat5ak"},"clone_url":"https://github.com/Rat5ak/CVE-2026-31413-BPF-Container-Escape.git"}]},{"cve_id":"CVE-2026-31429","repositories":[{"id":1219709404,"name":"CVE-2026-31429-POC","full_name":"bluedragonsecurity/CVE-2026-31429-POC","html_url":"https://github.com/bluedragonsecurity/CVE-2026-31429-POC","description":"POC for CVE-2026-31429 (Linux Kernel \u003e= 6.3 \u003c 6.12.82 Slab Cross-Cache Confusion) - vulnerability discovered by Antonius - w1sdom - bluedragonsec.com","stargazers_count":1,"forks_count":0,"language":"C","updated_at":"2026-04-28T03:57:37Z","pushed_at":"2026-04-24T06:52:12Z","created_at":"2026-04-24T06:30:29Z","topics":[],"owner":{"login":"bluedragonsecurity","html_url":"https://github.com/bluedragonsecurity"},"clone_url":"https://github.com/bluedragonsecurity/CVE-2026-31429-POC.git"}]},{"cve_id":"CVE-2026-3170","repositories":[{"id":1167397331,"name":"CVE-disclosures","full_name":"archana1122m/CVE-disclosures","html_url":"https://github.com/archana1122m/CVE-disclosures","description":"CVE-2026-3171 and CVE-2026-3170 vulnerability disclosure by Archana M","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-26T09:04:01Z","pushed_at":"2026-02-26T09:02:00Z","created_at":"2026-02-26T08:50:54Z","topics":[],"owner":{"login":"archana1122m","html_url":"https://github.com/archana1122m"},"clone_url":"https://github.com/archana1122m/CVE-disclosures.git"}]},{"cve_id":"CVE-2026-3171","repositories":[{"id":1167397331,"name":"CVE-disclosures","full_name":"archana1122m/CVE-disclosures","html_url":"https://github.com/archana1122m/CVE-disclosures","description":"CVE-2026-3171 and CVE-2026-3170 vulnerability disclosure by Archana M","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-26T09:04:01Z","pushed_at":"2026-02-26T09:02:00Z","created_at":"2026-02-26T08:50:54Z","topics":[],"owner":{"login":"archana1122m","html_url":"https://github.com/archana1122m"},"clone_url":"https://github.com/archana1122m/CVE-disclosures.git"}]},{"cve_id":"CVE-2026-31802","repositories":[{"id":1181979307,"name":"CVE-2026-31802","full_name":"Jvr2022/CVE-2026-31802","html_url":"https://github.com/Jvr2022/CVE-2026-31802","description":"PoC and write-up for CVE-2026-31802, a symlink path traversal vulnerability in npm tar enabling arbitrary file overwrite outside the extraction directory.","stargazers_count":1,"forks_count":0,"language":"JavaScript","updated_at":"2026-03-14T22:23:10Z","pushed_at":"2026-03-14T22:08:00Z","created_at":"2026-03-14T22:04:11Z","topics":["cve","cve-2026-31802","exploit","node-tar","path-traversal","poc","security","security-research","symlink","tar","vulnerability"],"owner":{"login":"Jvr2022","html_url":"https://github.com/Jvr2022"},"clone_url":"https://github.com/Jvr2022/CVE-2026-31802.git"},{"id":1194805373,"name":"CVE-2026-31802","full_name":"Recorded-texteditor120/CVE-2026-31802","html_url":"https://github.com/Recorded-texteditor120/CVE-2026-31802","description":"Demonstrate and analyze the CVE-2026-31802 path traversal vulnerability in npm tar, enabling arbitrary file overwrite via symlink extraction.","stargazers_count":0,"forks_count":0,"language":"JavaScript","updated_at":"2026-04-29T12:21:30Z","pushed_at":"2026-04-29T12:21:26Z","created_at":"2026-03-28T20:49:46Z","topics":["cve","cve-2026-31802","exploit","node-tar","path-traversal","poc","security","security-research","symlink","tar","vulnerability"],"owner":{"login":"Recorded-texteditor120","html_url":"https://github.com/Recorded-texteditor120"},"clone_url":"https://github.com/Recorded-texteditor120/CVE-2026-31802.git"}]},{"cve_id":"CVE-2026-31816","repositories":[{"id":1179842758,"name":"CVE-2026-31816-rshell","full_name":"imjdl/CVE-2026-31816-rshell","html_url":"https://github.com/imjdl/CVE-2026-31816-rshell","description":"CVE-2026-31816 - Budibase Reverse Shell Exploit","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-12T13:31:45Z","pushed_at":"2026-03-12T12:57:10Z","created_at":"2026-03-12T12:44:53Z","topics":[],"owner":{"login":"imjdl","html_url":"https://github.com/imjdl"},"clone_url":"https://github.com/imjdl/CVE-2026-31816-rshell.git"}]},{"cve_id":"CVE-2026-31844","repositories":[{"id":1179313678,"name":"CVE-2026-31844","full_name":"Mothra-1/CVE-2026-31844","html_url":"https://github.com/Mothra-1/CVE-2026-31844","description":"","stargazers_count":1,"forks_count":1,"language":"Python","updated_at":"2026-04-03T00:53:35Z","pushed_at":"2026-03-13T21:44:32Z","created_at":"2026-03-11T22:53:00Z","topics":[],"owner":{"login":"Mothra-1","html_url":"https://github.com/Mothra-1"},"clone_url":"https://github.com/Mothra-1/CVE-2026-31844.git"}]},{"cve_id":"CVE-2026-31891","repositories":[{"id":1186706392,"name":"CVE-2026-31891","full_name":"ffasterss/CVE-2026-31891","html_url":"https://github.com/ffasterss/CVE-2026-31891","description":"SQL Injection in MongoLite Aggregation Optimizer via toJsonExtractRaw()","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-24T19:58:52Z","pushed_at":"2026-03-24T19:58:49Z","created_at":"2026-03-19T22:54:08Z","topics":[],"owner":{"login":"ffasterss","html_url":"https://github.com/ffasterss"},"clone_url":"https://github.com/ffasterss/CVE-2026-31891.git"}]},{"cve_id":"CVE-2026-31899","repositories":[{"id":1182235473,"name":"CVE-2026-31899","full_name":"SnailSploit/CVE-2026-31899","html_url":"https://github.com/SnailSploit/CVE-2026-31899","description":"CVE-2026-31899: Exponential DoS via Recursive \u003cuse\u003e Element Amplification in CairoSVG (CVSS 7.5 High)","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-15T08:59:05Z","pushed_at":"2026-03-15T08:59:02Z","created_at":"2026-03-15T08:25:43Z","topics":[],"owner":{"login":"SnailSploit","html_url":"https://github.com/SnailSploit"},"clone_url":"https://github.com/SnailSploit/CVE-2026-31899.git"}]},{"cve_id":"CVE-2026-31900","repositories":[{"id":1207762878,"name":"cve-2026-31900-lab","full_name":"Batosay1337Lab/cve-2026-31900-lab","html_url":"https://github.com/Batosay1337Lab/cve-2026-31900-lab","description":"CVE-2026-31900 Vulnerable Lab - psf/black GitHub Action RCE","stargazers_count":0,"forks_count":1,"language":"Python","updated_at":"2026-04-12T01:55:07Z","pushed_at":"2026-04-12T01:54:58Z","created_at":"2026-04-11T11:17:07Z","topics":[],"owner":{"login":"Batosay1337Lab","html_url":"https://github.com/Batosay1337Lab"},"clone_url":"https://github.com/Batosay1337Lab/cve-2026-31900-lab.git"}]},{"cve_id":"CVE-2026-31908","repositories":[{"id":1215255955,"name":"CVE-2026-31908","full_name":"MehranTurk/CVE-2026-31908","html_url":"https://github.com/MehranTurk/CVE-2026-31908","description":"This proof-of-concept (PoC) exploit targets CVE-2026-31908, a critical header injection vulnerability affecting Apache APISIX versions 2.12.0 through 3.15.0","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-19T17:47:18Z","pushed_at":"2026-04-19T17:45:39Z","created_at":"2026-04-19T17:24:09Z","topics":[],"owner":{"login":"MehranTurk","html_url":"https://github.com/MehranTurk"},"clone_url":"https://github.com/MehranTurk/CVE-2026-31908.git"}]},{"cve_id":"CVE-2026-32013","repositories":[{"id":1194909736,"name":"cve-scanner","full_name":"hargabyte/cve-scanner","html_url":"https://github.com/hargabyte/cve-scanner","description":"OpenClaw CVE scanner. Tracks known vulnerabilities (CVE-2026-32013, CVE-2026-32015, etc.). Zero network calls, 100% local. Version checking, upgrade recommendations.","stargazers_count":2,"forks_count":0,"language":"Shell","updated_at":"2026-04-05T17:05:41Z","pushed_at":"2026-03-29T01:06:58Z","created_at":"2026-03-29T01:06:48Z","topics":[],"owner":{"login":"hargabyte","html_url":"https://github.com/hargabyte"},"clone_url":"https://github.com/hargabyte/cve-scanner.git"}]},{"cve_id":"CVE-2026-32015","repositories":[{"id":1194909736,"name":"cve-scanner","full_name":"hargabyte/cve-scanner","html_url":"https://github.com/hargabyte/cve-scanner","description":"OpenClaw CVE scanner. Tracks known vulnerabilities (CVE-2026-32013, CVE-2026-32015, etc.). Zero network calls, 100% local. Version checking, upgrade recommendations.","stargazers_count":2,"forks_count":0,"language":"Shell","updated_at":"2026-04-05T17:05:41Z","pushed_at":"2026-03-29T01:06:58Z","created_at":"2026-03-29T01:06:48Z","topics":[],"owner":{"login":"hargabyte","html_url":"https://github.com/hargabyte"},"clone_url":"https://github.com/hargabyte/cve-scanner.git"}]},{"cve_id":"CVE-2026-32096","repositories":[{"id":1197360067,"name":"CVE-2026-32096","full_name":"andrebhu/CVE-2026-32096","html_url":"https://github.com/andrebhu/CVE-2026-32096","description":"SSRF in useplunk/plunk","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-03-31T14:29:58Z","pushed_at":"2026-03-31T14:27:56Z","created_at":"2026-03-31T14:18:58Z","topics":[],"owner":{"login":"andrebhu","html_url":"https://github.com/andrebhu"},"clone_url":"https://github.com/andrebhu/CVE-2026-32096.git"}]},{"cve_id":"CVE-2026-32127","repositories":[{"id":1167788619,"name":"CVE-2026-32127_SqlInjectionVulnerabilityOpenEMR8.0.0","full_name":"ChrisSub08/CVE-2026-32127_SqlInjectionVulnerabilityOpenEMR8.0.0","html_url":"https://github.com/ChrisSub08/CVE-2026-32127_SqlInjectionVulnerabilityOpenEMR8.0.0","description":"CVE-2026-32127: SQL Injection Vulnerability in OpenEMR \u003c8.0.0.1","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-25T08:53:11Z","pushed_at":"2026-03-25T08:53:06Z","created_at":"2026-02-26T17:25:38Z","topics":["cve","cve-2026-32127","exploit","exploitation","openemr","openemr-exploit","openemr-vulnerability","sql-injection","sqli","vulnerability"],"owner":{"login":"ChrisSub08","html_url":"https://github.com/ChrisSub08"},"clone_url":"https://github.com/ChrisSub08/CVE-2026-32127_SqlInjectionVulnerabilityOpenEMR8.0.0.git"}]},{"cve_id":"CVE-2026-32136","repositories":[{"id":1222807979,"name":"CVE-2026-32136_exploit","full_name":"0xdak/CVE-2026-32136_exploit","html_url":"https://github.com/0xdak/CVE-2026-32136_exploit","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-27T18:23:20Z","pushed_at":"2026-04-27T18:23:17Z","created_at":"2026-04-27T18:18:50Z","topics":[],"owner":{"login":"0xdak","html_url":"https://github.com/0xdak"},"clone_url":"https://github.com/0xdak/CVE-2026-32136_exploit.git"}]},{"cve_id":"CVE-2026-32201","repositories":[{"id":1218421301,"name":"CVE-2026-32201-exploit","full_name":"B1tBit/CVE-2026-32201-exploit","html_url":"https://github.com/B1tBit/CVE-2026-32201-exploit","description":"A spoofing vulnerability exists in Microsoft SharePoint Server due to improper input validation. An unauthenticated attacker can send a specially crafted HTTP request to inject malicious JavaScript (reflected XSS), which executes in the security context of the SharePoint site.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-22T21:55:19Z","pushed_at":"2026-04-22T21:55:15Z","created_at":"2026-04-22T21:29:40Z","topics":[],"owner":{"login":"B1tBit","html_url":"https://github.com/B1tBit"},"clone_url":"https://github.com/B1tBit/CVE-2026-32201-exploit.git"}]},{"cve_id":"CVE-2026-32223","repositories":[{"id":1211526193,"name":"CVE-2026-32223-USBPrint-Exploit","full_name":"enki-kr/CVE-2026-32223-USBPrint-Exploit","html_url":"https://github.com/enki-kr/CVE-2026-32223-USBPrint-Exploit","description":"Proof-of-Concept exploit for CVE-2026-32223","stargazers_count":15,"forks_count":1,"language":"C++","updated_at":"2026-04-28T12:35:24Z","pushed_at":"2026-04-17T05:41:18Z","created_at":"2026-04-15T13:33:14Z","topics":[],"owner":{"login":"enki-kr","html_url":"https://github.com/enki-kr"},"clone_url":"https://github.com/enki-kr/CVE-2026-32223-USBPrint-Exploit.git"}]},{"cve_id":"CVE-2026-32238","repositories":[{"id":1155716451,"name":"CVE-2026-32238_RemoteCodeExecutionOpenEMR8.0.0","full_name":"ChrisSub08/CVE-2026-32238_RemoteCodeExecutionOpenEMR8.0.0","html_url":"https://github.com/ChrisSub08/CVE-2026-32238_RemoteCodeExecutionOpenEMR8.0.0","description":"Remote code execution vulnerability in OpenEMR \u003c8.0.0.2.","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-19T21:04:54Z","pushed_at":"2026-03-19T21:04:49Z","created_at":"2026-02-11T20:30:30Z","topics":["cve-2026-32238","exploit","openemr-exploit","openemr-rce","openemr-vulnerability","rce","remote-code-execution","remotecodeexecution","vulnerability"],"owner":{"login":"ChrisSub08","html_url":"https://github.com/ChrisSub08"},"clone_url":"https://github.com/ChrisSub08/CVE-2026-32238_RemoteCodeExecutionOpenEMR8.0.0.git"}]},{"cve_id":"CVE-2026-32255","repositories":[{"id":1186004038,"name":"poc-cve-2026-32255","full_name":"kOaDT/poc-cve-2026-32255","html_url":"https://github.com/kOaDT/poc-cve-2026-32255","description":"This repository contains a proof of concept (POC) for CVE-2026-32255, a high-severity Server-Side Request Forgery (SSRF) vulnerability in Kan, an open-source project management tool.","stargazers_count":2,"forks_count":0,"language":"Shell","updated_at":"2026-03-19T12:13:34Z","pushed_at":"2026-03-19T07:32:23Z","created_at":"2026-03-19T06:55:12Z","topics":["cve","hacking","poc","research","ssrf","vulnerability"],"owner":{"login":"kOaDT","html_url":"https://github.com/kOaDT"},"clone_url":"https://github.com/kOaDT/poc-cve-2026-32255.git"}]},{"cve_id":"CVE-2026-3228","repositories":[{"id":1178903112,"name":"CVE-2026-3228","full_name":"NULL200OK/CVE-2026-3228","html_url":"https://github.com/NULL200OK/CVE-2026-3228","description":"CVE-2026-3228 - NextScripts WordPress Plugin Stored XSS Scanner \u0026 Exploit","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-03-12T08:34:11Z","pushed_at":"2026-03-11T13:45:47Z","created_at":"2026-03-11T13:40:18Z","topics":[],"owner":{"login":"NULL200OK","html_url":"https://github.com/NULL200OK"},"clone_url":"https://github.com/NULL200OK/CVE-2026-3228.git"}]},{"cve_id":"CVE-2026-32286","repositories":[{"id":1211831343,"name":"go-dbmigrate","full_name":"moisei-dev/go-dbmigrate","html_url":"https://github.com/moisei-dev/go-dbmigrate","description":"Fork of jfrog/go-dbmigrate with pgx/v5 upgrade (CVE-2026-32286)","stargazers_count":0,"forks_count":0,"language":"Go","updated_at":"2026-04-15T19:44:39Z","pushed_at":"2026-04-15T19:44:34Z","created_at":"2026-04-15T19:44:25Z","topics":[],"owner":{"login":"moisei-dev","html_url":"https://github.com/moisei-dev"},"clone_url":"https://github.com/moisei-dev/go-dbmigrate.git"}]},{"cve_id":"CVE-2026-32321","repositories":[{"id":1197274039,"name":"CVE-2026-32321","full_name":"drkim-dev/CVE-2026-32321","html_url":"https://github.com/drkim-dev/CVE-2026-32321","description":"CVE-2026-32321 | Clipbucket Blind SQL Injection","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-04-23T04:55:10Z","pushed_at":"2026-03-31T13:06:15Z","created_at":"2026-03-31T13:06:14Z","topics":[],"owner":{"login":"drkim-dev","html_url":"https://github.com/drkim-dev"},"clone_url":"https://github.com/drkim-dev/CVE-2026-32321.git"}]},{"cve_id":"CVE-2026-32604","repositories":[{"id":1211967080,"name":"spinnaker-poc","full_name":"ZeroPathAI/spinnaker-poc","html_url":"https://github.com/ZeroPathAI/spinnaker-poc","description":"POCs for CVE-2026-32604 and CVE-2026-32613 which allow post-auth RCE and credential theft in Spinnaker","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-21T17:49:57Z","pushed_at":"2026-04-21T17:49:54Z","created_at":"2026-04-15T23:49:03Z","topics":[],"owner":{"login":"ZeroPathAI","html_url":"https://github.com/ZeroPathAI"},"clone_url":"https://github.com/ZeroPathAI/spinnaker-poc.git"}]},{"cve_id":"CVE-2026-32606","repositories":[{"id":1180330564,"name":"CVE-2026-32606-POC","full_name":"gibmat/CVE-2026-32606-POC","html_url":"https://github.com/gibmat/CVE-2026-32606-POC","description":"PoC for CVE-2026-32606","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-03-30T12:59:38Z","pushed_at":"2026-03-13T00:36:36Z","created_at":"2026-03-12T23:49:58Z","topics":[],"owner":{"login":"gibmat","html_url":"https://github.com/gibmat"},"clone_url":"https://github.com/gibmat/CVE-2026-32606-POC.git"}]},{"cve_id":"CVE-2026-32613","repositories":[{"id":1211967080,"name":"spinnaker-poc","full_name":"ZeroPathAI/spinnaker-poc","html_url":"https://github.com/ZeroPathAI/spinnaker-poc","description":"POCs for CVE-2026-32604 and CVE-2026-32613 which allow post-auth RCE and credential theft in Spinnaker","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-21T17:49:57Z","pushed_at":"2026-04-21T17:49:54Z","created_at":"2026-04-15T23:49:03Z","topics":[],"owner":{"login":"ZeroPathAI","html_url":"https://github.com/ZeroPathAI"},"clone_url":"https://github.com/ZeroPathAI/spinnaker-poc.git"}]},{"cve_id":"CVE-2026-32646","repositories":[{"id":1203481534,"name":"CVE-2026-32646","full_name":"MichaelAdamGroberman/CVE-2026-32646","html_url":"https://github.com/MichaelAdamGroberman/CVE-2026-32646","description":"CVE-2026-32646: Missing Authentication on Admin Device Endpoint — Gardyn Home Kit (ICSA-26-055-03)","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-27T05:46:07Z","pushed_at":"2026-04-27T05:46:14Z","created_at":"2026-04-07T04:37:42Z","topics":["admin-api","cisa","coordinated-disclosure","cve","cve-2026-32646","cwe-306","gardyn","ics-advisory","icsa-26-055-03","iot-security","missing-authentication","security-research","vu653116","vulnerability-disclosure"],"owner":{"login":"MichaelAdamGroberman","html_url":"https://github.com/MichaelAdamGroberman"},"clone_url":"https://github.com/MichaelAdamGroberman/CVE-2026-32646.git"}]},{"cve_id":"CVE-2026-32662","repositories":[{"id":1203481565,"name":"CVE-2026-32662","full_name":"MichaelAdamGroberman/CVE-2026-32662","html_url":"https://github.com/MichaelAdamGroberman/CVE-2026-32662","description":"CVE-2026-32662: Active Debug Code in Production — Gardyn Home Kit (ICSA-26-055-03)","stargazers_count":0,"forks_count":1,"language":"","updated_at":"2026-04-27T05:45:44Z","pushed_at":"2026-04-27T05:45:51Z","created_at":"2026-04-07T04:37:45Z","topics":["cisa","coordinated-disclosure","cve","cve-2026-32662","cwe-489","debug-code","development-endpoints","gardyn","ics-advisory","icsa-26-055-03","iot-security","security-research","vu653116","vulnerability-disclosure"],"owner":{"login":"MichaelAdamGroberman","html_url":"https://github.com/MichaelAdamGroberman"},"clone_url":"https://github.com/MichaelAdamGroberman/CVE-2026-32662.git"}]},{"cve_id":"CVE-2026-32699","repositories":[{"id":1221146561,"name":"cve-2026-32699-facturascripts-nick-bypass","full_name":"TurkiOS/cve-2026-32699-facturascripts-nick-bypass","html_url":"https://github.com/TurkiOS/cve-2026-32699-facturascripts-nick-bypass","description":"Broken Access Control in FacturaScripts EditUser controller allows authenticated users to rename any account (including admin) by modifying the unvalidated nick parameter via proxy interception. Patched but unpublished CVE.","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-25T20:31:49Z","pushed_at":"2026-04-25T20:31:44Z","created_at":"2026-04-25T20:15:16Z","topics":[],"owner":{"login":"TurkiOS","html_url":"https://github.com/TurkiOS"},"clone_url":"https://github.com/TurkiOS/cve-2026-32699-facturascripts-nick-bypass.git"}]},{"cve_id":"CVE-2026-32722","repositories":[{"id":1182678842,"name":"CVE-2026-32722","full_name":"0xmrma/CVE-2026-32722","html_url":"https://github.com/0xmrma/CVE-2026-32722","description":"Bloomberg Memray’s Stored XSS via Unescaped Command-Line Metadata","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-04-02T03:30:48Z","pushed_at":"2026-04-02T03:29:23Z","created_at":"2026-03-15T20:42:35Z","topics":[],"owner":{"login":"0xmrma","html_url":"https://github.com/0xmrma"},"clone_url":"https://github.com/0xmrma/CVE-2026-32722.git"}]},{"cve_id":"CVE-2026-32731","repositories":[{"id":1185857854,"name":"CVE-2026-32731","full_name":"0xEr3n/CVE-2026-32731","html_url":"https://github.com/0xEr3n/CVE-2026-32731","description":"POC for CVE-2026-32731","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-19T02:29:12Z","pushed_at":"2026-03-19T02:29:08Z","created_at":"2026-03-19T02:28:15Z","topics":[],"owner":{"login":"0xEr3n","html_url":"https://github.com/0xEr3n"},"clone_url":"https://github.com/0xEr3n/CVE-2026-32731.git"}]},{"cve_id":"CVE-2026-32746","repositories":[{"id":1185290496,"name":"cve-2026-32746","full_name":"jeffaf/cve-2026-32746","html_url":"https://github.com/jeffaf/cve-2026-32746","description":"CVE-2026-32746 - GNU InetUtils telnetd LINEMODE SLC Buffer Overflow PoC (pre-auth RCE, CVSS 9.8)","stargazers_count":26,"forks_count":12,"language":"Python","updated_at":"2026-04-09T13:59:05Z","pushed_at":"2026-03-20T03:13:14Z","created_at":"2026-03-18T12:37:30Z","topics":[],"owner":{"login":"jeffaf","html_url":"https://github.com/jeffaf"},"clone_url":"https://github.com/jeffaf/cve-2026-32746.git"},{"id":1186372855,"name":"watchtowr-vs-telnetd-CVE-2026-32746","full_name":"watchtowrlabs/watchtowr-vs-telnetd-CVE-2026-32746","html_url":"https://github.com/watchtowrlabs/watchtowr-vs-telnetd-CVE-2026-32746","description":"","stargazers_count":9,"forks_count":0,"language":"Python","updated_at":"2026-04-23T11:32:23Z","pushed_at":"2026-03-19T15:02:46Z","created_at":"2026-03-19T14:58:34Z","topics":[],"owner":{"login":"watchtowrlabs","html_url":"https://github.com/watchtowrlabs"},"clone_url":"https://github.com/watchtowrlabs/watchtowr-vs-telnetd-CVE-2026-32746.git"},{"id":1192668335,"name":"telnet_scan","full_name":"ekomsSavior/telnet_scan","html_url":"https://github.com/ekomsSavior/telnet_scan","description":"scanner/exploiter CVE-2026-24061 \u0026 CVE-2026-32746","stargazers_count":4,"forks_count":2,"language":"Python","updated_at":"2026-04-10T00:31:58Z","pushed_at":"2026-03-26T13:36:38Z","created_at":"2026-03-26T12:52:57Z","topics":[],"owner":{"login":"ekomsSavior","html_url":"https://github.com/ekomsSavior"},"clone_url":"https://github.com/ekomsSavior/telnet_scan.git"},{"id":1187086533,"name":"CVE-2026-32746","full_name":"chosenonehacks/CVE-2026-32746","html_url":"https://github.com/chosenonehacks/CVE-2026-32746","description":"","stargazers_count":0,"forks_count":1,"language":"Python","updated_at":"2026-03-20T10:23:58Z","pushed_at":"2026-03-20T10:23:54Z","created_at":"2026-03-20T10:23:19Z","topics":[],"owner":{"login":"chosenonehacks","html_url":"https://github.com/chosenonehacks"},"clone_url":"https://github.com/chosenonehacks/CVE-2026-32746.git"},{"id":1186829621,"name":"cve-2026-32746-mitigation","full_name":"danindiana/cve-2026-32746-mitigation","html_url":"https://github.com/danindiana/cve-2026-32746-mitigation","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-20T03:38:32Z","pushed_at":"2026-03-20T03:38:27Z","created_at":"2026-03-20T03:08:45Z","topics":[],"owner":{"login":"danindiana","html_url":"https://github.com/danindiana"},"clone_url":"https://github.com/danindiana/cve-2026-32746-mitigation.git"},{"id":1185952878,"name":"CVE-2026-32746-Exploit","full_name":"duduLiu8787/CVE-2026-32746-Exploit","html_url":"https://github.com/duduLiu8787/CVE-2026-32746-Exploit","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-20T11:03:28Z","pushed_at":"2026-03-20T01:26:12Z","created_at":"2026-03-19T05:28:19Z","topics":[],"owner":{"login":"duduLiu8787","html_url":"https://github.com/duduLiu8787"},"clone_url":"https://github.com/duduLiu8787/CVE-2026-32746-Exploit.git"}]},{"cve_id":"CVE-2026-32794","repositories":[{"id":1190132065,"name":"CVE-2026-32794","full_name":"SnailSploit/CVE-2026-32794","html_url":"https://github.com/SnailSploit/CVE-2026-32794","description":"CVE-2026-32794: TLS Certificate Verification Bypass in Apache Airflow Databricks Provider","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-31T04:01:18Z","pushed_at":"2026-03-24T02:02:45Z","created_at":"2026-03-24T01:58:19Z","topics":["airflow","cve","cwe-295","databricks","kubernetes","python","security","snailsploit","tls","vulnerability"],"owner":{"login":"SnailSploit","html_url":"https://github.com/SnailSploit"},"clone_url":"https://github.com/SnailSploit/CVE-2026-32794.git"}]},{"cve_id":"CVE-2026-3288","repositories":[{"id":1177593622,"name":"CVE-2026-3288","full_name":"SnailSploit/CVE-2026-3288","html_url":"https://github.com/SnailSploit/CVE-2026-3288","description":"Walkthrough:  ingress-nginx Configuration Injection via rewrite-target Annotation","stargazers_count":2,"forks_count":0,"language":"","updated_at":"2026-03-26T07:42:03Z","pushed_at":"2026-03-10T07:14:20Z","created_at":"2026-03-10T07:11:00Z","topics":["cwe-20","kubernetes","nginx","rce"],"owner":{"login":"SnailSploit","html_url":"https://github.com/SnailSploit"},"clone_url":"https://github.com/SnailSploit/CVE-2026-3288.git"},{"id":1204830001,"name":"CVE-2026-3288-lab","full_name":"bvabhishek/CVE-2026-3288-lab","html_url":"https://github.com/bvabhishek/CVE-2026-3288-lab","description":"","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-14T10:18:52Z","pushed_at":"2026-04-08T13:16:29Z","created_at":"2026-04-08T11:26:02Z","topics":[],"owner":{"login":"bvabhishek","html_url":"https://github.com/bvabhishek"},"clone_url":"https://github.com/bvabhishek/CVE-2026-3288-lab.git"}]},{"cve_id":"CVE-2026-32913","repositories":[{"id":1180909083,"name":"CVE-2026-32913","full_name":"Rickidevs/CVE-2026-32913","html_url":"https://github.com/Rickidevs/CVE-2026-32913","description":"I Found a Zero-Day Vulnerability in OpenClaw — Here’s How It Went","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-24T11:13:30Z","pushed_at":"2026-03-24T11:13:27Z","created_at":"2026-03-13T14:41:45Z","topics":[],"owner":{"login":"Rickidevs","html_url":"https://github.com/Rickidevs"},"clone_url":"https://github.com/Rickidevs/CVE-2026-32913.git"}]},{"cve_id":"CVE-2026-32941","repositories":[{"id":1172094420,"name":"CVE-2026-32941","full_name":"skoveit/CVE-2026-32941","html_url":"https://github.com/skoveit/CVE-2026-32941","description":"CVE-2026-32941 PoC - Sliver Remote OOM","stargazers_count":5,"forks_count":0,"language":"Go","updated_at":"2026-04-25T23:56:01Z","pushed_at":"2026-03-23T16:07:05Z","created_at":"2026-03-03T23:57:19Z","topics":["cve-2026-32941","exploit","poc","red-teaming","sliver","sliver-c2","vulnerability-research"],"owner":{"login":"skoveit","html_url":"https://github.com/skoveit"},"clone_url":"https://github.com/skoveit/CVE-2026-32941.git"}]},{"cve_id":"CVE-2026-32945","repositories":[{"id":1203069826,"name":"CVE-2026-32945","full_name":"JohannesLks/CVE-2026-32945","html_url":"https://github.com/JohannesLks/CVE-2026-32945","description":"PJSIP DNS Compression Pointer Heap OOB Read (Remote DoS)","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-06T17:39:45Z","pushed_at":"2026-04-06T17:39:37Z","created_at":"2026-04-06T17:33:19Z","topics":[],"owner":{"login":"JohannesLks","html_url":"https://github.com/JohannesLks"},"clone_url":"https://github.com/JohannesLks/CVE-2026-32945.git"}]},{"cve_id":"CVE-2026-33017","repositories":[{"id":1187825964,"name":"langflow-CVE-2026-33017-poc","full_name":"MaxMnMl/langflow-CVE-2026-33017-poc","html_url":"https://github.com/MaxMnMl/langflow-CVE-2026-33017-poc","description":"CVE-2026-33017 - An unauthenticated remote code execution in Langflow \u003c= 1.8.1 via Public Flow Build Endpoint","stargazers_count":7,"forks_count":4,"language":"Python","updated_at":"2026-04-28T18:12:26Z","pushed_at":"2026-03-22T07:13:04Z","created_at":"2026-03-21T08:11:08Z","topics":[],"owner":{"login":"MaxMnMl","html_url":"https://github.com/MaxMnMl"},"clone_url":"https://github.com/MaxMnMl/langflow-CVE-2026-33017-poc.git"},{"id":1193397733,"name":"PoC-CVE-2026-33017","full_name":"z4yd3/PoC-CVE-2026-33017","html_url":"https://github.com/z4yd3/PoC-CVE-2026-33017","description":"CVE-2026-33017: Unauthenticated RCE in Langflow","stargazers_count":3,"forks_count":0,"language":"Python","updated_at":"2026-04-28T18:09:42Z","pushed_at":"2026-03-27T12:48:46Z","created_at":"2026-03-27T07:15:07Z","topics":[],"owner":{"login":"z4yd3","html_url":"https://github.com/z4yd3"},"clone_url":"https://github.com/z4yd3/PoC-CVE-2026-33017.git"},{"id":1196746927,"name":"CVE-2026-33017","full_name":"EQSTLab/CVE-2026-33017","html_url":"https://github.com/EQSTLab/CVE-2026-33017","description":"","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-04-06T06:46:42Z","pushed_at":"2026-04-01T08:58:53Z","created_at":"2026-03-31T02:10:40Z","topics":[],"owner":{"login":"EQSTLab","html_url":"https://github.com/EQSTLab"},"clone_url":"https://github.com/EQSTLab/CVE-2026-33017.git"},{"id":1188138346,"name":"CVE-2026-33017-Langflow-RCE-PoC","full_name":"omer-efe-curkus/CVE-2026-33017-Langflow-RCE-PoC","html_url":"https://github.com/omer-efe-curkus/CVE-2026-33017-Langflow-RCE-PoC","description":"The vulnerability in Langflow 1.8.1 and earlier allows a remote, unauthenticated attacker to achieve arbitrary command execution on the host.","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-27T17:45:52Z","pushed_at":"2026-03-21T17:07:38Z","created_at":"2026-03-21T17:06:34Z","topics":["langflow","proof-of-concept"],"owner":{"login":"omer-efe-curkus","html_url":"https://github.com/omer-efe-curkus"},"clone_url":"https://github.com/omer-efe-curkus/CVE-2026-33017-Langflow-RCE-PoC.git"},{"id":1216087838,"name":"CVE-2026-33017","full_name":"Jorrit-VM/CVE-2026-33017","html_url":"https://github.com/Jorrit-VM/CVE-2026-33017","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-29T13:18:54Z","pushed_at":"2026-04-29T13:18:50Z","created_at":"2026-04-20T14:54:39Z","topics":[],"owner":{"login":"Jorrit-VM","html_url":"https://github.com/Jorrit-VM"},"clone_url":"https://github.com/Jorrit-VM/CVE-2026-33017.git"},{"id":1215144408,"name":"CVE-2026-33017","full_name":"0xBlackash/CVE-2026-33017","html_url":"https://github.com/0xBlackash/CVE-2026-33017","description":"CVE-2026-33017","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-19T15:20:22Z","pushed_at":"2026-04-19T15:20:18Z","created_at":"2026-04-19T14:40:26Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-33017.git"},{"id":1208670913,"name":"CVE-2026-33017-Exploit","full_name":"oscar-mine/CVE-2026-33017-Exploit","html_url":"https://github.com/oscar-mine/CVE-2026-33017-Exploit","description":"Exploit for CVE-2026-33017 — Unauthenticated RCE in Langflow \u003c= 1.8.2 via exec() in flow build endpoint","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-12T15:45:15Z","pushed_at":"2026-04-12T15:44:41Z","created_at":"2026-04-12T15:44:31Z","topics":[],"owner":{"login":"oscar-mine","html_url":"https://github.com/oscar-mine"},"clone_url":"https://github.com/oscar-mine/CVE-2026-33017-Exploit.git"},{"id":1204355826,"name":"PoC-CVE-2026-33017","full_name":"masterwok/PoC-CVE-2026-33017","html_url":"https://github.com/masterwok/PoC-CVE-2026-33017","description":"Proof-of-concept exploit for CVE-2026-33017 (Langflow \u003c= 1.8.1).","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-15T05:25:40Z","pushed_at":"2026-04-10T03:40:48Z","created_at":"2026-04-07T23:54:54Z","topics":[],"owner":{"login":"masterwok","html_url":"https://github.com/masterwok"},"clone_url":"https://github.com/masterwok/PoC-CVE-2026-33017.git"},{"id":1192306059,"name":"CVE-2026-33017-Lab","full_name":"rootdirective-sec/CVE-2026-33017-Lab","html_url":"https://github.com/rootdirective-sec/CVE-2026-33017-Lab","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-26T05:36:14Z","pushed_at":"2026-03-26T04:51:33Z","created_at":"2026-03-26T04:49:07Z","topics":[],"owner":{"login":"rootdirective-sec","html_url":"https://github.com/rootdirective-sec"},"clone_url":"https://github.com/rootdirective-sec/CVE-2026-33017-Lab.git"},{"id":1188140782,"name":"Sovereign-Echo-33017","full_name":"SimoesCTT/Sovereign-Echo-33017","html_url":"https://github.com/SimoesCTT/Sovereign-Echo-33017","description":"Resonant RCE for CVE-2026-33017 via CTT Phase-Lock. Exploits Langflow build_public_tmp flow_id endpoint. Bypasses auth using 34th-layer negative refraction to inject Python exec() payloads. Calibrated for 16.6fs jitter resonance and g-coupling g \\approx 0.733. O(log N) collapse of AI supply chain security.  ","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-21T17:35:46Z","pushed_at":"2026-03-21T17:35:43Z","created_at":"2026-03-21T17:10:24Z","topics":[],"owner":{"login":"SimoesCTT","html_url":"https://github.com/SimoesCTT"},"clone_url":"https://github.com/SimoesCTT/Sovereign-Echo-33017.git"}]},{"cve_id":"CVE-2026-33032","repositories":[{"id":1200569704,"name":"cve-2026-33032-scanner","full_name":"Twinson333/cve-2026-33032-scanner","html_url":"https://github.com/Twinson333/cve-2026-33032-scanner","description":"Non-destructive vulnerability scanner for Nginx-UI MCP Endpoint Authentication Bypass (CVE-2026-33032)","stargazers_count":2,"forks_count":2,"language":"Python","updated_at":"2026-04-24T14:50:18Z","pushed_at":"2026-04-04T05:27:21Z","created_at":"2026-04-03T15:12:04Z","topics":[],"owner":{"login":"Twinson333","html_url":"https://github.com/Twinson333"},"clone_url":"https://github.com/Twinson333/cve-2026-33032-scanner.git"},{"id":1213400116,"name":"CVE-2026-33032-nginx-ui-vuln-lab","full_name":"Shreda/CVE-2026-33032-nginx-ui-vuln-lab","html_url":"https://github.com/Shreda/CVE-2026-33032-nginx-ui-vuln-lab","description":"Docker Compose setup to demonstrate the nginx-ui missing authentication vulnerability","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-24T21:20:49Z","pushed_at":"2026-04-18T13:05:15Z","created_at":"2026-04-17T10:41:04Z","topics":[],"owner":{"login":"Shreda","html_url":"https://github.com/Shreda"},"clone_url":"https://github.com/Shreda/CVE-2026-33032-nginx-ui-vuln-lab.git"},{"id":1214305978,"name":"CVE-2026-33032","full_name":"keraattin/CVE-2026-33032","html_url":"https://github.com/keraattin/CVE-2026-33032","description":"One missing function call on the route registration was enough to turn the MCP interface into an unauthenticated RCE gateway.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-18T11:49:41Z","pushed_at":"2026-04-18T11:49:37Z","created_at":"2026-04-18T11:48:39Z","topics":[],"owner":{"login":"keraattin","html_url":"https://github.com/keraattin"},"clone_url":"https://github.com/keraattin/CVE-2026-33032.git"}]},{"cve_id":"CVE-2026-33033","repositories":[{"id":1206522114,"name":"CVE-2026-33033-PoC","full_name":"ch4n3-yoon/CVE-2026-33033-PoC","html_url":"https://github.com/ch4n3-yoon/CVE-2026-33033-PoC","description":"A PoC script for demonstrating CVE-2026-33033","stargazers_count":2,"forks_count":1,"language":"Python","updated_at":"2026-04-22T05:02:54Z","pushed_at":"2026-04-10T02:25:51Z","created_at":"2026-04-10T02:04:12Z","topics":[],"owner":{"login":"ch4n3-yoon","html_url":"https://github.com/ch4n3-yoon"},"clone_url":"https://github.com/ch4n3-yoon/CVE-2026-33033-PoC.git"}]},{"cve_id":"CVE-2026-3304","repositories":[{"id":1174258434,"name":"CVE-2026-3304","full_name":"Mkway/CVE-2026-3304","html_url":"https://github.com/Mkway/CVE-2026-3304","description":"Reproduction lab for CVE-2026-3304 — async fileFilter race condition in Multer causes disk exhaustion via orphaned temp files","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-09T01:24:16Z","pushed_at":"2026-03-09T00:14:39Z","created_at":"2026-03-06T08:37:01Z","topics":[],"owner":{"login":"Mkway","html_url":"https://github.com/Mkway"},"clone_url":"https://github.com/Mkway/CVE-2026-3304.git"}]},{"cve_id":"CVE-2026-33147","repositories":[{"id":1200153314,"name":"CVE-2026-33147","full_name":"redyank/CVE-2026-33147","html_url":"https://github.com/redyank/CVE-2026-33147","description":"CVE-2026-33147(Stack-based Buffer Overflow in gmt_remote_dataset_id)","stargazers_count":0,"forks_count":1,"language":"","updated_at":"2026-04-03T05:04:34Z","pushed_at":"2026-04-03T05:04:30Z","created_at":"2026-04-03T05:04:08Z","topics":[],"owner":{"login":"redyank","html_url":"https://github.com/redyank"},"clone_url":"https://github.com/redyank/CVE-2026-33147.git"}]},{"cve_id":"CVE-2026-33149","repositories":[{"id":1200416070,"name":"CVE-2026-33149-PoC","full_name":"FilipeGaudard/CVE-2026-33149-PoC","html_url":"https://github.com/FilipeGaudard/CVE-2026-33149-PoC","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-03T11:52:54Z","pushed_at":"2026-04-03T11:52:50Z","created_at":"2026-04-03T11:41:06Z","topics":[],"owner":{"login":"FilipeGaudard","html_url":"https://github.com/FilipeGaudard"},"clone_url":"https://github.com/FilipeGaudard/CVE-2026-33149-PoC.git"}]},{"cve_id":"CVE-2026-33150","repositories":[{"id":1191314137,"name":"abhinavagarwal07.github.io","full_name":"abhinavagarwal07/abhinavagarwal07.github.io","html_url":"https://github.com/abhinavagarwal07/abhinavagarwal07.github.io","description":"RingWraith: CVE-2026-33150 and CVE-2026-33179 — Use-After-Free and NULL Dereference in libfuse io_uring","stargazers_count":0,"forks_count":0,"language":"C","updated_at":"2026-04-23T04:44:52Z","pushed_at":"2026-04-23T04:44:48Z","created_at":"2026-03-25T05:48:59Z","topics":[],"owner":{"login":"abhinavagarwal07","html_url":"https://github.com/abhinavagarwal07"},"clone_url":"https://github.com/abhinavagarwal07/abhinavagarwal07.github.io.git"}]},{"cve_id":"CVE-2026-33154","repositories":[{"id":1200075597,"name":"CVE-2026-33154","full_name":"redyank/CVE-2026-33154","html_url":"https://github.com/redyank/CVE-2026-33154","description":"CVE-2026-33154(RCE @jinja resolver)","stargazers_count":0,"forks_count":1,"language":"","updated_at":"2026-04-03T04:36:40Z","pushed_at":"2026-04-03T04:36:36Z","created_at":"2026-04-03T02:30:20Z","topics":[],"owner":{"login":"redyank","html_url":"https://github.com/redyank"},"clone_url":"https://github.com/redyank/CVE-2026-33154.git"}]},{"cve_id":"CVE-2026-33179","repositories":[{"id":1191314137,"name":"abhinavagarwal07.github.io","full_name":"abhinavagarwal07/abhinavagarwal07.github.io","html_url":"https://github.com/abhinavagarwal07/abhinavagarwal07.github.io","description":"RingWraith: CVE-2026-33150 and CVE-2026-33179 — Use-After-Free and NULL Dereference in libfuse io_uring","stargazers_count":0,"forks_count":0,"language":"C","updated_at":"2026-04-23T04:44:52Z","pushed_at":"2026-04-23T04:44:48Z","created_at":"2026-03-25T05:48:59Z","topics":[],"owner":{"login":"abhinavagarwal07","html_url":"https://github.com/abhinavagarwal07"},"clone_url":"https://github.com/abhinavagarwal07/abhinavagarwal07.github.io.git"}]},{"cve_id":"CVE-2026-33186","repositories":[{"id":1203070222,"name":"CVE-2026-33186","full_name":"JohannesLks/CVE-2026-33186","html_url":"https://github.com/JohannesLks/CVE-2026-33186","description":"gRPC-Go RBAC Authorization Policy Bypass via Missing `:path` Slash (Auth Bypass)","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-22T11:31:03Z","pushed_at":"2026-04-06T17:40:51Z","created_at":"2026-04-06T17:33:46Z","topics":[],"owner":{"login":"JohannesLks","html_url":"https://github.com/JohannesLks"},"clone_url":"https://github.com/JohannesLks/CVE-2026-33186.git"}]},{"cve_id":"CVE-2026-33229","repositories":[{"id":1207661362,"name":"CVE-2026-33229","full_name":"azefzafyoussef/CVE-2026-33229","html_url":"https://github.com/azefzafyoussef/CVE-2026-33229","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-11T08:31:34Z","pushed_at":"2026-04-11T08:31:31Z","created_at":"2026-04-11T08:18:52Z","topics":[],"owner":{"login":"azefzafyoussef","html_url":"https://github.com/azefzafyoussef"},"clone_url":"https://github.com/azefzafyoussef/CVE-2026-33229.git"}]},{"cve_id":"CVE-2026-33310","repositories":[{"id":1200154299,"name":"CVE-2026-33310","full_name":"redyank/CVE-2026-33310","html_url":"https://github.com/redyank/CVE-2026-33310","description":"CVE-2026-33310(Command Injection via shell() Expansion in Parameter Defaults)","stargazers_count":0,"forks_count":1,"language":"","updated_at":"2026-04-03T05:06:16Z","pushed_at":"2026-04-03T05:06:12Z","created_at":"2026-04-03T05:05:59Z","topics":[],"owner":{"login":"redyank","html_url":"https://github.com/redyank"},"clone_url":"https://github.com/redyank/CVE-2026-33310.git"}]},{"cve_id":"CVE-2026-33331","repositories":[{"id":1201428303,"name":"CVE-2026-33331","full_name":"abhayclasher/CVE-2026-33331","html_url":"https://github.com/abhayclasher/CVE-2026-33331","description":"Proof-of-concept lab for stored XSS in orpc (CVE-2026-33331)","stargazers_count":0,"forks_count":0,"language":"JavaScript","updated_at":"2026-04-04T17:18:36Z","pushed_at":"2026-04-04T17:18:31Z","created_at":"2026-04-04T17:03:14Z","topics":[],"owner":{"login":"abhayclasher","html_url":"https://github.com/abhayclasher"},"clone_url":"https://github.com/abhayclasher/CVE-2026-33331.git"}]},{"cve_id":"CVE-2026-33340","repositories":[{"id":1195427259,"name":"CVE-2026-33340","full_name":"regaan/CVE-2026-33340","html_url":"https://github.com/regaan/CVE-2026-33340","description":"CVE-2026-33340: Critical SSRF in lollms-webui /api/proxy - Unauthenticated arbitrary request forgery (CVSS 9.1)","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-11T18:05:51Z","pushed_at":"2026-04-11T18:05:48Z","created_at":"2026-03-29T16:59:53Z","topics":["cve","cve-2026-33340","lollms","proof-of-concept","responsible-disclosure","security","security-research","ssrf","vulnerability","web-security"],"owner":{"login":"regaan","html_url":"https://github.com/regaan"},"clone_url":"https://github.com/regaan/CVE-2026-33340.git"}]},{"cve_id":"CVE-2026-33439","repositories":[{"id":1223288035,"name":"CVE-2026-33439-PoC","full_name":"Ibonok/CVE-2026-33439-PoC","html_url":"https://github.com/Ibonok/CVE-2026-33439-PoC","description":"CVE-2026-33439","stargazers_count":0,"forks_count":0,"language":"Java","updated_at":"2026-04-28T07:22:54Z","pushed_at":"2026-04-28T07:22:50Z","created_at":"2026-04-28T07:19:37Z","topics":[],"owner":{"login":"Ibonok","html_url":"https://github.com/Ibonok"},"clone_url":"https://github.com/Ibonok/CVE-2026-33439-PoC.git"},{"id":1222709888,"name":"CVE-2026-33439-OpenAM","full_name":"shreyas-malhotra/CVE-2026-33439-OpenAM","html_url":"https://github.com/shreyas-malhotra/CVE-2026-33439-OpenAM","description":"Vulnerable endpoint description for CVE-2026-33439 in OpenAM","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-27T16:23:39Z","pushed_at":"2026-04-27T16:23:34Z","created_at":"2026-04-27T16:22:31Z","topics":[],"owner":{"login":"shreyas-malhotra","html_url":"https://github.com/shreyas-malhotra"},"clone_url":"https://github.com/shreyas-malhotra/CVE-2026-33439-OpenAM.git"}]},{"cve_id":"CVE-2026-33453","repositories":[{"id":1222810249,"name":"apache-camel","full_name":"dinosn/apache-camel","html_url":"https://github.com/dinosn/apache-camel","description":"Apache Camel 4.18.0 — CVE Security Assessment: 3 critical vulnerabilities with working PoC exploits (CVE-2026-33453, CVE-2026-40473, CVE-2026-40858)","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-27T18:26:34Z","pushed_at":"2026-04-27T18:26:29Z","created_at":"2026-04-27T18:21:34Z","topics":[],"owner":{"login":"dinosn","html_url":"https://github.com/dinosn"},"clone_url":"https://github.com/dinosn/apache-camel.git"}]},{"cve_id":"CVE-2026-33531","repositories":[{"id":1193661219,"name":"InvenTree-Path-Traversal-CVE-2026-33531","full_name":"alonaki/InvenTree-Path-Traversal-CVE-2026-33531","html_url":"https://github.com/alonaki/InvenTree-Path-Traversal-CVE-2026-33531","description":"This repository contains a professional write-up of a path traversal vulnerability discovered in InvenTree's report template engine. This vulnerability was patched in versions 1.2.6 and 1.3.0.","stargazers_count":3,"forks_count":0,"language":"","updated_at":"2026-03-30T12:16:26Z","pushed_at":"2026-03-27T14:17:57Z","created_at":"2026-03-27T13:07:08Z","topics":["cve-2026-33531","path-traversal"],"owner":{"login":"alonaki","html_url":"https://github.com/alonaki"},"clone_url":"https://github.com/alonaki/InvenTree-Path-Traversal-CVE-2026-33531.git"}]},{"cve_id":"CVE-2026-33532","repositories":[{"id":1193830181,"name":"astro_CVE-2026-33532","full_name":"danwulff/astro_CVE-2026-33532","html_url":"https://github.com/danwulff/astro_CVE-2026-33532","description":"","stargazers_count":0,"forks_count":0,"language":"Astro","updated_at":"2026-03-27T16:15:53Z","pushed_at":"2026-03-27T16:15:49Z","created_at":"2026-03-27T16:13:28Z","topics":[],"owner":{"login":"danwulff","html_url":"https://github.com/danwulff"},"clone_url":"https://github.com/danwulff/astro_CVE-2026-33532.git"}]},{"cve_id":"CVE-2026-33555","repositories":[{"id":1212854519,"name":"CVE-2026-33555","full_name":"r3verii/CVE-2026-33555","html_url":"https://github.com/r3verii/CVE-2026-33555","description":"One zero-byte QUIC packet is enough to desynchronize HAProxy's backend connection pool and smuggle HTTP requests across unrelated users — even users on a completely different frontend protocol.","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-19T15:15:21Z","pushed_at":"2026-04-17T15:45:05Z","created_at":"2026-04-16T19:53:54Z","topics":[],"owner":{"login":"r3verii","html_url":"https://github.com/r3verii"},"clone_url":"https://github.com/r3verii/CVE-2026-33555.git"}]},{"cve_id":"CVE-2026-33579","repositories":[{"id":1201259616,"name":"openclaw-security-checker","full_name":"atalovesyou/openclaw-security-checker","html_url":"https://github.com/atalovesyou/openclaw-security-checker","description":"Check if your AI agent setup is vulnerable to CVE-2026-33579","stargazers_count":0,"forks_count":0,"language":"HTML","updated_at":"2026-04-04T12:37:30Z","pushed_at":"2026-04-04T12:37:26Z","created_at":"2026-04-04T12:37:24Z","topics":[],"owner":{"login":"atalovesyou","html_url":"https://github.com/atalovesyou"},"clone_url":"https://github.com/atalovesyou/openclaw-security-checker.git"}]},{"cve_id":"CVE-2026-33634","repositories":[{"id":1197021224,"name":"docker-socket-risk-demos","full_name":"AshleyT3/docker-socket-risk-demos","html_url":"https://github.com/AshleyT3/docker-socket-risk-demos","description":"Companion source for YouTube video \"Stop Mounting docker.sock — Run Trivy Without Giving Away Root Access — (inspired by CVE-2026-33634)\"","stargazers_count":0,"forks_count":0,"language":"TypeScript","updated_at":"2026-03-31T10:50:13Z","pushed_at":"2026-03-31T09:07:29Z","created_at":"2026-03-31T08:58:19Z","topics":["cve-2026-33634","docker-engine-api","docker-socket","trivy-docker-scan","trivy-docker-scan-safely","trivy-scan"],"owner":{"login":"AshleyT3","html_url":"https://github.com/AshleyT3"},"clone_url":"https://github.com/AshleyT3/docker-socket-risk-demos.git"},{"id":1196333313,"name":"CVE-2026-33634-Scanner","full_name":"fevar54/CVE-2026-33634-Scanner","html_url":"https://github.com/fevar54/CVE-2026-33634-Scanner","description":"**Scanner automatizado para la detección de indicadores de compromiso (IOCs) asociados al ataque a la cadena de suministro TeamPCP (CVE-2026-33634)**","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-30T15:52:51Z","pushed_at":"2026-03-30T15:52:47Z","created_at":"2026-03-30T15:43:43Z","topics":[],"owner":{"login":"fevar54","html_url":"https://github.com/fevar54"},"clone_url":"https://github.com/fevar54/CVE-2026-33634-Scanner.git"},{"id":1191125516,"name":"teampcp-supply-chain-attack","full_name":"ugurrates/teampcp-supply-chain-attack","html_url":"https://github.com/ugurrates/teampcp-supply-chain-attack","description":"CVE-2026-33634 (CVSS 9.4) — The most impactful CI/CD supply chain attack of 2026 so far.","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-25T00:11:06Z","pushed_at":"2026-03-25T00:11:02Z","created_at":"2026-03-25T00:08:43Z","topics":[],"owner":{"login":"ugurrates","html_url":"https://github.com/ugurrates"},"clone_url":"https://github.com/ugurrates/teampcp-supply-chain-attack.git"}]},{"cve_id":"CVE-2026-33656","repositories":[{"id":1190963412,"name":"ESPOCRM-RCE-POC-CVE-2026-33656","full_name":"JivaSecurity/ESPOCRM-RCE-POC-CVE-2026-33656","html_url":"https://github.com/JivaSecurity/ESPOCRM-RCE-POC-CVE-2026-33656","description":"Formula for Disaster: RCE in EspoCRM v9.3.3 (CVE-2026-33656)","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-03-25T06:17:02Z","pushed_at":"2026-03-25T03:40:14Z","created_at":"2026-03-24T19:41:19Z","topics":[],"owner":{"login":"JivaSecurity","html_url":"https://github.com/JivaSecurity"},"clone_url":"https://github.com/JivaSecurity/ESPOCRM-RCE-POC-CVE-2026-33656.git"}]},{"cve_id":"CVE-2026-33671","repositories":[{"id":1213858855,"name":"next-picomatch-cve-repro","full_name":"BeLazy167/next-picomatch-cve-repro","html_url":"https://github.com/BeLazy167/next-picomatch-cve-repro","description":"Minimal repro for Next.js 16.2.4 bundling picomatch 4.0.3 (CVE-2026-33671)","stargazers_count":0,"forks_count":0,"language":"Dockerfile","updated_at":"2026-04-17T20:52:44Z","pushed_at":"2026-04-17T20:52:41Z","created_at":"2026-04-17T20:52:39Z","topics":[],"owner":{"login":"BeLazy167","html_url":"https://github.com/BeLazy167"},"clone_url":"https://github.com/BeLazy167/next-picomatch-cve-repro.git"}]},{"cve_id":"CVE-2026-33693","repositories":[{"id":1190037785,"name":"CVE-2026-33693","full_name":"SnailSploit/CVE-2026-33693","html_url":"https://github.com/SnailSploit/CVE-2026-33693","description":"CVE-2026-33693: SSRF via 0.0.0.0 Bypass in activitypub-federation-rust v4_is_invalid() (CVSS 6.5 Moderate)","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-23T23:08:37Z","pushed_at":"2026-03-23T23:06:53Z","created_at":"2026-03-23T23:00:03Z","topics":["activitypub","cve","ghsa","lemmy","rust","snailsploit","ssrf"],"owner":{"login":"SnailSploit","html_url":"https://github.com/SnailSploit"},"clone_url":"https://github.com/SnailSploit/CVE-2026-33693.git"}]},{"cve_id":"CVE-2026-33701","repositories":[{"id":1201212908,"name":"CVE-2026-33701-Unsafe-Deserialization-in-OpenTelemetry-Java-Agent-RMI-Instrumentation","full_name":"pl4tyz/CVE-2026-33701-Unsafe-Deserialization-in-OpenTelemetry-Java-Agent-RMI-Instrumentation","html_url":"https://github.com/pl4tyz/CVE-2026-33701-Unsafe-Deserialization-in-OpenTelemetry-Java-Agent-RMI-Instrumentation","description":"CVE-2026-33701 Unsafe Deserialization in OpenTelemetry Java Agent RMI Instrumentation","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-04T11:16:36Z","pushed_at":"2026-04-04T11:16:31Z","created_at":"2026-04-04T11:14:42Z","topics":[],"owner":{"login":"pl4tyz","html_url":"https://github.com/pl4tyz"},"clone_url":"https://github.com/pl4tyz/CVE-2026-33701-Unsafe-Deserialization-in-OpenTelemetry-Java-Agent-RMI-Instrumentation.git"}]},{"cve_id":"CVE-2026-33725","repositories":[{"id":1202796340,"name":"CVE-2026-33725","full_name":"hakaioffsec/CVE-2026-33725","html_url":"https://github.com/hakaioffsec/CVE-2026-33725","description":"Exploit for CVE-2026-33725 - Remote Code Execution and Arbitrary File Read via H2 JDBC INIT Injection in EE Serialization Import","stargazers_count":21,"forks_count":5,"language":"Python","updated_at":"2026-04-28T11:15:29Z","pushed_at":"2026-04-23T17:47:53Z","created_at":"2026-04-06T12:10:07Z","topics":[],"owner":{"login":"hakaioffsec","html_url":"https://github.com/hakaioffsec"},"clone_url":"https://github.com/hakaioffsec/CVE-2026-33725.git"}]},{"cve_id":"CVE-2026-33752","repositories":[{"id":1200158644,"name":"CVE-2026-33752","full_name":"redyank/CVE-2026-33752","html_url":"https://github.com/redyank/CVE-2026-33752","description":"CVE-2026-33752(Redirect-based SSRF leading to internal network access in curl_cffi)","stargazers_count":0,"forks_count":1,"language":"","updated_at":"2026-04-04T14:47:53Z","pushed_at":"2026-04-04T14:47:50Z","created_at":"2026-04-03T05:13:55Z","topics":[],"owner":{"login":"redyank","html_url":"https://github.com/redyank"},"clone_url":"https://github.com/redyank/CVE-2026-33752.git"}]},{"cve_id":"CVE-2026-33824","repositories":[{"id":1217141283,"name":"CVE-2026-33824","full_name":"kaleth4/CVE-2026-33824","html_url":"https://github.com/kaleth4/CVE-2026-33824","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-21T15:42:11Z","pushed_at":"2026-04-21T15:42:08Z","created_at":"2026-04-21T15:29:56Z","topics":[],"owner":{"login":"kaleth4","html_url":"https://github.com/kaleth4"},"clone_url":"https://github.com/kaleth4/CVE-2026-33824.git"},{"id":1212565240,"name":"CVE-2026-33824","full_name":"z3r0h3ro/CVE-2026-33824","html_url":"https://github.com/z3r0h3ro/CVE-2026-33824","description":"Windows IKEv2 Double-Free RCE","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-16T14:10:16Z","pushed_at":"2026-04-16T14:10:09Z","created_at":"2026-04-16T14:01:04Z","topics":[],"owner":{"login":"z3r0h3ro","html_url":"https://github.com/z3r0h3ro"},"clone_url":"https://github.com/z3r0h3ro/CVE-2026-33824.git"}]},{"cve_id":"CVE-2026-33825","repositories":[{"id":1213858543,"name":"redsun-bluehammer-undefend-detection-pack","full_name":"Letlaka/redsun-bluehammer-undefend-detection-pack","html_url":"https://github.com/Letlaka/redsun-bluehammer-undefend-detection-pack","description":"Microsoft Defender XDR KQL detections for RedSun, BlueHammer, UnDefend, and CVE-2026-33825-related Defender abuse behaviors.","stargazers_count":4,"forks_count":1,"language":"","updated_at":"2026-04-29T12:45:56Z","pushed_at":"2026-04-20T19:02:01Z","created_at":"2026-04-17T20:52:08Z","topics":["advanced-hunting","bluehammer","cve-2026-33825","defender-xdr","detection-engineering","kql-threathunting","microsoft-defender","microsoft-defender-xdr","privilege-escalation","redsun","threat-detection-windows","undefend","windows-security"],"owner":{"login":"Letlaka","html_url":"https://github.com/Letlaka"},"clone_url":"https://github.com/Letlaka/redsun-bluehammer-undefend-detection-pack.git"},{"id":1217991945,"name":"CVE-2026-33825","full_name":"kaleth4/CVE-2026-33825","html_url":"https://github.com/kaleth4/CVE-2026-33825","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-22T12:39:23Z","pushed_at":"2026-04-22T12:39:20Z","created_at":"2026-04-22T12:29:39Z","topics":[],"owner":{"login":"kaleth4","html_url":"https://github.com/kaleth4"},"clone_url":"https://github.com/kaleth4/CVE-2026-33825.git"},{"id":1215824073,"name":"Detecting_blue_hammer_vuln","full_name":"Bilal3755/Detecting_blue_hammer_vuln","html_url":"https://github.com/Bilal3755/Detecting_blue_hammer_vuln","description":"Threat hunting query for bluehammer CVE windows CVE-2026-33825","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-20T09:38:41Z","pushed_at":"2026-04-20T09:38:37Z","created_at":"2026-04-20T09:38:06Z","topics":[],"owner":{"login":"Bilal3755","html_url":"https://github.com/Bilal3755"},"clone_url":"https://github.com/Bilal3755/Detecting_blue_hammer_vuln.git"}]},{"cve_id":"CVE-2026-33826","repositories":[{"id":1222555356,"name":"CVE-2026-33826","full_name":"ZEROxYakuza/CVE-2026-33826","html_url":"https://github.com/ZEROxYakuza/CVE-2026-33826","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-27T13:37:21Z","pushed_at":"2026-04-27T13:37:08Z","created_at":"2026-04-27T13:32:47Z","topics":[],"owner":{"login":"ZEROxYakuza","html_url":"https://github.com/ZEROxYakuza"},"clone_url":"https://github.com/ZEROxYakuza/CVE-2026-33826.git"},{"id":1217996305,"name":"CVE-2026-33826","full_name":"kaleth4/CVE-2026-33826","html_url":"https://github.com/kaleth4/CVE-2026-33826","description":"","stargazers_count":0,"forks_count":1,"language":"Python","updated_at":"2026-04-22T12:42:12Z","pushed_at":"2026-04-22T12:42:08Z","created_at":"2026-04-22T12:35:05Z","topics":[],"owner":{"login":"kaleth4","html_url":"https://github.com/kaleth4"},"clone_url":"https://github.com/kaleth4/CVE-2026-33826.git"}]},{"cve_id":"CVE-2026-33827","repositories":[{"id":1217978788,"name":"CVE-2026-33827","full_name":"kaleth4/CVE-2026-33827","html_url":"https://github.com/kaleth4/CVE-2026-33827","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-22T12:24:34Z","pushed_at":"2026-04-22T12:24:31Z","created_at":"2026-04-22T12:13:33Z","topics":[],"owner":{"login":"kaleth4","html_url":"https://github.com/kaleth4"},"clone_url":"https://github.com/kaleth4/CVE-2026-33827.git"}]},{"cve_id":"CVE-2026-33868","repositories":[{"id":1193486071,"name":"By-Poloss..-..CVE-2026-33868","full_name":"O99099O/By-Poloss..-..CVE-2026-33868","html_url":"https://github.com/O99099O/By-Poloss..-..CVE-2026-33868","description":"Mastodon - Open Redirect","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-03-28T08:56:14Z","pushed_at":"2026-03-27T09:34:05Z","created_at":"2026-03-27T09:23:51Z","topics":[],"owner":{"login":"O99099O","html_url":"https://github.com/O99099O"},"clone_url":"https://github.com/O99099O/By-Poloss..-..CVE-2026-33868.git"}]},{"cve_id":"CVE-2026-33910","repositories":[{"id":1189729959,"name":"CVE-2026-33910_SqlInjectionVulnerabilityOpenEMR8.0.0.2","full_name":"ChrisSub08/CVE-2026-33910_SqlInjectionVulnerabilityOpenEMR8.0.0.2","html_url":"https://github.com/ChrisSub08/CVE-2026-33910_SqlInjectionVulnerabilityOpenEMR8.0.0.2","description":"CVE-2026-33910: SQL Injection Vulnerability in OpenEMR \u003c8.0.0.3","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-26T08:34:44Z","pushed_at":"2026-03-25T09:03:10Z","created_at":"2026-03-23T15:58:53Z","topics":["cve","openemr","sql-injection","sqli","vulnerability"],"owner":{"login":"ChrisSub08","html_url":"https://github.com/ChrisSub08"},"clone_url":"https://github.com/ChrisSub08/CVE-2026-33910_SqlInjectionVulnerabilityOpenEMR8.0.0.2.git"}]},{"cve_id":"CVE-2026-33917","repositories":[{"id":1166916929,"name":"CVE-2026-33917_SqlInjectionVulnerabilityOpenEMR8.0.0","full_name":"ChrisSub08/CVE-2026-33917_SqlInjectionVulnerabilityOpenEMR8.0.0","html_url":"https://github.com/ChrisSub08/CVE-2026-33917_SqlInjectionVulnerabilityOpenEMR8.0.0","description":"CVE-2026-33917: SQL Injection Vulnerability in OpenEMR \u003c8.0.0.3","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-26T08:34:17Z","pushed_at":"2026-03-25T09:13:19Z","created_at":"2026-02-25T18:47:15Z","topics":["cve","exploit","exploitation","openemr","sql-injection","sqli","vulnerability"],"owner":{"login":"ChrisSub08","html_url":"https://github.com/ChrisSub08"},"clone_url":"https://github.com/ChrisSub08/CVE-2026-33917_SqlInjectionVulnerabilityOpenEMR8.0.0.git"}]},{"cve_id":"CVE-2026-33936","repositories":[{"id":1199086071,"name":"CVE-2026-33936","full_name":"0xmrma/CVE-2026-33936","html_url":"https://github.com/0xmrma/CVE-2026-33936","description":"Denial of Service vulnerability in ecdsa (PyPI)","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-04-02T03:31:03Z","pushed_at":"2026-04-02T03:23:30Z","created_at":"2026-04-02T03:18:21Z","topics":[],"owner":{"login":"0xmrma","html_url":"https://github.com/0xmrma"},"clone_url":"https://github.com/0xmrma/CVE-2026-33936.git"}]},{"cve_id":"CVE-2026-33937","repositories":[{"id":1217653827,"name":"CVE-2026-33937","full_name":"EQSTLab/CVE-2026-33937","html_url":"https://github.com/EQSTLab/CVE-2026-33937","description":"","stargazers_count":1,"forks_count":0,"language":"HTML","updated_at":"2026-04-27T08:55:00Z","pushed_at":"2026-04-27T08:54:56Z","created_at":"2026-04-22T05:09:10Z","topics":[],"owner":{"login":"EQSTLab","html_url":"https://github.com/EQSTLab"},"clone_url":"https://github.com/EQSTLab/CVE-2026-33937.git"},{"id":1194522135,"name":"cve-2026-33937","full_name":"dinhvaren/cve-2026-33937","html_url":"https://github.com/dinhvaren/cve-2026-33937","description":"CVE-2026-33937 Handlebars RCE exploit PoC (AST Injection)","stargazers_count":0,"forks_count":0,"language":"JavaScript","updated_at":"2026-04-29T03:06:49Z","pushed_at":"2026-04-29T03:06:45Z","created_at":"2026-03-28T13:24:22Z","topics":["ast-injection","cve-2026-33937","exploit","handlebars","nodejs","poc","rce","security","ssti","template-injection","vulnerability"],"owner":{"login":"dinhvaren","html_url":"https://github.com/dinhvaren"},"clone_url":"https://github.com/dinhvaren/cve-2026-33937.git"}]},{"cve_id":"CVE-2026-3395","repositories":[{"id":1170210047,"name":"CVE-2026-3395-MaxSite-CMS-Unauthenticated-RCE","full_name":"mbanyamer/CVE-2026-3395-MaxSite-CMS-Unauthenticated-RCE","html_url":"https://github.com/mbanyamer/CVE-2026-3395-MaxSite-CMS-Unauthenticated-RCE","description":"","stargazers_count":5,"forks_count":0,"language":"Python","updated_at":"2026-04-02T12:45:10Z","pushed_at":"2026-03-01T21:25:39Z","created_at":"2026-03-01T21:19:49Z","topics":[],"owner":{"login":"mbanyamer","html_url":"https://github.com/mbanyamer"},"clone_url":"https://github.com/mbanyamer/CVE-2026-3395-MaxSite-CMS-Unauthenticated-RCE.git"},{"id":1170765958,"name":"CVE-2026-3395-Lab","full_name":"rootdirective-sec/CVE-2026-3395-Lab","html_url":"https://github.com/rootdirective-sec/CVE-2026-3395-Lab","description":"","stargazers_count":0,"forks_count":0,"language":"Dockerfile","updated_at":"2026-03-02T13:57:41Z","pushed_at":"2026-03-02T13:57:37Z","created_at":"2026-03-02T13:51:24Z","topics":[],"owner":{"login":"rootdirective-sec","html_url":"https://github.com/rootdirective-sec"},"clone_url":"https://github.com/rootdirective-sec/CVE-2026-3395-Lab.git"}]},{"cve_id":"CVE-2026-34005","repositories":[{"id":1192776493,"name":"CVE-2026-34005","full_name":"uky007/CVE-2026-34005","html_url":"https://github.com/uky007/CVE-2026-34005","description":"CVE-2026-34005: OS Command Injection via Hostname Configuration in Xiongmai DVR/NVR (Sofia)","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-04-04T17:36:32Z","pushed_at":"2026-03-26T14:51:48Z","created_at":"2026-03-26T14:51:44Z","topics":[],"owner":{"login":"uky007","html_url":"https://github.com/uky007"},"clone_url":"https://github.com/uky007/CVE-2026-34005.git"}]},{"cve_id":"CVE-2026-34036","repositories":[{"id":1197721550,"name":"CVE-2026-34036","full_name":"cnf409/CVE-2026-34036","html_url":"https://github.com/cnf409/CVE-2026-34036","description":"PoC Script for CVE-2026-34036. For educational purposes only.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-31T20:42:07Z","pushed_at":"2026-03-31T20:42:00Z","created_at":"2026-03-31T20:32:08Z","topics":[],"owner":{"login":"cnf409","html_url":"https://github.com/cnf409"},"clone_url":"https://github.com/cnf409/CVE-2026-34036.git"}]},{"cve_id":"CVE-2026-34070","repositories":[{"id":1192709004,"name":"CVE-2026-34070","full_name":"Rickidevs/CVE-2026-34070","html_url":"https://github.com/Rickidevs/CVE-2026-34070","description":"I Found a Zero-Day Vulnerability in langchain — Here’s How It Went","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-26T13:41:27Z","pushed_at":"2026-03-26T13:41:23Z","created_at":"2026-03-26T13:39:47Z","topics":[],"owner":{"login":"Rickidevs","html_url":"https://github.com/Rickidevs"},"clone_url":"https://github.com/Rickidevs/CVE-2026-34070.git"}]},{"cve_id":"CVE-2026-34156","repositories":[{"id":1203648845,"name":"CVE-2026-34156","full_name":"franckboumendil/CVE-2026-34156","html_url":"https://github.com/franckboumendil/CVE-2026-34156","description":"NocoBase Sandbox Escape to RCE via console._stdout Prototype Chain Traversal (CVE-2026-34156)","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-07T08:37:10Z","pushed_at":"2026-04-07T08:32:01Z","created_at":"2026-04-07T08:31:59Z","topics":["cve","cve-2026-34156","exploit","nocobase","nodejs","poc","prototype-pollution","rce","sandbox-escape","security","vulnerability"],"owner":{"login":"franckboumendil","html_url":"https://github.com/franckboumendil"},"clone_url":"https://github.com/franckboumendil/CVE-2026-34156.git"},{"id":1200431096,"name":"CVE-2026-34156","full_name":"0xBlackash/CVE-2026-34156","html_url":"https://github.com/0xBlackash/CVE-2026-34156","description":"CVE-2026-34156","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-03T12:55:12Z","pushed_at":"2026-04-03T12:55:09Z","created_at":"2026-04-03T12:04:06Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-34156.git"}]},{"cve_id":"CVE-2026-34159","repositories":[{"id":1219413367,"name":"CVE-2026-34159","full_name":"casp3r0x0/CVE-2026-34159","html_url":"https://github.com/casp3r0x0/CVE-2026-34159","description":"0 Click RCE exploit for CVE-2026-34159 Lama.cpp RPC server","stargazers_count":23,"forks_count":10,"language":"Python","updated_at":"2026-04-29T12:31:03Z","pushed_at":"2026-04-23T22:44:29Z","created_at":"2026-04-23T21:14:21Z","topics":[],"owner":{"login":"casp3r0x0","html_url":"https://github.com/casp3r0x0"},"clone_url":"https://github.com/casp3r0x0/CVE-2026-34159.git"}]},{"cve_id":"CVE-2026-34197","repositories":[{"id":1215538844,"name":"ActiveMQ-EXPtools","full_name":"Catherines77/ActiveMQ-EXPtools","html_url":"https://github.com/Catherines77/ActiveMQ-EXPtools","description":"Apache ActiveMQ漏洞综合利用工具(CVE-2015-5254，CVE-2016-3088，CVE-2022-41678，CVE-2023-46604，CVE-2024-32114，CVE-2026-34197)","stargazers_count":34,"forks_count":2,"language":"Java","updated_at":"2026-04-29T11:52:10Z","pushed_at":"2026-04-27T09:37:12Z","created_at":"2026-04-20T02:38:50Z","topics":[],"owner":{"login":"Catherines77","html_url":"https://github.com/Catherines77"},"clone_url":"https://github.com/Catherines77/ActiveMQ-EXPtools.git"},{"id":1204726822,"name":"CVE-2026-34197","full_name":"dinosn/CVE-2026-34197","html_url":"https://github.com/dinosn/CVE-2026-34197","description":"CVE-2026-34197 activemq PoC","stargazers_count":7,"forks_count":0,"language":"Python","updated_at":"2026-04-27T09:49:57Z","pushed_at":"2026-04-08T09:26:09Z","created_at":"2026-04-08T09:18:33Z","topics":[],"owner":{"login":"dinosn","html_url":"https://github.com/dinosn"},"clone_url":"https://github.com/dinosn/CVE-2026-34197.git"},{"id":1205274738,"name":"CVE-2026-34197","full_name":"DEVSECURITYSPRO/CVE-2026-34197","html_url":"https://github.com/DEVSECURITYSPRO/CVE-2026-34197","description":"CVE-2026-34197 - Apache ActiveMQ RCE via Jolokia Endpoint PoC","stargazers_count":3,"forks_count":0,"language":"Python","updated_at":"2026-04-09T20:36:03Z","pushed_at":"2026-04-08T20:07:07Z","created_at":"2026-04-08T20:07:01Z","topics":[],"owner":{"login":"DEVSECURITYSPRO","html_url":"https://github.com/DEVSECURITYSPRO"},"clone_url":"https://github.com/DEVSECURITYSPRO/CVE-2026-34197.git"},{"id":1206312496,"name":"CVE-2026-34197","full_name":"KONDORDEVSECURITYCORP/CVE-2026-34197","html_url":"https://github.com/KONDORDEVSECURITYCORP/CVE-2026-34197","description":"CVE-2026-34197 — Apache ActiveMQ RCE via Jolokia API | PoC Exploit","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-04-27T09:49:16Z","pushed_at":"2026-04-13T19:52:13Z","created_at":"2026-04-09T19:41:30Z","topics":[],"owner":{"login":"KONDORDEVSECURITYCORP","html_url":"https://github.com/KONDORDEVSECURITYCORP"},"clone_url":"https://github.com/KONDORDEVSECURITYCORP/CVE-2026-34197.git"},{"id":1215519117,"name":"CVE-2026-34197-payload-Apache-ActiveMQ-","full_name":"xshysjhq/CVE-2026-34197-payload-Apache-ActiveMQ-","html_url":"https://github.com/xshysjhq/CVE-2026-34197-payload-Apache-ActiveMQ-","description":"","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-20T02:09:07Z","pushed_at":"2026-04-20T02:08:33Z","created_at":"2026-04-20T02:01:51Z","topics":[],"owner":{"login":"xshysjhq","html_url":"https://github.com/xshysjhq"},"clone_url":"https://github.com/xshysjhq/CVE-2026-34197-payload-Apache-ActiveMQ-.git"},{"id":1205805147,"name":"CVE-2026-34197-Apache-ActiveMQ-RCE","full_name":"AtoposX-J/CVE-2026-34197-Apache-ActiveMQ-RCE","html_url":"https://github.com/AtoposX-J/CVE-2026-34197-Apache-ActiveMQ-RCE","description":"CVE-2026-34197","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-16T08:27:14Z","pushed_at":"2026-04-09T09:47:55Z","created_at":"2026-04-09T09:44:08Z","topics":[],"owner":{"login":"AtoposX-J","html_url":"https://github.com/AtoposX-J"},"clone_url":"https://github.com/AtoposX-J/CVE-2026-34197-Apache-ActiveMQ-RCE.git"},{"id":1204636528,"name":"CVE-2026-34197","full_name":"0xBlackash/CVE-2026-34197","html_url":"https://github.com/0xBlackash/CVE-2026-34197","description":"CVE-2026-34197","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-04-08T17:20:54Z","pushed_at":"2026-04-08T07:55:31Z","created_at":"2026-04-08T07:28:49Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-34197.git"},{"id":1210863746,"name":"CVE-2026-34197","full_name":"keraattin/CVE-2026-34197","html_url":"https://github.com/keraattin/CVE-2026-34197","description":"CVE-2026-34197: Apache ActiveMQ Classic RCE via Jolokia API (CVSS 8.8). Python \u0026 Nmap NSE detection scripts. A 13-year-old vulnerability allows remote code execution through the addNetworkConnector MBean operation. Unauthenticated on versions 6.0.0 to 6.1.1. Fixed in 5.19.4 and 6.2.3.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-14T21:10:23Z","pushed_at":"2026-04-14T21:08:58Z","created_at":"2026-04-14T20:44:24Z","topics":["activemq","apache-activemq","cve-2026-34197","cybersecurity","jolokia","nmap-scripts","nse-scripts","remote-code-execution","vulnerability-detection"],"owner":{"login":"keraattin","html_url":"https://github.com/keraattin"},"clone_url":"https://github.com/keraattin/CVE-2026-34197.git"},{"id":1206503415,"name":"CVE-2026-34197","full_name":"hg0434hongzh0/CVE-2026-34197","html_url":"https://github.com/hg0434hongzh0/CVE-2026-34197","description":"POC","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-10T01:45:02Z","pushed_at":"2026-04-10T01:44:58Z","created_at":"2026-04-10T01:29:12Z","topics":[],"owner":{"login":"hg0434hongzh0","html_url":"https://github.com/hg0434hongzh0"},"clone_url":"https://github.com/hg0434hongzh0/CVE-2026-34197.git"}]},{"cve_id":"CVE-2026-34200","repositories":[{"id":1192884297,"name":"CVE-2026-34200","full_name":"skoveit/CVE-2026-34200","html_url":"https://github.com/skoveit/CVE-2026-34200","description":"CVE-2026-34200 PoC - Nhost Unauthenticated Remote Access ","stargazers_count":4,"forks_count":0,"language":"TypeScript","updated_at":"2026-04-25T23:56:06Z","pushed_at":"2026-03-27T14:55:20Z","created_at":"2026-03-26T16:52:17Z","topics":[],"owner":{"login":"skoveit","html_url":"https://github.com/skoveit"},"clone_url":"https://github.com/skoveit/CVE-2026-34200.git"}]},{"cve_id":"CVE-2026-34220","repositories":[{"id":1222132979,"name":"CVE-2026-34220","full_name":"EQSTLab/CVE-2026-34220","html_url":"https://github.com/EQSTLab/CVE-2026-34220","description":"","stargazers_count":1,"forks_count":0,"language":"JavaScript","updated_at":"2026-04-27T04:54:23Z","pushed_at":"2026-04-27T04:54:18Z","created_at":"2026-04-27T04:30:33Z","topics":[],"owner":{"login":"EQSTLab","html_url":"https://github.com/EQSTLab"},"clone_url":"https://github.com/EQSTLab/CVE-2026-34220.git"}]},{"cve_id":"CVE-2026-34227","repositories":[{"id":1193704490,"name":"CVE-2026-34227","full_name":"skoveit/CVE-2026-34227","html_url":"https://github.com/skoveit/CVE-2026-34227","description":"CVE-2026-34227 · CORS → CSRF chain on Sliver's unauthenticated MCP interface","stargazers_count":1,"forks_count":0,"language":"TypeScript","updated_at":"2026-04-21T15:53:17Z","pushed_at":"2026-03-27T15:12:34Z","created_at":"2026-03-27T13:51:07Z","topics":[],"owner":{"login":"skoveit","html_url":"https://github.com/skoveit"},"clone_url":"https://github.com/skoveit/CVE-2026-34227.git"}]},{"cve_id":"CVE-2026-34444","repositories":[{"id":1200158922,"name":"CVE-2026-34444","full_name":"redyank/CVE-2026-34444","html_url":"https://github.com/redyank/CVE-2026-34444","description":"CVE-2026-34444(Sandbox escape and RCE due to incomplete attribute_filter enforcement in getattr/setattr)","stargazers_count":0,"forks_count":1,"language":"","updated_at":"2026-04-03T05:14:35Z","pushed_at":"2026-04-03T05:14:30Z","created_at":"2026-04-03T05:14:29Z","topics":[],"owner":{"login":"redyank","html_url":"https://github.com/redyank"},"clone_url":"https://github.com/redyank/CVE-2026-34444.git"}]},{"cve_id":"CVE-2026-34486","repositories":[{"id":1211230936,"name":"CVE-2026-34486-poc","full_name":"AirSkye/CVE-2026-34486-poc","html_url":"https://github.com/AirSkye/CVE-2026-34486-poc","description":"CVE-2026-34486 Apache Tomcat EncryptInterceptor 绕过漏洞复现（使用GLM5.1复现完成）","stargazers_count":9,"forks_count":0,"language":"Shell","updated_at":"2026-04-28T01:40:13Z","pushed_at":"2026-04-15T07:33:28Z","created_at":"2026-04-15T07:30:15Z","topics":[],"owner":{"login":"AirSkye","html_url":"https://github.com/AirSkye"},"clone_url":"https://github.com/AirSkye/CVE-2026-34486-poc.git"},{"id":1211546980,"name":"CVE-2026-34486","full_name":"404-src/CVE-2026-34486","html_url":"https://github.com/404-src/CVE-2026-34486","description":"Apache Tomcat EncryptInterceptor Bypass → Unauthenticated RCE (CVE-2026-34486)","stargazers_count":4,"forks_count":3,"language":"Python","updated_at":"2026-04-23T09:32:37Z","pushed_at":"2026-04-15T13:58:22Z","created_at":"2026-04-15T13:55:55Z","topics":[],"owner":{"login":"404-src","html_url":"https://github.com/404-src"},"clone_url":"https://github.com/404-src/CVE-2026-34486.git"},{"id":1211194608,"name":"tomcat-cve-2026-34486","full_name":"punitdarji/tomcat-cve-2026-34486","html_url":"https://github.com/punitdarji/tomcat-cve-2026-34486","description":"CVE labs ","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-29T12:50:19Z","pushed_at":"2026-04-15T06:55:41Z","created_at":"2026-04-15T06:46:48Z","topics":[],"owner":{"login":"punitdarji","html_url":"https://github.com/punitdarji"},"clone_url":"https://github.com/punitdarji/tomcat-cve-2026-34486.git"},{"id":1212346557,"name":"CVE-2026-34486-Tribes","full_name":"helGayhub233/CVE-2026-34486-Tribes","html_url":"https://github.com/helGayhub233/CVE-2026-34486-Tribes","description":"Tribes 协议探测","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-16T10:01:46Z","pushed_at":"2026-04-16T10:01:42Z","created_at":"2026-04-16T09:35:37Z","topics":[],"owner":{"login":"helGayhub233","html_url":"https://github.com/helGayhub233"},"clone_url":"https://github.com/helGayhub233/CVE-2026-34486-Tribes.git"}]},{"cve_id":"CVE-2026-3462","repositories":[{"id":1215751275,"name":"CVE-2026-3462","full_name":"dajneem23/CVE-2026-3462","html_url":"https://github.com/dajneem23/CVE-2026-3462","description":"Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321)","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-20T08:22:32Z","pushed_at":"2026-04-20T08:22:28Z","created_at":"2026-04-20T08:11:19Z","topics":[],"owner":{"login":"dajneem23","html_url":"https://github.com/dajneem23"},"clone_url":"https://github.com/dajneem23/CVE-2026-3462.git"}]},{"cve_id":"CVE-2026-34621","repositories":[{"id":1211630240,"name":"cve_2026_34621_advanced","full_name":"NULL200OK/cve_2026_34621_advanced","html_url":"https://github.com/NULL200OK/cve_2026_34621_advanced","description":"A sophisticated, cross-platform exploit generator for **CVE-2026-34621** – a critical prototype pollution vulnerability in Adobe Acrobat and Reader that leads to sandbox escape and arbitrary code execution on Windows and macOS.","stargazers_count":10,"forks_count":1,"language":"Python","updated_at":"2026-04-29T06:53:26Z","pushed_at":"2026-04-15T15:47:23Z","created_at":"2026-04-15T15:30:06Z","topics":[],"owner":{"login":"NULL200OK","html_url":"https://github.com/NULL200OK"},"clone_url":"https://github.com/NULL200OK/cve_2026_34621_advanced.git"},{"id":1213278037,"name":"CVE-2026-34621_PDF_SAMPLE","full_name":"ercihan/CVE-2026-34621_PDF_SAMPLE","html_url":"https://github.com/ercihan/CVE-2026-34621_PDF_SAMPLE","description":"","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-04-17T08:25:50Z","pushed_at":"2026-04-17T08:25:47Z","created_at":"2026-04-17T08:07:42Z","topics":[],"owner":{"login":"ercihan","html_url":"https://github.com/ercihan"},"clone_url":"https://github.com/ercihan/CVE-2026-34621_PDF_SAMPLE.git"},{"id":1210599072,"name":"Remediate-AdobeAcrobat-CVE-2026-34621","full_name":"KeulenR01/Remediate-AdobeAcrobat-CVE-2026-34621","html_url":"https://github.com/KeulenR01/Remediate-AdobeAcrobat-CVE-2026-34621","description":"","stargazers_count":1,"forks_count":0,"language":"PowerShell","updated_at":"2026-04-15T16:32:23Z","pushed_at":"2026-04-15T06:50:16Z","created_at":"2026-04-14T15:14:39Z","topics":[],"owner":{"login":"KeulenR01","html_url":"https://github.com/KeulenR01"},"clone_url":"https://github.com/KeulenR01/Remediate-AdobeAcrobat-CVE-2026-34621.git"},{"id":1209461365,"name":"CVE-2026-34621","full_name":"ercihan/CVE-2026-34621","html_url":"https://github.com/ercihan/CVE-2026-34621","description":"","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-04-17T08:16:07Z","pushed_at":"2026-04-13T13:06:56Z","created_at":"2026-04-13T13:00:37Z","topics":[],"owner":{"login":"ercihan","html_url":"https://github.com/ercihan"},"clone_url":"https://github.com/ercihan/CVE-2026-34621.git"}]},{"cve_id":"CVE-2026-34724","repositories":[{"id":1206048187,"name":"CVE-2026-34724","full_name":"0xBlackash/CVE-2026-34724","html_url":"https://github.com/0xBlackash/CVE-2026-34724","description":"CVE-2026-34724","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-09T14:44:37Z","pushed_at":"2026-04-09T14:44:34Z","created_at":"2026-04-09T14:23:13Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-34724.git"}]},{"cve_id":"CVE-2026-34828","repositories":[{"id":1199090679,"name":"CVE-2026-34828","full_name":"0xmrma/CVE-2026-34828","html_url":"https://github.com/0xmrma/CVE-2026-34828","description":"listmonk’s Session Persistence After Password Reset and Password Change","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-04-02T03:29:55Z","pushed_at":"2026-04-02T03:29:07Z","created_at":"2026-04-02T03:25:32Z","topics":[],"owner":{"login":"0xmrma","html_url":"https://github.com/0xmrma"},"clone_url":"https://github.com/0xmrma/CVE-2026-34828.git"}]},{"cve_id":"CVE-2026-34838","repositories":[{"id":1200671776,"name":"CVE-2026-34838","full_name":"bamuwe/CVE-2026-34838","html_url":"https://github.com/bamuwe/CVE-2026-34838","description":"CVE-2026-34838 PoC (Proof of Concept)","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-04T03:16:33Z","pushed_at":"2026-04-03T17:51:52Z","created_at":"2026-04-03T17:33:47Z","topics":[],"owner":{"login":"bamuwe","html_url":"https://github.com/bamuwe"},"clone_url":"https://github.com/bamuwe/CVE-2026-34838.git"}]},{"cve_id":"CVE-2026-3502","repositories":[{"id":1201606329,"name":"CVE-2026-3502-Scanner---TrueConf-Vulnerability-Detection-Tool","full_name":"fevar54/CVE-2026-3502-Scanner---TrueConf-Vulnerability-Detection-Tool","html_url":"https://github.com/fevar54/CVE-2026-3502-Scanner---TrueConf-Vulnerability-Detection-Tool","description":"Herramienta de detección para CVE-2026-3502. Escanea servidores TrueConf sin verificación de actualizaciones, detecta clientes Windows vulnerables (≤8.5.3.884) y busca IOCs de TrueChaos: PowerISO, persistencia en registro y tareas programadas. Reportes JSON, HTML o CSV.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-04T22:55:09Z","pushed_at":"2026-04-04T22:55:06Z","created_at":"2026-04-04T22:50:54Z","topics":[],"owner":{"login":"fevar54","html_url":"https://github.com/fevar54"},"clone_url":"https://github.com/fevar54/CVE-2026-3502-Scanner---TrueConf-Vulnerability-Detection-Tool.git"},{"id":1201602206,"name":"CVE-2026-3502---TrueConf-Client-Update-Hijacking-PoC","full_name":"fevar54/CVE-2026-3502---TrueConf-Client-Update-Hijacking-PoC","html_url":"https://github.com/fevar54/CVE-2026-3502---TrueConf-Client-Update-Hijacking-PoC","description":"Exploit para CVE-2026-3502 en TrueConf Client. Un atacante con control del servidor TrueConf local reemplaza la actualización legítima por un payload malicioso sin verificación de integridad, logrando ejecución remota de código y despliegue de malware Havoc en todos los clientes conectados (Operación TrueChaos).","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-04T22:45:53Z","pushed_at":"2026-04-04T22:45:49Z","created_at":"2026-04-04T22:39:53Z","topics":[],"owner":{"login":"fevar54","html_url":"https://github.com/fevar54"},"clone_url":"https://github.com/fevar54/CVE-2026-3502---TrueConf-Client-Update-Hijacking-PoC.git"}]},{"cve_id":"CVE-2026-35031","repositories":[{"id":1211878687,"name":"CVE-2026-35031","full_name":"keraattin/CVE-2026-35031","html_url":"https://github.com/keraattin/CVE-2026-35031","description":"Critical path traversal to RCE vulnerability in Jellyfin Media Server (CVSS 9.9). Includes proof-of-concept exploit, technical analysis, and detection tools.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-15T20:57:53Z","pushed_at":"2026-04-15T20:57:49Z","created_at":"2026-04-15T20:56:49Z","topics":[],"owner":{"login":"keraattin","html_url":"https://github.com/keraattin"},"clone_url":"https://github.com/keraattin/CVE-2026-35031.git"}]},{"cve_id":"CVE-2026-35045","repositories":[{"id":1200469379,"name":"CVE-2026-35045-PoC","full_name":"FilipeGaudard/CVE-2026-35045-PoC","html_url":"https://github.com/FilipeGaudard/CVE-2026-35045-PoC","description":"","stargazers_count":1,"forks_count":1,"language":"Python","updated_at":"2026-04-03T15:56:25Z","pushed_at":"2026-04-03T14:15:30Z","created_at":"2026-04-03T12:59:08Z","topics":[],"owner":{"login":"FilipeGaudard","html_url":"https://github.com/FilipeGaudard"},"clone_url":"https://github.com/FilipeGaudard/CVE-2026-35045-PoC.git"}]},{"cve_id":"CVE-2026-3516","repositories":[{"id":1206240800,"name":"CVE-2026-3516","full_name":"d3kc4rt1/CVE-2026-3516","html_url":"https://github.com/d3kc4rt1/CVE-2026-3516","description":"Authenticated Stored Cross-Site Scripting (XSS) in Contact List Plugin","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-09T18:06:04Z","pushed_at":"2026-04-09T18:05:59Z","created_at":"2026-04-09T18:05:32Z","topics":[],"owner":{"login":"d3kc4rt1","html_url":"https://github.com/d3kc4rt1"},"clone_url":"https://github.com/d3kc4rt1/CVE-2026-3516.git"}]},{"cve_id":"CVE-2026-35414","repositories":[{"id":1224475245,"name":"CVE-2026-35414","full_name":"killercd/CVE-2026-35414","html_url":"https://github.com/killercd/CVE-2026-35414","description":"CVE-2026-35414 Vuln block","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-29T10:18:32Z","pushed_at":"2026-04-29T10:18:29Z","created_at":"2026-04-29T10:13:49Z","topics":[],"owner":{"login":"killercd","html_url":"https://github.com/killercd"},"clone_url":"https://github.com/killercd/CVE-2026-35414.git"}]},{"cve_id":"CVE-2026-35492","repositories":[{"id":1201344624,"name":"CVE-2026-35492","full_name":"redyank/CVE-2026-35492","html_url":"https://github.com/redyank/CVE-2026-35492","description":"CVE-2026-35492(Path traversal vulnerability in PartitionedDataset allows arbitrary file write)","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-04T14:54:10Z","pushed_at":"2026-04-04T14:54:06Z","created_at":"2026-04-04T14:53:34Z","topics":[],"owner":{"login":"redyank","html_url":"https://github.com/redyank"},"clone_url":"https://github.com/redyank/CVE-2026-35492.git"}]},{"cve_id":"CVE-2026-35517","repositories":[{"id":1210158592,"name":"CVE-2026-35517","full_name":"keraattin/CVE-2026-35517","html_url":"https://github.com/keraattin/CVE-2026-35517","description":"CVE-2026-35517 Pi-hole FTLDNS Remote Code Execution via Newline Injection (CVSS 8.8). Python \u0026 Nmap NSE detection scripts with full technical breakdown. A newline character in the dns.upstreams parameter gives authenticated attackers command execution on the host. Five related injection vectors all patched in FTL v6.6.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-14T07:52:26Z","pushed_at":"2026-04-14T07:52:22Z","created_at":"2026-04-14T06:26:12Z","topics":["crlf-injection","cve-2026-35517","cybersecurity","dnsmasq","ftldns","newline-injection","nmap-scripts","nse-scripts","pi-hole","pihole","rce","remote-code-execution","vulnerability-detection"],"owner":{"login":"keraattin","html_url":"https://github.com/keraattin"},"clone_url":"https://github.com/keraattin/CVE-2026-35517.git"}]},{"cve_id":"CVE-2026-35570","repositories":[{"id":1201213142,"name":"CVE-2026-35570","full_name":"Rickidevs/CVE-2026-35570","html_url":"https://github.com/Rickidevs/CVE-2026-35570","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-04T11:16:27Z","pushed_at":"2026-04-04T11:16:23Z","created_at":"2026-04-04T11:15:05Z","topics":[],"owner":{"login":"Rickidevs","html_url":"https://github.com/Rickidevs"},"clone_url":"https://github.com/Rickidevs/CVE-2026-35570.git"}]},{"cve_id":"CVE-2026-35584","repositories":[{"id":1206612140,"name":"CVE-2026-35584","full_name":"LeonardoNovais7/CVE-2026-35584","html_url":"https://github.com/LeonardoNovais7/CVE-2026-35584","description":"POC - CVE-2026-35584","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-11T22:22:40Z","pushed_at":"2026-04-11T22:22:32Z","created_at":"2026-04-10T04:49:07Z","topics":[],"owner":{"login":"LeonardoNovais7","html_url":"https://github.com/LeonardoNovais7"},"clone_url":"https://github.com/LeonardoNovais7/CVE-2026-35584.git"}]},{"cve_id":"CVE-2026-35585","repositories":[{"id":1210431462,"name":"CVE-2026-35585-poc","full_name":"Saku0512/CVE-2026-35585-poc","html_url":"https://github.com/Saku0512/CVE-2026-35585-poc","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-14T12:57:37Z","pushed_at":"2026-04-14T12:57:14Z","created_at":"2026-04-14T12:11:36Z","topics":[],"owner":{"login":"Saku0512","html_url":"https://github.com/Saku0512"},"clone_url":"https://github.com/Saku0512/CVE-2026-35585-poc.git"}]},{"cve_id":"CVE-2026-35616","repositories":[{"id":1214966164,"name":"CVE-2026-35616","full_name":"Alaatk/CVE-2026-35616","html_url":"https://github.com/Alaatk/CVE-2026-35616","description":"Fortinet FortiClientEMS improper access control","stargazers_count":4,"forks_count":1,"language":"Python","updated_at":"2026-04-22T15:17:54Z","pushed_at":"2026-04-20T09:53:27Z","created_at":"2026-04-19T09:46:50Z","topics":[],"owner":{"login":"Alaatk","html_url":"https://github.com/Alaatk"},"clone_url":"https://github.com/Alaatk/CVE-2026-35616.git"},{"id":1201392431,"name":"CVE-2026-35616-poc","full_name":"z3r0h3ro/CVE-2026-35616-poc","html_url":"https://github.com/z3r0h3ro/CVE-2026-35616-poc","description":"","stargazers_count":2,"forks_count":0,"language":"","updated_at":"2026-04-09T18:06:29Z","pushed_at":"2026-04-04T16:32:47Z","created_at":"2026-04-04T16:06:38Z","topics":[],"owner":{"login":"z3r0h3ro","html_url":"https://github.com/z3r0h3ro"},"clone_url":"https://github.com/z3r0h3ro/CVE-2026-35616-poc.git"},{"id":1216250274,"name":"CVE-2026-35616","full_name":"wa6n3r/CVE-2026-35616","html_url":"https://github.com/wa6n3r/CVE-2026-35616","description":"","stargazers_count":1,"forks_count":1,"language":"Python","updated_at":"2026-04-27T08:40:10Z","pushed_at":"2026-04-20T18:12:31Z","created_at":"2026-04-20T18:08:02Z","topics":[],"owner":{"login":"wa6n3r","html_url":"https://github.com/wa6n3r"},"clone_url":"https://github.com/wa6n3r/CVE-2026-35616.git"},{"id":1203227039,"name":"CVE-2026-35616-check","full_name":"BishopFox/CVE-2026-35616-check","html_url":"https://github.com/BishopFox/CVE-2026-35616-check","description":"","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-13T08:35:55Z","pushed_at":"2026-04-06T21:06:43Z","created_at":"2026-04-06T21:04:26Z","topics":[],"owner":{"login":"BishopFox","html_url":"https://github.com/BishopFox"},"clone_url":"https://github.com/BishopFox/CVE-2026-35616-check.git"},{"id":1209757940,"name":"CVE-2026-35616","full_name":"keraattin/CVE-2026-35616","html_url":"https://github.com/keraattin/CVE-2026-35616","description":"CVE-2026-35616 - FortiClient EMS Pre-Authentication API Bypass (CVSS 9.1, CISA KEV). Python \u0026 Nmap NSE detection scripts with full technical breakdown. One forged HTTP header bypasses authentication on FortiClient EMS 7.4.5–7.4.6, granting full admin API access to all managed endpoints.","stargazers_count":0,"forks_count":1,"language":"Python","updated_at":"2026-04-13T18:55:23Z","pushed_at":"2026-04-13T18:55:19Z","created_at":"2026-04-13T18:49:00Z","topics":["authentication-bypass","cve-2026-35616","cybersecurity","forticlient","forticlient-ems","fortinet","nmap-scripts","nse-scripts","vulnerability-detection","vulnerability-research"],"owner":{"login":"keraattin","html_url":"https://github.com/keraattin"},"clone_url":"https://github.com/keraattin/CVE-2026-35616.git"},{"id":1202954732,"name":"CVE-2026-35616-detector.py","full_name":"fevar54/CVE-2026-35616-detector.py","html_url":"https://github.com/fevar54/CVE-2026-35616-detector.py","description":"This tool detects if a FortiClient EMS server is vulnerable to **CVE-2026-35616**, a critical improper access control vulnerability affecting versions **7.4.5 through 7.4.6**.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-06T15:22:35Z","pushed_at":"2026-04-06T15:22:31Z","created_at":"2026-04-06T15:16:53Z","topics":[],"owner":{"login":"fevar54","html_url":"https://github.com/fevar54"},"clone_url":"https://github.com/fevar54/CVE-2026-35616-detector.py.git"},{"id":1201125511,"name":"CVE-2026-35616","full_name":"0xBlackash/CVE-2026-35616","html_url":"https://github.com/0xBlackash/CVE-2026-35616","description":"CVE-2026-35616","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-04T09:12:08Z","pushed_at":"2026-04-04T09:12:04Z","created_at":"2026-04-04T08:43:00Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-35616.git"}]},{"cve_id":"CVE-2026-3584","repositories":[{"id":1191469112,"name":"CVE-2026-3584","full_name":"Yucaerin/CVE-2026-3584","html_url":"https://github.com/Yucaerin/CVE-2026-3584","description":"CVE-2026-3584","stargazers_count":0,"forks_count":3,"language":"Python","updated_at":"2026-03-25T11:50:38Z","pushed_at":"2026-03-25T11:50:34Z","created_at":"2026-03-25T09:21:54Z","topics":[],"owner":{"login":"Yucaerin","html_url":"https://github.com/Yucaerin"},"clone_url":"https://github.com/Yucaerin/CVE-2026-3584.git"}]},{"cve_id":"CVE-2026-37748","repositories":[{"id":1212742464,"name":"CVE-2026-37748","full_name":"menevarad007/CVE-2026-37748","html_url":"https://github.com/menevarad007/CVE-2026-37748","description":"Visitor Management System 1.0 - Unrestricted File Upload → RCE (CVE-2026-37748)","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-17T14:48:50Z","pushed_at":"2026-04-17T14:48:47Z","created_at":"2026-04-16T17:27:49Z","topics":[],"owner":{"login":"menevarad007","html_url":"https://github.com/menevarad007"},"clone_url":"https://github.com/menevarad007/CVE-2026-37748.git"}]},{"cve_id":"CVE-2026-37749","repositories":[{"id":1212788251,"name":"CVE-2026-37749","full_name":"menevarad007/CVE-2026-37749","html_url":"https://github.com/menevarad007/CVE-2026-37749","description":"CVE-2026-37749 — CodeAstro Simple Attendance Management System 1.0 - SQL Injection","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-17T14:59:35Z","pushed_at":"2026-04-17T14:59:32Z","created_at":"2026-04-16T18:25:42Z","topics":[],"owner":{"login":"menevarad007","html_url":"https://github.com/menevarad007"},"clone_url":"https://github.com/menevarad007/CVE-2026-37749.git"}]},{"cve_id":"CVE-2026-37750","repositories":[{"id":1212836874,"name":"CVE-2026-37750","full_name":"menevarad007/CVE-2026-37750","html_url":"https://github.com/menevarad007/CVE-2026-37750","description":"CVE-2026-37750 — School Management System 1.0 - Reflected XSS","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-17T15:08:55Z","pushed_at":"2026-04-17T15:08:52Z","created_at":"2026-04-16T19:29:23Z","topics":[],"owner":{"login":"menevarad007","html_url":"https://github.com/menevarad007"},"clone_url":"https://github.com/menevarad007/CVE-2026-37750.git"}]},{"cve_id":"CVE-2026-3786","repositories":[{"id":1187040896,"name":"CVE-2026-3786","full_name":"Mefhika120/CVE-2026-3786","html_url":"https://github.com/Mefhika120/CVE-2026-3786","description":"CVE-2026-3786 EasyTheme SQLi","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-20T09:19:31Z","pushed_at":"2026-03-11T13:14:14Z","created_at":"2026-03-20T09:19:31Z","topics":[],"owner":{"login":"Mefhika120","html_url":"https://github.com/Mefhika120"},"clone_url":"https://github.com/Mefhika120/CVE-2026-3786.git"}]},{"cve_id":"CVE-2026-3796","repositories":[{"id":1158864623,"name":"CVE-2026-3796","full_name":"cwjchoi01/CVE-2026-3796","html_url":"https://github.com/cwjchoi01/CVE-2026-3796","description":"CVE-2026-3796","stargazers_count":4,"forks_count":1,"language":"C++","updated_at":"2026-04-10T01:10:58Z","pushed_at":"2026-03-15T16:14:54Z","created_at":"2026-02-16T02:33:05Z","topics":[],"owner":{"login":"cwjchoi01","html_url":"https://github.com/cwjchoi01"},"clone_url":"https://github.com/cwjchoi01/CVE-2026-3796.git"}]},{"cve_id":"CVE-2026-3805","repositories":[{"id":1208495399,"name":"CVE-2026-3805-curl-SMB-UAF","full_name":"Rat5ak/CVE-2026-3805-curl-SMB-UAF","html_url":"https://github.com/Rat5ak/CVE-2026-3805-curl-SMB-UAF","description":"CVE-2026-3805: Use-After-Free in curl SMB connection reuse - heap info disclosure","stargazers_count":0,"forks_count":1,"language":"Shell","updated_at":"2026-04-25T11:45:17Z","pushed_at":"2026-04-25T11:45:13Z","created_at":"2026-04-12T11:12:16Z","topics":[],"owner":{"login":"Rat5ak","html_url":"https://github.com/Rat5ak"},"clone_url":"https://github.com/Rat5ak/CVE-2026-3805-curl-SMB-UAF.git"}]},{"cve_id":"CVE-2026-3844","repositories":[{"id":1221054403,"name":"CVE-2026-3844","full_name":"dinosn/CVE-2026-3844","html_url":"https://github.com/dinosn/CVE-2026-3844","description":"CVE-2026-3844: Breeze Cache \u003c= 2.4.4 Unauthenticated Arbitrary File Upload to RCE (CVSS 9.8)","stargazers_count":4,"forks_count":0,"language":"Python","updated_at":"2026-04-26T07:04:57Z","pushed_at":"2026-04-25T17:53:39Z","created_at":"2026-04-25T17:35:16Z","topics":[],"owner":{"login":"dinosn","html_url":"https://github.com/dinosn"},"clone_url":"https://github.com/dinosn/CVE-2026-3844.git"},{"id":1219894216,"name":"CVE-2026-3844","full_name":"tausifzaman/CVE-2026-3844","html_url":"https://github.com/tausifzaman/CVE-2026-3844","description":"PoC exploit for CVE-2026-3844, a critical unauthenticated file upload vulnerability in the WordPress Breeze plugin leading to RCE.","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-04-25T18:25:30Z","pushed_at":"2026-04-24T10:28:28Z","created_at":"2026-04-24T10:26:40Z","topics":["automation","cve","cve-2026-3844","exploit","hacking-script","hacking-tool","poc"],"owner":{"login":"tausifzaman","html_url":"https://github.com/tausifzaman"},"clone_url":"https://github.com/tausifzaman/CVE-2026-3844.git"},{"id":1219886394,"name":"CVE-2026-3844","full_name":"0xgh057r3c0n/CVE-2026-3844","html_url":"https://github.com/0xgh057r3c0n/CVE-2026-3844","description":"WordPress - Breeze Cache \u003c= 2.4.4 - Unauthenticated Arbitrary File Upload","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-24T10:18:29Z","pushed_at":"2026-04-24T10:18:25Z","created_at":"2026-04-24T10:15:54Z","topics":[],"owner":{"login":"0xgh057r3c0n","html_url":"https://github.com/0xgh057r3c0n"},"clone_url":"https://github.com/0xgh057r3c0n/CVE-2026-3844.git"},{"id":1219585382,"name":"CVE-2026-3844","full_name":"im-hanzou/CVE-2026-3844","html_url":"https://github.com/im-hanzou/CVE-2026-3844","description":"Breeze Cache WordPress \u003c=2.4.4 allows unauthenticated file upload via fetch_gravatar_from_remote when local gravatar hosting is enabled.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-25T11:20:24Z","pushed_at":"2026-04-24T04:03:35Z","created_at":"2026-04-24T02:52:00Z","topics":["auto-exploit","breeze","cve-2026-3844","exploit","mass-exploit","python","rce","wordpress","wordpress-plugin"],"owner":{"login":"im-hanzou","html_url":"https://github.com/im-hanzou"},"clone_url":"https://github.com/im-hanzou/CVE-2026-3844.git"}]},{"cve_id":"CVE-2026-3854","repositories":[{"id":1224201714,"name":"CVE-2026-3854-PoC","full_name":"lysophavin18/CVE-2026-3854-PoC","html_url":"https://github.com/lysophavin18/CVE-2026-3854-PoC","description":"GitHub RCE via X-Stat Push Option Injection","stargazers_count":3,"forks_count":0,"language":"Python","updated_at":"2026-04-29T09:51:03Z","pushed_at":"2026-04-29T03:56:58Z","created_at":"2026-04-29T03:52:45Z","topics":[],"owner":{"login":"lysophavin18","html_url":"https://github.com/lysophavin18"},"clone_url":"https://github.com/lysophavin18/CVE-2026-3854-PoC.git"},{"id":1224015776,"name":"Exploit_CVE-2026-3854","full_name":"LACHHAB-Anas/Exploit_CVE-2026-3854","html_url":"https://github.com/LACHHAB-Anas/Exploit_CVE-2026-3854","description":"Details about CVE-2026-3854","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-28T22:12:22Z","pushed_at":"2026-04-28T22:12:19Z","created_at":"2026-04-28T22:02:08Z","topics":[],"owner":{"login":"LACHHAB-Anas","html_url":"https://github.com/LACHHAB-Anas"},"clone_url":"https://github.com/LACHHAB-Anas/Exploit_CVE-2026-3854.git"},{"id":1223926494,"name":"CVE-2026-3854","full_name":"5kr1pt/CVE-2026-3854","html_url":"https://github.com/5kr1pt/CVE-2026-3854","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-28T20:17:47Z","pushed_at":"2026-04-28T20:17:42Z","created_at":"2026-04-28T19:42:55Z","topics":[],"owner":{"login":"5kr1pt","html_url":"https://github.com/5kr1pt"},"clone_url":"https://github.com/5kr1pt/CVE-2026-3854.git"}]},{"cve_id":"CVE-2026-38751","repositories":[{"id":1219034166,"name":"poc","full_name":"fuutianyii/poc","html_url":"https://github.com/fuutianyii/poc","description":"For CVE-2026-38751","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-24T06:00:33Z","pushed_at":"2026-04-24T06:00:29Z","created_at":"2026-04-23T13:13:48Z","topics":[],"owner":{"login":"fuutianyii","html_url":"https://github.com/fuutianyii"},"clone_url":"https://github.com/fuutianyii/poc.git"}]},{"cve_id":"CVE-2026-3888","repositories":[{"id":1189100961,"name":"CVE-2026-3888-snap-confine-systemd-tmpfiles-LPE","full_name":"TheCyberGeek/CVE-2026-3888-snap-confine-systemd-tmpfiles-LPE","html_url":"https://github.com/TheCyberGeek/CVE-2026-3888-snap-confine-systemd-tmpfiles-LPE","description":"","stargazers_count":9,"forks_count":2,"language":"C","updated_at":"2026-04-28T03:54:31Z","pushed_at":"2026-03-23T03:00:22Z","created_at":"2026-03-23T01:19:14Z","topics":[],"owner":{"login":"TheCyberGeek","html_url":"https://github.com/TheCyberGeek"},"clone_url":"https://github.com/TheCyberGeek/CVE-2026-3888-snap-confine-systemd-tmpfiles-LPE.git"},{"id":1189856101,"name":"CVE-2026-3888","full_name":"nomaisthere/CVE-2026-3888","html_url":"https://github.com/nomaisthere/CVE-2026-3888","description":"Linux LPE via snap-confine + systemd-tmpfiles, explained in depth","stargazers_count":3,"forks_count":1,"language":"C","updated_at":"2026-04-02T20:20:44Z","pushed_at":"2026-04-02T10:32:24Z","created_at":"2026-03-23T18:27:12Z","topics":[],"owner":{"login":"nomaisthere","html_url":"https://github.com/nomaisthere"},"clone_url":"https://github.com/nomaisthere/CVE-2026-3888.git"},{"id":1187007043,"name":"CVE-2026-3888-PoC","full_name":"netw0rk7/CVE-2026-3888-PoC","html_url":"https://github.com/netw0rk7/CVE-2026-3888-PoC","description":"","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-04-15T15:04:22Z","pushed_at":"2026-03-23T03:02:52Z","created_at":"2026-03-20T08:30:33Z","topics":[],"owner":{"login":"netw0rk7","html_url":"https://github.com/netw0rk7"},"clone_url":"https://github.com/netw0rk7/CVE-2026-3888-PoC.git"},{"id":1185443343,"name":"CVE-2026-3888-POC-all-from-the-Qualys-platform.","full_name":"fevar54/CVE-2026-3888-POC-all-from-the-Qualys-platform.","html_url":"https://github.com/fevar54/CVE-2026-3888-POC-all-from-the-Qualys-platform.","description":"This script demonstrates a race condition vulnerability in snapd that allows a local, unprivileged user to gain root privileges. The exploit works by recreating snap's private /tmp directory after it's cleaned up by systemd-tmpfiles, and tricking snap-confine into bind-mounting malicious files into the snap's sandbox.","stargazers_count":2,"forks_count":1,"language":"Python","updated_at":"2026-03-19T09:30:14Z","pushed_at":"2026-03-18T15:38:55Z","created_at":"2026-03-18T15:33:57Z","topics":[],"owner":{"login":"fevar54","html_url":"https://github.com/fevar54"},"clone_url":"https://github.com/fevar54/CVE-2026-3888-POC-all-from-the-Qualys-platform..git"},{"id":1197321945,"name":"CVE-2026-3888","full_name":"DanielTangnes/CVE-2026-3888","html_url":"https://github.com/DanielTangnes/CVE-2026-3888","description":"","stargazers_count":0,"forks_count":0,"language":"C","updated_at":"2026-04-07T12:23:50Z","pushed_at":"2026-04-07T12:23:41Z","created_at":"2026-03-31T13:46:43Z","topics":[],"owner":{"login":"DanielTangnes","html_url":"https://github.com/DanielTangnes"},"clone_url":"https://github.com/DanielTangnes/CVE-2026-3888.git"},{"id":1185829636,"name":"Ubuntu-CVE-2026-3888-patcher","full_name":"Many-Hat-Group/Ubuntu-CVE-2026-3888-patcher","html_url":"https://github.com/Many-Hat-Group/Ubuntu-CVE-2026-3888-patcher","description":"This is a script designed for deployment on ubuntu instances patching the CVE-2026-3888 exploit ","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-03-19T01:54:52Z","pushed_at":"2026-03-19T01:54:49Z","created_at":"2026-03-19T01:33:42Z","topics":[],"owner":{"login":"Many-Hat-Group","html_url":"https://github.com/Many-Hat-Group"},"clone_url":"https://github.com/Many-Hat-Group/Ubuntu-CVE-2026-3888-patcher.git"}]},{"cve_id":"CVE-2026-3891","repositories":[{"id":1193349059,"name":"CVE-2026-3891","full_name":"Nxploited/CVE-2026-3891","html_url":"https://github.com/Nxploited/CVE-2026-3891","description":"Pix for WooCommerce \u003c= 1.5.0 - Unauthenticated Arbitrary File Upload","stargazers_count":4,"forks_count":2,"language":"Python","updated_at":"2026-04-07T11:24:16Z","pushed_at":"2026-03-27T06:09:36Z","created_at":"2026-03-27T06:00:10Z","topics":[],"owner":{"login":"Nxploited","html_url":"https://github.com/Nxploited"},"clone_url":"https://github.com/Nxploited/CVE-2026-3891.git"},{"id":1212199227,"name":"Mass-Scanner-CVE-2026-3891","full_name":"AnggaTechI/Mass-Scanner-CVE-2026-3891","html_url":"https://github.com/AnggaTechI/Mass-Scanner-CVE-2026-3891","description":"CVE-2026-3891 Mass Scanning","stargazers_count":2,"forks_count":0,"language":"Python","updated_at":"2026-04-17T21:14:50Z","pushed_at":"2026-04-16T06:46:48Z","created_at":"2026-04-16T06:43:25Z","topics":[],"owner":{"login":"AnggaTechI","html_url":"https://github.com/AnggaTechI"},"clone_url":"https://github.com/AnggaTechI/Mass-Scanner-CVE-2026-3891.git"},{"id":1181170442,"name":"CVE-2026-3891","full_name":"joshuavanderpoll/CVE-2026-3891","html_url":"https://github.com/joshuavanderpoll/CVE-2026-3891","description":"Pix for WooCommerce \u003c= 1.5.0 - Unauthenticated Arbitrary File Upload (CVE-2026-3891) PoC","stargazers_count":1,"forks_count":1,"language":"Python","updated_at":"2026-03-13T21:21:44Z","pushed_at":"2026-03-13T21:20:37Z","created_at":"2026-03-13T20:33:42Z","topics":["cve","cve-2026-3891","exploit","exploits","pentest-tool","pentesting","python","rce","security","security-tools","vulnerabilities","vulnerability","wordpress","wordpress-exploit"],"owner":{"login":"joshuavanderpoll","html_url":"https://github.com/joshuavanderpoll"},"clone_url":"https://github.com/joshuavanderpoll/CVE-2026-3891.git"}]},{"cve_id":"CVE-2026-38934","repositories":[{"id":1222327303,"name":"diskoverdata-cve-writeups","full_name":"VadlaReddySai/diskoverdata-cve-writeups","html_url":"https://github.com/VadlaReddySai/diskoverdata-cve-writeups","description":"Multiple CVEs (CVE-2026-38934, CVE-2026-38935, CVE-2026-38936) discovered in diskover-community including CSRF and XSS vulnerabilities with proof-of-concept and impact analysis.","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-27T09:37:52Z","pushed_at":"2026-04-27T09:37:49Z","created_at":"2026-04-27T08:57:53Z","topics":[],"owner":{"login":"VadlaReddySai","html_url":"https://github.com/VadlaReddySai"},"clone_url":"https://github.com/VadlaReddySai/diskoverdata-cve-writeups.git"}]},{"cve_id":"CVE-2026-38935","repositories":[{"id":1222327303,"name":"diskoverdata-cve-writeups","full_name":"VadlaReddySai/diskoverdata-cve-writeups","html_url":"https://github.com/VadlaReddySai/diskoverdata-cve-writeups","description":"Multiple CVEs (CVE-2026-38934, CVE-2026-38935, CVE-2026-38936) discovered in diskover-community including CSRF and XSS vulnerabilities with proof-of-concept and impact analysis.","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-27T09:37:52Z","pushed_at":"2026-04-27T09:37:49Z","created_at":"2026-04-27T08:57:53Z","topics":[],"owner":{"login":"VadlaReddySai","html_url":"https://github.com/VadlaReddySai"},"clone_url":"https://github.com/VadlaReddySai/diskoverdata-cve-writeups.git"}]},{"cve_id":"CVE-2026-38936","repositories":[{"id":1222327303,"name":"diskoverdata-cve-writeups","full_name":"VadlaReddySai/diskoverdata-cve-writeups","html_url":"https://github.com/VadlaReddySai/diskoverdata-cve-writeups","description":"Multiple CVEs (CVE-2026-38934, CVE-2026-38935, CVE-2026-38936) discovered in diskover-community including CSRF and XSS vulnerabilities with proof-of-concept and impact analysis.","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-27T09:37:52Z","pushed_at":"2026-04-27T09:37:49Z","created_at":"2026-04-27T08:57:53Z","topics":[],"owner":{"login":"VadlaReddySai","html_url":"https://github.com/VadlaReddySai"},"clone_url":"https://github.com/VadlaReddySai/diskoverdata-cve-writeups.git"}]},{"cve_id":"CVE-2026-38945","repositories":[{"id":1224405674,"name":"CVE-2026-38945","full_name":"Wise-Security/CVE-2026-38945","html_url":"https://github.com/Wise-Security/CVE-2026-38945","description":"","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-04-29T10:42:51Z","pushed_at":"2026-04-29T10:42:48Z","created_at":"2026-04-29T08:48:53Z","topics":[],"owner":{"login":"Wise-Security","html_url":"https://github.com/Wise-Security"},"clone_url":"https://github.com/Wise-Security/CVE-2026-38945.git"}]},{"cve_id":"CVE-2026-3909","repositories":[{"id":1206630131,"name":"CVE-2026-3909-PoC","full_name":"anansi2safe/CVE-2026-3909-PoC","html_url":"https://github.com/anansi2safe/CVE-2026-3909-PoC","description":"","stargazers_count":1,"forks_count":0,"language":"HTML","updated_at":"2026-04-18T03:10:22Z","pushed_at":"2026-04-18T03:10:18Z","created_at":"2026-04-10T05:20:07Z","topics":[],"owner":{"login":"anansi2safe","html_url":"https://github.com/anansi2safe"},"clone_url":"https://github.com/anansi2safe/CVE-2026-3909-PoC.git"}]},{"cve_id":"CVE-2026-3910","repositories":[{"id":1224493552,"name":"CVE-2026-3910","full_name":"5o1z/CVE-2026-3910","html_url":"https://github.com/5o1z/CVE-2026-3910","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-29T10:36:42Z","pushed_at":"2026-04-29T10:36:42Z","created_at":"2026-04-29T10:36:41Z","topics":[],"owner":{"login":"5o1z","html_url":"https://github.com/5o1z"},"clone_url":"https://github.com/5o1z/CVE-2026-3910.git"}]},{"cve_id":"CVE-2026-39324","repositories":[{"id":1203330946,"name":"CVE-2026-39324","full_name":"sm1ee/CVE-2026-39324","html_url":"https://github.com/sm1ee/CVE-2026-39324","description":"CVE-2026-39324: Rack Session auth bypass PoC","stargazers_count":0,"forks_count":0,"language":"Ruby","updated_at":"2026-04-07T21:41:23Z","pushed_at":"2026-04-07T21:41:20Z","created_at":"2026-04-07T00:16:26Z","topics":["cve-2026-39324","poc","rack-session"],"owner":{"login":"sm1ee","html_url":"https://github.com/sm1ee"},"clone_url":"https://github.com/sm1ee/CVE-2026-39324.git"}]},{"cve_id":"CVE-2026-39363","repositories":[{"id":1205051716,"name":"CVE-2026-39363","full_name":"Firebasky/CVE-2026-39363","html_url":"https://github.com/Firebasky/CVE-2026-39363","description":"CVE-2026-39363 AI  analysis","stargazers_count":5,"forks_count":0,"language":"Python","updated_at":"2026-04-10T11:27:18Z","pushed_at":"2026-04-08T15:35:29Z","created_at":"2026-04-08T15:31:49Z","topics":[],"owner":{"login":"Firebasky","html_url":"https://github.com/Firebasky"},"clone_url":"https://github.com/Firebasky/CVE-2026-39363.git"}]},{"cve_id":"CVE-2026-39371","repositories":[{"id":1203346744,"name":"CVE-2026-39371","full_name":"zebbernCVE/CVE-2026-39371","html_url":"https://github.com/zebbernCVE/CVE-2026-39371","description":"Advisory for rwsdk sdk ⌯⌲ 5000 weekly downloads","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-10T15:28:41Z","pushed_at":"2026-04-08T02:50:48Z","created_at":"2026-04-07T00:47:27Z","topics":["cve-2026-39371","cwe-352","high"],"owner":{"login":"zebbernCVE","html_url":"https://github.com/zebbernCVE"},"clone_url":"https://github.com/zebbernCVE/CVE-2026-39371.git"}]},{"cve_id":"CVE-2026-39376","repositories":[{"id":1206642045,"name":"CVE-2026-39376","full_name":"redyank/CVE-2026-39376","html_url":"https://github.com/redyank/CVE-2026-39376","description":"CVE-2026-39376(Infinite redirect loop DoS via meta-refresh chain)","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-10T05:41:00Z","pushed_at":"2026-04-10T05:40:38Z","created_at":"2026-04-10T05:39:38Z","topics":[],"owner":{"login":"redyank","html_url":"https://github.com/redyank"},"clone_url":"https://github.com/redyank/CVE-2026-39376.git"}]},{"cve_id":"CVE-2026-39808","repositories":[{"id":1217442068,"name":"FortiSandbox-RCE-Exploit-CVE-2026-39808","full_name":"ynsmroztas/FortiSandbox-RCE-Exploit-CVE-2026-39808","html_url":"https://github.com/ynsmroztas/FortiSandbox-RCE-Exploit-CVE-2026-39808","description":"FortiSandbox RCE Scanner — CVE-2026-39808","stargazers_count":18,"forks_count":7,"language":"Python","updated_at":"2026-04-29T12:04:40Z","pushed_at":"2026-04-21T22:32:02Z","created_at":"2026-04-21T22:21:48Z","topics":[],"owner":{"login":"ynsmroztas","html_url":"https://github.com/ynsmroztas"},"clone_url":"https://github.com/ynsmroztas/FortiSandbox-RCE-Exploit-CVE-2026-39808.git"},{"id":1211560229,"name":"CVE-2026-39808","full_name":"samu-delucas/CVE-2026-39808","html_url":"https://github.com/samu-delucas/CVE-2026-39808","description":"PoC for Unauthenticated RCE in FortiSandbox via CVE-2026-39808","stargazers_count":7,"forks_count":1,"language":"","updated_at":"2026-04-27T12:19:19Z","pushed_at":"2026-04-15T14:30:56Z","created_at":"2026-04-15T14:10:25Z","topics":["cve","cve-2026-39808","cve-poc","fortinet","fortisandbox","poc"],"owner":{"login":"samu-delucas","html_url":"https://github.com/samu-delucas"},"clone_url":"https://github.com/samu-delucas/CVE-2026-39808.git"},{"id":1214217573,"name":"CVE-2026-39808","full_name":"0xBlackash/CVE-2026-39808","html_url":"https://github.com/0xBlackash/CVE-2026-39808","description":"CVE-2026-39808","stargazers_count":0,"forks_count":2,"language":"Python","updated_at":"2026-04-23T22:34:11Z","pushed_at":"2026-04-23T22:34:07Z","created_at":"2026-04-18T09:15:36Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-39808.git"},{"id":1211424697,"name":"CVE-2026-39808","full_name":"Lechansky/CVE-2026-39808","html_url":"https://github.com/Lechansky/CVE-2026-39808","description":"Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-15T12:06:15Z","pushed_at":"2026-04-15T12:06:11Z","created_at":"2026-04-15T11:33:21Z","topics":[],"owner":{"login":"Lechansky","html_url":"https://github.com/Lechansky"},"clone_url":"https://github.com/Lechansky/CVE-2026-39808.git"}]},{"cve_id":"CVE-2026-39813","repositories":[{"id":1219399901,"name":"CVE-2026-39813","full_name":"0xBlackash/CVE-2026-39813","html_url":"https://github.com/0xBlackash/CVE-2026-39813","description":"CVE-2026-39813","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-23T21:31:01Z","pushed_at":"2026-04-23T21:30:57Z","created_at":"2026-04-23T20:52:05Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-39813.git"}]},{"cve_id":"CVE-2026-39816","repositories":[{"id":1224028810,"name":"nifi-CVE-2026-39816-poc","full_name":"ZeroPathAI/nifi-CVE-2026-39816-poc","html_url":"https://github.com/ZeroPathAI/nifi-CVE-2026-39816-poc","description":"POC for CVE-2026-39816 which allows NiFi users without execute code permissions to run arbitrary scripts","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-28T22:41:25Z","pushed_at":"2026-04-28T22:41:21Z","created_at":"2026-04-28T22:25:29Z","topics":[],"owner":{"login":"ZeroPathAI","html_url":"https://github.com/ZeroPathAI"},"clone_url":"https://github.com/ZeroPathAI/nifi-CVE-2026-39816-poc.git"}]},{"cve_id":"CVE-2026-39842","repositories":[{"id":1213350194,"name":"CVE-2026-39842","full_name":"keraattin/CVE-2026-39842","html_url":"https://github.com/keraattin/CVE-2026-39842","description":"Critical remote code execution vulnerability in OpenRemote's Rules Engine allows authenticated users with `write:rules` role to execute arbitrary code on the server with root privileges.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-17T09:37:17Z","pushed_at":"2026-04-17T09:37:13Z","created_at":"2026-04-17T09:36:05Z","topics":[],"owner":{"login":"keraattin","html_url":"https://github.com/keraattin"},"clone_url":"https://github.com/keraattin/CVE-2026-39842.git"}]},{"cve_id":"CVE-2026-39866","repositories":[{"id":1207902860,"name":"CVE-2026-39866","full_name":"abhayclasher/CVE-2026-39866","html_url":"https://github.com/abhayclasher/CVE-2026-39866","description":"","stargazers_count":0,"forks_count":0,"language":"JavaScript","updated_at":"2026-04-11T15:24:14Z","pushed_at":"2026-04-11T15:24:08Z","created_at":"2026-04-11T15:01:15Z","topics":[],"owner":{"login":"abhayclasher","html_url":"https://github.com/abhayclasher"},"clone_url":"https://github.com/abhayclasher/CVE-2026-39866.git"}]},{"cve_id":"CVE-2026-39912","repositories":[{"id":1206263773,"name":"CVE-2026-39912","full_name":"Chocapikk/CVE-2026-39912","html_url":"https://github.com/Chocapikk/CVE-2026-39912","description":"Xboard / V2Board Unauth Account Takeover - Magic Link Token Leak (CVE-2026-39912)","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-09T18:35:05Z","pushed_at":"2026-04-09T18:34:41Z","created_at":"2026-04-09T18:34:39Z","topics":["account-takeover","authentication-bypass","cve-2026-39912","exploit","proof-of-concept","security","v2board","xboard"],"owner":{"login":"Chocapikk","html_url":"https://github.com/Chocapikk"},"clone_url":"https://github.com/Chocapikk/CVE-2026-39912.git"}]},{"cve_id":"CVE-2026-39983","repositories":[{"id":1207095013,"name":"CVE-2026-39983","full_name":"zebbernCVE/CVE-2026-39983","html_url":"https://github.com/zebbernCVE/CVE-2026-39983","description":"Advisory for basic-ftp ⌯⌲ 20 mill weekly downloads","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-15T11:27:54Z","pushed_at":"2026-04-10T15:13:33Z","created_at":"2026-04-10T15:11:48Z","topics":["cve-2026-39983","cwe-93","high","zebbern"],"owner":{"login":"zebbernCVE","html_url":"https://github.com/zebbernCVE"},"clone_url":"https://github.com/zebbernCVE/CVE-2026-39983.git"}]},{"cve_id":"CVE-2026-39987","repositories":[{"id":1221379929,"name":"CVE-2026-39987-lab-or-marimo-cve-lab","full_name":"Dhiaelhak-Rached/CVE-2026-39987-lab-or-marimo-cve-lab","html_url":"https://github.com/Dhiaelhak-Rached/CVE-2026-39987-lab-or-marimo-cve-lab","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-26T05:57:47Z","pushed_at":"2026-04-26T05:57:44Z","created_at":"2026-04-26T05:54:04Z","topics":[],"owner":{"login":"Dhiaelhak-Rached","html_url":"https://github.com/Dhiaelhak-Rached"},"clone_url":"https://github.com/Dhiaelhak-Rached/CVE-2026-39987-lab-or-marimo-cve-lab.git"},{"id":1221025893,"name":"CVE-2026-39987","full_name":"h3raklez/CVE-2026-39987","html_url":"https://github.com/h3raklez/CVE-2026-39987","description":"Marimo Pre-Auth RCE","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-25T16:53:09Z","pushed_at":"2026-04-25T16:53:05Z","created_at":"2026-04-25T16:50:34Z","topics":[],"owner":{"login":"h3raklez","html_url":"https://github.com/h3raklez"},"clone_url":"https://github.com/h3raklez/CVE-2026-39987.git"},{"id":1214164588,"name":"CVE-2026-39987","full_name":"Nxploited/CVE-2026-39987","html_url":"https://github.com/Nxploited/CVE-2026-39987","description":"marimo is a reactive Python notebook. Prior to 0.23.0, Marimo has a Pre-Auth RCE vulnerability","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-18T07:51:08Z","pushed_at":"2026-04-18T07:51:05Z","created_at":"2026-04-18T07:46:43Z","topics":[],"owner":{"login":"Nxploited","html_url":"https://github.com/Nxploited"},"clone_url":"https://github.com/Nxploited/CVE-2026-39987.git"},{"id":1211261937,"name":"CVE-2026-39987","full_name":"keraattin/CVE-2026-39987","html_url":"https://github.com/keraattin/CVE-2026-39987","description":"CVE-2026-39987: Marimo Python Notebook Pre-Auth RCE (CVSS 9.3). Python \u0026 Nmap NSE detection scripts. Missing authentication on /terminal/ws WebSocket endpoint gives attackers a full PTY shell without any credentials. Exploited in the wild within 10 hours of disclosure. Fixed in Marimo 0.23.0.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-15T08:17:40Z","pushed_at":"2026-04-15T08:12:41Z","created_at":"2026-04-15T08:09:54Z","topics":["cve-2026-39987","cybersecurity","marimo","nmap-scripts","nse-scripts","pre-auth-rce","python-notebook","remote-code-execution","vulnerability-detection","websocket"],"owner":{"login":"keraattin","html_url":"https://github.com/keraattin"},"clone_url":"https://github.com/keraattin/CVE-2026-39987.git"},{"id":1209930346,"name":"CVE-2026-39987_exploit","full_name":"mki9/CVE-2026-39987_exploit","html_url":"https://github.com/mki9/CVE-2026-39987_exploit","description":"","stargazers_count":0,"forks_count":0,"language":"HTML","updated_at":"2026-04-14T01:23:08Z","pushed_at":"2026-04-14T01:23:04Z","created_at":"2026-04-13T23:34:47Z","topics":[],"owner":{"login":"mki9","html_url":"https://github.com/mki9"},"clone_url":"https://github.com/mki9/CVE-2026-39987_exploit.git"},{"id":1209724587,"name":"marimo_CVE-2026-39987_RCE_PoC","full_name":"fevar54/marimo_CVE-2026-39987_RCE_PoC","html_url":"https://github.com/fevar54/marimo_CVE-2026-39987_RCE_PoC","description":"CVE-2026-39987 - Marimo \u003c 0.23.0 Pre-Auth RCE (WebSocket) PoC de explotación - Conecta a /terminal/ws sin autenticación Author: Fevar54 Date: 2026-04-13 Severity: CRITICAL CVSS: 9.3","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-13T18:14:23Z","pushed_at":"2026-04-13T18:14:16Z","created_at":"2026-04-13T18:06:46Z","topics":[],"owner":{"login":"fevar54","html_url":"https://github.com/fevar54"},"clone_url":"https://github.com/fevar54/marimo_CVE-2026-39987_RCE_PoC.git"},{"id":1208872365,"name":"CVE-2026-39987","full_name":"0xBlackash/CVE-2026-39987","html_url":"https://github.com/0xBlackash/CVE-2026-39987","description":"CVE-2026-39987","stargazers_count":0,"forks_count":1,"language":"Python","updated_at":"2026-04-13T07:46:30Z","pushed_at":"2026-04-13T07:46:26Z","created_at":"2026-04-12T21:12:35Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-39987.git"}]},{"cve_id":"CVE-2026-40175","repositories":[{"id":1213076605,"name":"CVE-2026-40175-poc","full_name":"pjt3591oo/CVE-2026-40175-poc","html_url":"https://github.com/pjt3591oo/CVE-2026-40175-poc","description":"","stargazers_count":0,"forks_count":0,"language":"JavaScript","updated_at":"2026-04-17T03:36:09Z","pushed_at":"2026-04-17T03:36:06Z","created_at":"2026-04-17T02:46:15Z","topics":[],"owner":{"login":"pjt3591oo","html_url":"https://github.com/pjt3591oo"},"clone_url":"https://github.com/pjt3591oo/CVE-2026-40175-poc.git"},{"id":1210503378,"name":"axios-security-guide","full_name":"LeeKangHyun/axios-security-guide","html_url":"https://github.com/LeeKangHyun/axios-security-guide","description":"Axios CRLF Injection (CVE-2026-40175) 취약점 대응 가이드 및 fetch 기반 마이그레이션 분석","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-14T14:17:21Z","pushed_at":"2026-04-14T14:17:02Z","created_at":"2026-04-14T13:33:50Z","topics":[],"owner":{"login":"LeeKangHyun","html_url":"https://github.com/LeeKangHyun"},"clone_url":"https://github.com/LeeKangHyun/axios-security-guide.git"},{"id":1210134089,"name":"audit-axios","full_name":"surri/audit-axios","html_url":"https://github.com/surri/audit-axios","description":"Scan local repos for vulnerable axios versions (CVE-2026-40175) and patch interactively","stargazers_count":0,"forks_count":0,"language":"JavaScript","updated_at":"2026-04-16T12:51:49Z","pushed_at":"2026-04-14T07:00:16Z","created_at":"2026-04-14T05:51:04Z","topics":[],"owner":{"login":"surri","html_url":"https://github.com/surri"},"clone_url":"https://github.com/surri/audit-axios.git"},{"id":1208462441,"name":"CVE-2026-40175","full_name":"0xBlackash/CVE-2026-40175","html_url":"https://github.com/0xBlackash/CVE-2026-40175","description":"CVE-2026-40175","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-12T10:24:39Z","pushed_at":"2026-04-12T10:24:33Z","created_at":"2026-04-12T10:12:30Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-40175.git"}]},{"cve_id":"CVE-2026-40176","repositories":[{"id":1212098201,"name":"composer-CVE-2026-40261-CVE-2026-40176-PoC","full_name":"terminat0r7031/composer-CVE-2026-40261-CVE-2026-40176-PoC","html_url":"https://github.com/terminat0r7031/composer-CVE-2026-40261-CVE-2026-40176-PoC","description":"","stargazers_count":2,"forks_count":0,"language":"","updated_at":"2026-04-17T09:41:13Z","pushed_at":"2026-04-16T05:41:29Z","created_at":"2026-04-16T04:00:23Z","topics":[],"owner":{"login":"terminat0r7031","html_url":"https://github.com/terminat0r7031"},"clone_url":"https://github.com/terminat0r7031/composer-CVE-2026-40261-CVE-2026-40176-PoC.git"},{"id":1212113925,"name":"CVE-2026-40176-poc","full_name":"Saku0512/CVE-2026-40176-poc","html_url":"https://github.com/Saku0512/CVE-2026-40176-poc","description":"","stargazers_count":2,"forks_count":0,"language":"PHP","updated_at":"2026-04-16T05:41:11Z","pushed_at":"2026-04-16T04:40:36Z","created_at":"2026-04-16T04:29:29Z","topics":[],"owner":{"login":"Saku0512","html_url":"https://github.com/Saku0512"},"clone_url":"https://github.com/Saku0512/CVE-2026-40176-poc.git"},{"id":1213176471,"name":"cve-2026-40176-cve-2026-40261","full_name":"daptheHuman/cve-2026-40176-cve-2026-40261","html_url":"https://github.com/daptheHuman/cve-2026-40176-cve-2026-40261","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-17T05:53:59Z","pushed_at":"2026-04-17T05:53:55Z","created_at":"2026-04-17T05:48:33Z","topics":[],"owner":{"login":"daptheHuman","html_url":"https://github.com/daptheHuman"},"clone_url":"https://github.com/daptheHuman/cve-2026-40176-cve-2026-40261.git"}]},{"cve_id":"CVE-2026-40261","repositories":[{"id":1212098201,"name":"composer-CVE-2026-40261-CVE-2026-40176-PoC","full_name":"terminat0r7031/composer-CVE-2026-40261-CVE-2026-40176-PoC","html_url":"https://github.com/terminat0r7031/composer-CVE-2026-40261-CVE-2026-40176-PoC","description":"","stargazers_count":2,"forks_count":0,"language":"","updated_at":"2026-04-17T09:41:13Z","pushed_at":"2026-04-16T05:41:29Z","created_at":"2026-04-16T04:00:23Z","topics":[],"owner":{"login":"terminat0r7031","html_url":"https://github.com/terminat0r7031"},"clone_url":"https://github.com/terminat0r7031/composer-CVE-2026-40261-CVE-2026-40176-PoC.git"},{"id":1213176471,"name":"cve-2026-40176-cve-2026-40261","full_name":"daptheHuman/cve-2026-40176-cve-2026-40261","html_url":"https://github.com/daptheHuman/cve-2026-40176-cve-2026-40261","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-17T05:53:59Z","pushed_at":"2026-04-17T05:53:55Z","created_at":"2026-04-17T05:48:33Z","topics":[],"owner":{"login":"daptheHuman","html_url":"https://github.com/daptheHuman"},"clone_url":"https://github.com/daptheHuman/cve-2026-40176-cve-2026-40261.git"}]},{"cve_id":"CVE-2026-40473","repositories":[{"id":1222810249,"name":"apache-camel","full_name":"dinosn/apache-camel","html_url":"https://github.com/dinosn/apache-camel","description":"Apache Camel 4.18.0 — CVE Security Assessment: 3 critical vulnerabilities with working PoC exploits (CVE-2026-33453, CVE-2026-40473, CVE-2026-40858)","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-27T18:26:34Z","pushed_at":"2026-04-27T18:26:29Z","created_at":"2026-04-27T18:21:34Z","topics":[],"owner":{"login":"dinosn","html_url":"https://github.com/dinosn"},"clone_url":"https://github.com/dinosn/apache-camel.git"}]},{"cve_id":"CVE-2026-40487","repositories":[{"id":1211473632,"name":"CVE-2026-40487","full_name":"Astaruf/CVE-2026-40487","html_url":"https://github.com/Astaruf/CVE-2026-40487","description":"CVE-2026-40487 - Postiz \u003c= 2.21.5 - Arbitrary File Upload via MIME-Type Spoofing → Stored XSS → Account Takeover","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-22T19:37:27Z","pushed_at":"2026-04-22T19:37:23Z","created_at":"2026-04-15T12:33:58Z","topics":["account-takeover","cve","cve-2026-40487","exploit","file-upload","mime-spoofing","poc","postiz","security","stored-xss","vulnerability","xss"],"owner":{"login":"Astaruf","html_url":"https://github.com/Astaruf"},"clone_url":"https://github.com/Astaruf/CVE-2026-40487.git"}]},{"cve_id":"CVE-2026-40579","repositories":[{"id":1211413577,"name":"CVE-2026-40579","full_name":"zebbernCVE/CVE-2026-40579","html_url":"https://github.com/zebbernCVE/CVE-2026-40579","description":"Advisory for git-js ⌯⌲ 11 mill weekly downloads","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-15T11:27:15Z","pushed_at":"2026-04-15T11:23:05Z","created_at":"2026-04-15T11:19:04Z","topics":["cve-2026-40579","cwe-78","high","zebbern"],"owner":{"login":"zebbernCVE","html_url":"https://github.com/zebbernCVE"},"clone_url":"https://github.com/zebbernCVE/CVE-2026-40579.git"}]},{"cve_id":"CVE-2026-40858","repositories":[{"id":1222810249,"name":"apache-camel","full_name":"dinosn/apache-camel","html_url":"https://github.com/dinosn/apache-camel","description":"Apache Camel 4.18.0 — CVE Security Assessment: 3 critical vulnerabilities with working PoC exploits (CVE-2026-33453, CVE-2026-40473, CVE-2026-40858)","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-27T18:26:34Z","pushed_at":"2026-04-27T18:26:29Z","created_at":"2026-04-27T18:21:34Z","topics":[],"owner":{"login":"dinosn","html_url":"https://github.com/dinosn"},"clone_url":"https://github.com/dinosn/apache-camel.git"}]},{"cve_id":"CVE-2026-4092","repositories":[{"id":1181808098,"name":"CVE-2026-4092","full_name":"g0w6y/CVE-2026-4092","html_url":"https://github.com/g0w6y/CVE-2026-4092","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-21T16:22:52Z","pushed_at":"2026-03-21T16:22:49Z","created_at":"2026-03-14T16:48:55Z","topics":[],"owner":{"login":"g0w6y","html_url":"https://github.com/g0w6y"},"clone_url":"https://github.com/g0w6y/CVE-2026-4092.git"}]},{"cve_id":"CVE-2026-4106","repositories":[{"id":1208197473,"name":"CVE-2026-4106","full_name":"ef3tr/CVE-2026-4106","html_url":"https://github.com/ef3tr/CVE-2026-4106","description":"WordPress HTMega Unauthenticated PII Disclosure Exploit (CVE-2026-4106)","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-12T22:04:13Z","pushed_at":"2026-04-12T01:35:33Z","created_at":"2026-04-12T00:26:34Z","topics":[],"owner":{"login":"ef3tr","html_url":"https://github.com/ef3tr"},"clone_url":"https://github.com/ef3tr/CVE-2026-4106.git"}]},{"cve_id":"CVE-2026-4112","repositories":[{"id":1205212602,"name":"CVE-2026-4112","full_name":"Hann1bl3L3ct3r/CVE-2026-4112","html_url":"https://github.com/Hann1bl3L3ct3r/CVE-2026-4112","description":"Improper neutralization of special elements used in an SQL command (“SQL Injection”) in SonicWall SMA1000 series appliances allows a remote authenticated attacker with read-only administrator privileges to escalate privileges to primary administrator.","stargazers_count":1,"forks_count":1,"language":"Python","updated_at":"2026-04-09T11:28:03Z","pushed_at":"2026-04-08T18:47:38Z","created_at":"2026-04-08T18:41:15Z","topics":[],"owner":{"login":"Hann1bl3L3ct3r","html_url":"https://github.com/Hann1bl3L3ct3r"},"clone_url":"https://github.com/Hann1bl3L3ct3r/CVE-2026-4112.git"}]},{"cve_id":"CVE-2026-41177","repositories":[{"id":1221164484,"name":"CVE-2026-41177-Squidex-CMS","full_name":"TurkiOS/CVE-2026-41177-Squidex-CMS","html_url":"https://github.com/TurkiOS/CVE-2026-41177-Squidex-CMS","description":"CVE-2026-41177, a Blind SSRF vulnerability in Squidex CMS (prior to v7.23.0). Includes root cause analysis, reproduction steps, and impact assessment regarding Local File Interaction (LFI).","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-25T20:57:18Z","pushed_at":"2026-04-25T20:57:14Z","created_at":"2026-04-25T20:50:18Z","topics":[],"owner":{"login":"TurkiOS","html_url":"https://github.com/TurkiOS"},"clone_url":"https://github.com/TurkiOS/CVE-2026-41177-Squidex-CMS.git"}]},{"cve_id":"CVE-2026-41242","repositories":[{"id":1221765317,"name":"CVE-2026-41242","full_name":"4chech/CVE-2026-41242","html_url":"https://github.com/4chech/CVE-2026-41242","description":"some simple node.js web app with PoC code for CVE-2026-41242","stargazers_count":0,"forks_count":0,"language":"JavaScript","updated_at":"2026-04-26T16:49:29Z","pushed_at":"2026-04-26T16:49:26Z","created_at":"2026-04-26T16:48:56Z","topics":[],"owner":{"login":"4chech","html_url":"https://github.com/4chech"},"clone_url":"https://github.com/4chech/CVE-2026-41242.git"}]},{"cve_id":"CVE-2026-41303","repositories":[{"id":1219434608,"name":"CVE-2026-41303","full_name":"kaleth4/CVE-2026-41303","html_url":"https://github.com/kaleth4/CVE-2026-41303","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-23T21:53:38Z","pushed_at":"2026-04-23T21:53:34Z","created_at":"2026-04-23T21:52:41Z","topics":[],"owner":{"login":"kaleth4","html_url":"https://github.com/kaleth4"},"clone_url":"https://github.com/kaleth4/CVE-2026-41303.git"}]},{"cve_id":"CVE-2026-41462","repositories":[{"id":1223993963,"name":"CVE-2026-41462","full_name":"0xBlackash/CVE-2026-41462","html_url":"https://github.com/0xBlackash/CVE-2026-41462","description":"CVE-2026-41462","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-28T21:38:32Z","pushed_at":"2026-04-28T21:38:28Z","created_at":"2026-04-28T21:23:32Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-41462.git"}]},{"cve_id":"CVE-2026-41575","repositories":[{"id":1218236232,"name":"CVE-2026-41575","full_name":"krraze/CVE-2026-41575","html_url":"https://github.com/krraze/CVE-2026-41575","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-27T08:30:58Z","pushed_at":"2026-04-27T08:30:53Z","created_at":"2026-04-22T17:09:53Z","topics":[],"owner":{"login":"krraze","html_url":"https://github.com/krraze"},"clone_url":"https://github.com/krraze/CVE-2026-41575.git"}]},{"cve_id":"CVE-2026-41651","repositories":[{"id":1218830559,"name":"CVE-2026-41651","full_name":"Vozec/CVE-2026-41651","html_url":"https://github.com/Vozec/CVE-2026-41651","description":"","stargazers_count":64,"forks_count":16,"language":"C","updated_at":"2026-04-29T12:16:48Z","pushed_at":"2026-04-23T13:55:33Z","created_at":"2026-04-23T08:57:29Z","topics":[],"owner":{"login":"Vozec","html_url":"https://github.com/Vozec"},"clone_url":"https://github.com/Vozec/CVE-2026-41651.git"},{"id":1219474755,"name":"CVE-2026-41651","full_name":"CipherCloak/CVE-2026-41651","html_url":"https://github.com/CipherCloak/CVE-2026-41651","description":"","stargazers_count":26,"forks_count":1,"language":"C","updated_at":"2026-04-28T12:37:46Z","pushed_at":"2026-04-24T03:08:33Z","created_at":"2026-04-23T23:11:39Z","topics":[],"owner":{"login":"CipherCloak","html_url":"https://github.com/CipherCloak"},"clone_url":"https://github.com/CipherCloak/CVE-2026-41651.git"},{"id":1219765035,"name":"CVE-2026-41651","full_name":"0xBlackash/CVE-2026-41651","html_url":"https://github.com/0xBlackash/CVE-2026-41651","description":"CVE-2026-41651","stargazers_count":4,"forks_count":0,"language":"Python","updated_at":"2026-04-28T08:43:03Z","pushed_at":"2026-04-25T20:57:39Z","created_at":"2026-04-24T07:39:17Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-41651.git"},{"id":1220562880,"name":"pack2theroot-lab","full_name":"dinosn/pack2theroot-lab","html_url":"https://github.com/dinosn/pack2theroot-lab","description":"CTF-style Docker lab for CVE-2026-41651 (Pack2TheRoot): PackageKit permissive-polkit local privilege escalation","stargazers_count":4,"forks_count":2,"language":"Shell","updated_at":"2026-04-25T15:13:54Z","pushed_at":"2026-04-25T04:05:36Z","created_at":"2026-04-25T03:29:30Z","topics":[],"owner":{"login":"dinosn","html_url":"https://github.com/dinosn"},"clone_url":"https://github.com/dinosn/pack2theroot-lab.git"},{"id":1219898631,"name":"CVE-2026-41651","full_name":"baph00met/CVE-2026-41651","html_url":"https://github.com/baph00met/CVE-2026-41651","description":"CVE-2026-41651 — PackageKit TOCTOU LPE","stargazers_count":3,"forks_count":1,"language":"Python","updated_at":"2026-04-25T11:52:31Z","pushed_at":"2026-04-25T11:52:28Z","created_at":"2026-04-24T10:32:42Z","topics":[],"owner":{"login":"baph00met","html_url":"https://github.com/baph00met"},"clone_url":"https://github.com/baph00met/CVE-2026-41651.git"}]},{"cve_id":"CVE-2026-41653","repositories":[{"id":1220039364,"name":"CVE-2026-41653","full_name":"Astaruf/CVE-2026-41653","html_url":"https://github.com/Astaruf/CVE-2026-41653","description":"CVE-2026-41653 - BentoPDF \u003c= 2.8.1 - Stored XSS → File Exfiltration","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-24T14:56:25Z","pushed_at":"2026-04-24T14:56:21Z","created_at":"2026-04-24T13:34:26Z","topics":[],"owner":{"login":"Astaruf","html_url":"https://github.com/Astaruf"},"clone_url":"https://github.com/Astaruf/CVE-2026-41653.git"}]},{"cve_id":"CVE-2026-41679","repositories":[{"id":1219802079,"name":"cve-2026-41679","full_name":"bartfroklage/cve-2026-41679","html_url":"https://github.com/bartfroklage/cve-2026-41679","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-25T08:23:29Z","pushed_at":"2026-04-25T08:23:25Z","created_at":"2026-04-24T08:27:29Z","topics":[],"owner":{"login":"bartfroklage","html_url":"https://github.com/bartfroklage"},"clone_url":"https://github.com/bartfroklage/cve-2026-41679.git"}]},{"cve_id":"CVE-2026-42167","repositories":[{"id":1223664453,"name":"proftpd-CVE-2026-42167-poc","full_name":"ZeroPathAI/proftpd-CVE-2026-42167-poc","html_url":"https://github.com/ZeroPathAI/proftpd-CVE-2026-42167-poc","description":"POCs to demonstrate CVE-2026-42167 in ProFTPD","stargazers_count":4,"forks_count":1,"language":"Python","updated_at":"2026-04-29T12:52:34Z","pushed_at":"2026-04-28T22:20:12Z","created_at":"2026-04-28T14:35:46Z","topics":[],"owner":{"login":"ZeroPathAI","html_url":"https://github.com/ZeroPathAI"},"clone_url":"https://github.com/ZeroPathAI/proftpd-CVE-2026-42167-poc.git"},{"id":1224312813,"name":"proftpd-CVE-2026-42167-analysis","full_name":"dinosn/proftpd-CVE-2026-42167-analysis","html_url":"https://github.com/dinosn/proftpd-CVE-2026-42167-analysis","description":"Independent reproduction, code-level root-cause analysis, and realistic-exposure write-up for CVE-2026-42167 (ProFTPD mod_sql is_escaped_text() bypass).","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-29T11:48:03Z","pushed_at":"2026-04-29T06:52:38Z","created_at":"2026-04-29T06:52:34Z","topics":[],"owner":{"login":"dinosn","html_url":"https://github.com/dinosn"},"clone_url":"https://github.com/dinosn/proftpd-CVE-2026-42167-analysis.git"}]},{"cve_id":"CVE-2026-42208","repositories":[{"id":1223794703,"name":"CVE-2026-42208_lab","full_name":"imjdl/CVE-2026-42208_lab","html_url":"https://github.com/imjdl/CVE-2026-42208_lab","description":"CVE-2026-42208 lab","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-29T13:57:40Z","pushed_at":"2026-04-28T17:12:30Z","created_at":"2026-04-28T16:57:53Z","topics":[],"owner":{"login":"imjdl","html_url":"https://github.com/imjdl"},"clone_url":"https://github.com/imjdl/CVE-2026-42208_lab.git"}]},{"cve_id":"CVE-2026-4257","repositories":[{"id":1201649208,"name":"cve-2026-4257","full_name":"bootstrapbool/cve-2026-4257","html_url":"https://github.com/bootstrapbool/cve-2026-4257","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-15T22:57:33Z","pushed_at":"2026-04-15T22:57:29Z","created_at":"2026-04-05T00:52:39Z","topics":[],"owner":{"login":"bootstrapbool","html_url":"https://github.com/bootstrapbool"},"clone_url":"https://github.com/bootstrapbool/cve-2026-4257.git"}]},{"cve_id":"CVE-2026-4342","repositories":[{"id":1187257415,"name":"CVE-2026-4342","full_name":"stuartMoorhouse/CVE-2026-4342","html_url":"https://github.com/stuartMoorhouse/CVE-2026-4342","description":"","stargazers_count":2,"forks_count":1,"language":"Shell","updated_at":"2026-04-08T11:25:33Z","pushed_at":"2026-03-20T14:19:27Z","created_at":"2026-03-20T14:17:41Z","topics":[],"owner":{"login":"stuartMoorhouse","html_url":"https://github.com/stuartMoorhouse"},"clone_url":"https://github.com/stuartMoorhouse/CVE-2026-4342.git"}]},{"cve_id":"CVE-2026-4350","repositories":[{"id":1207502087,"name":"CVE-2026-4350","full_name":"whyiamsobusy/CVE-2026-4350","html_url":"https://github.com/whyiamsobusy/CVE-2026-4350","description":"CVE-2026-4350 - Perfmatters WordPress Arbitrary File Deletion","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-11T02:51:52Z","pushed_at":"2026-04-11T02:51:46Z","created_at":"2026-04-11T02:46:23Z","topics":[],"owner":{"login":"whyiamsobusy","html_url":"https://github.com/whyiamsobusy"},"clone_url":"https://github.com/whyiamsobusy/CVE-2026-4350.git"}]},{"cve_id":"CVE-2026-4406","repositories":[{"id":1204038150,"name":"CVE-2026-4406","full_name":"Hann1bl3L3ct3r/CVE-2026-4406","html_url":"https://github.com/Hann1bl3L3ct3r/CVE-2026-4406","description":"The Gravity Forms plugin for WordPress (tested through version 2.9.28) is vulnerable to unauthenticated reflected cross-site scripting (XSS) via the `form_ids` parameter in the `gform_get_config` AJAX action.","stargazers_count":0,"forks_count":1,"language":"HTML","updated_at":"2026-04-08T18:57:07Z","pushed_at":"2026-04-08T18:57:03Z","created_at":"2026-04-07T16:22:20Z","topics":[],"owner":{"login":"Hann1bl3L3ct3r","html_url":"https://github.com/Hann1bl3L3ct3r"},"clone_url":"https://github.com/Hann1bl3L3ct3r/CVE-2026-4406.git"}]},{"cve_id":"CVE-2026-4447","repositories":[{"id":1214857172,"name":"CVE-2026-4447","full_name":"NetVanguard-cmd/CVE-2026-4447","html_url":"https://github.com/NetVanguard-cmd/CVE-2026-4447","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-19T06:22:06Z","pushed_at":"2026-04-19T06:22:05Z","created_at":"2026-04-19T06:22:02Z","topics":[],"owner":{"login":"NetVanguard-cmd","html_url":"https://github.com/NetVanguard-cmd"},"clone_url":"https://github.com/NetVanguard-cmd/CVE-2026-4447.git"}]},{"cve_id":"CVE-2026-4484","repositories":[{"id":1216175970,"name":"PEGASUS-CVE-2026-4484","full_name":"PegasusMetaSec/PEGASUS-CVE-2026-4484","html_url":"https://github.com/PegasusMetaSec/PEGASUS-CVE-2026-4484","description":"","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-04-20T17:34:04Z","pushed_at":"2026-04-20T16:38:07Z","created_at":"2026-04-20T16:38:06Z","topics":[],"owner":{"login":"PegasusMetaSec","html_url":"https://github.com/PegasusMetaSec"},"clone_url":"https://github.com/PegasusMetaSec/PEGASUS-CVE-2026-4484.git"},{"id":1214211817,"name":"CVE-2026-4484","full_name":"Nxploited/CVE-2026-4484","html_url":"https://github.com/Nxploited/CVE-2026-4484","description":"Masteriyo LMS \u003c= 2.1.6 - Missing Authorization to Authenticated (Student+) Privilege Escalation to Administrator","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-18T09:07:12Z","pushed_at":"2026-04-18T09:07:08Z","created_at":"2026-04-18T09:05:55Z","topics":[],"owner":{"login":"Nxploited","html_url":"https://github.com/Nxploited"},"clone_url":"https://github.com/Nxploited/CVE-2026-4484.git"}]},{"cve_id":"CVE-2026-4631","repositories":[{"id":1214621506,"name":"CVE-2026-4631-cockpit-RCE","full_name":"cyberheartmi9/CVE-2026-4631-cockpit-RCE","html_url":"https://github.com/cyberheartmi9/CVE-2026-4631-cockpit-RCE","description":"Cockpit: Unauthenticated Remote Code Execution via SSH Command-Line Argument Injection","stargazers_count":8,"forks_count":3,"language":"Python","updated_at":"2026-04-28T15:19:46Z","pushed_at":"2026-04-18T22:04:47Z","created_at":"2026-04-18T20:30:02Z","topics":[],"owner":{"login":"cyberheartmi9","html_url":"https://github.com/cyberheartmi9"},"clone_url":"https://github.com/cyberheartmi9/CVE-2026-4631-cockpit-RCE.git"}]},{"cve_id":"CVE-2026-4660","repositories":[{"id":1207321921,"name":"CVE-2026-4660-PoC","full_name":"gouldnicholas/CVE-2026-4660-PoC","html_url":"https://github.com/gouldnicholas/CVE-2026-4660-PoC","description":"PoC for CVE-2026-4660: arbitrary file read via git checkout in hashicorp/go-getter","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-04-10T20:16:44Z","pushed_at":"2026-04-10T20:16:37Z","created_at":"2026-04-10T20:15:25Z","topics":[],"owner":{"login":"gouldnicholas","html_url":"https://github.com/gouldnicholas"},"clone_url":"https://github.com/gouldnicholas/CVE-2026-4660-PoC.git"}]},{"cve_id":"CVE-2026-4747","repositories":[{"id":1206545234,"name":"CVE-2026-4747-","full_name":"kaleth4/CVE-2026-4747-","html_url":"https://github.com/kaleth4/CVE-2026-4747-","description":"","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-28T23:04:39Z","pushed_at":"2026-04-10T02:46:44Z","created_at":"2026-04-10T02:45:41Z","topics":[],"owner":{"login":"kaleth4","html_url":"https://github.com/kaleth4"},"clone_url":"https://github.com/kaleth4/CVE-2026-4747-.git"},{"id":1205561488,"name":"CVE-2026-4747","full_name":"kaleth4/CVE-2026-4747","html_url":"https://github.com/kaleth4/CVE-2026-4747","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-09T04:32:26Z","pushed_at":"2026-04-09T04:32:18Z","created_at":"2026-04-09T04:31:30Z","topics":[],"owner":{"login":"kaleth4","html_url":"https://github.com/kaleth4"},"clone_url":"https://github.com/kaleth4/CVE-2026-4747.git"}]},{"cve_id":"CVE-2026-4800","repositories":[{"id":1197920379,"name":"CVE-2026-4800-POC","full_name":"threalwinky/CVE-2026-4800-POC","html_url":"https://github.com/threalwinky/CVE-2026-4800-POC","description":"","stargazers_count":2,"forks_count":0,"language":"JavaScript","updated_at":"2026-04-02T10:45:05Z","pushed_at":"2026-04-01T01:47:08Z","created_at":"2026-04-01T01:45:10Z","topics":[],"owner":{"login":"threalwinky","html_url":"https://github.com/threalwinky"},"clone_url":"https://github.com/threalwinky/CVE-2026-4800-POC.git"},{"id":1203884910,"name":"next-rep-CVE-2026-4800","full_name":"SvenLie/next-rep-CVE-2026-4800","html_url":"https://github.com/SvenLie/next-rep-CVE-2026-4800","description":"","stargazers_count":0,"forks_count":0,"language":"TypeScript","updated_at":"2026-04-07T13:39:19Z","pushed_at":"2026-04-07T13:39:12Z","created_at":"2026-04-07T13:30:51Z","topics":[],"owner":{"login":"SvenLie","html_url":"https://github.com/SvenLie"},"clone_url":"https://github.com/SvenLie/next-rep-CVE-2026-4800.git"}]},{"cve_id":"CVE-2026-4821","repositories":[{"id":1162491513,"name":"demo-cve-2026-4821","full_name":"openexecution-coder/demo-cve-2026-4821","html_url":"https://github.com/openexecution-coder/demo-cve-2026-4821","description":"AIエージェントCVE修復 + OpenExecutionプロベナンス","stargazers_count":0,"forks_count":0,"language":"JavaScript","updated_at":"2026-02-20T10:28:14Z","pushed_at":"2026-02-20T10:28:13Z","created_at":"2026-02-20T10:26:32Z","topics":[],"owner":{"login":"openexecution-coder","html_url":"https://github.com/openexecution-coder"},"clone_url":"https://github.com/openexecution-coder/demo-cve-2026-4821.git"}]},{"cve_id":"CVE-2026-5000","repositories":[{"id":1086414033,"name":"CVE-2026-5000","full_name":"Perl-Code/CVE-2026-5000","html_url":"https://github.com/Perl-Code/CVE-2026-5000","description":"This is for Windows defender bypass","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2025-11-09T08:12:11Z","pushed_at":"2025-11-09T08:12:08Z","created_at":"2025-10-30T11:41:22Z","topics":[],"owner":{"login":"Perl-Code","html_url":"https://github.com/Perl-Code"},"clone_url":"https://github.com/Perl-Code/CVE-2026-5000.git"}]},{"cve_id":"CVE-2026-5027","repositories":[{"id":1199433639,"name":"CVE-2026-5027","full_name":"yahiahamza/CVE-2026-5027","html_url":"https://github.com/yahiahamza/CVE-2026-5027","description":"CVE-2026-5027 - Langflow Path Traversal to Remote Code Execution (CVSS 8.8)","stargazers_count":4,"forks_count":2,"language":"Python","updated_at":"2026-04-13T07:15:24Z","pushed_at":"2026-04-02T10:49:28Z","created_at":"2026-04-02T10:46:45Z","topics":[],"owner":{"login":"yahiahamza","html_url":"https://github.com/yahiahamza"},"clone_url":"https://github.com/yahiahamza/CVE-2026-5027.git"},{"id":1200371719,"name":"CVE-2026-5027","full_name":"EQSTLab/CVE-2026-5027","html_url":"https://github.com/EQSTLab/CVE-2026-5027","description":"Langflow, Remote Code Execution (RCE) via Cron Job Injection through Path Traversal","stargazers_count":3,"forks_count":0,"language":"Python","updated_at":"2026-04-24T06:53:23Z","pushed_at":"2026-04-24T06:53:20Z","created_at":"2026-04-03T10:34:51Z","topics":[],"owner":{"login":"EQSTLab","html_url":"https://github.com/EQSTLab"},"clone_url":"https://github.com/EQSTLab/CVE-2026-5027.git"},{"id":1200645197,"name":"CVE-2026-5027","full_name":"0xBlackash/CVE-2026-5027","html_url":"https://github.com/0xBlackash/CVE-2026-5027","description":"CVE-2026-5027","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-03T17:07:37Z","pushed_at":"2026-04-03T17:07:29Z","created_at":"2026-04-03T16:56:21Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-5027.git"},{"id":1200340486,"name":"CVE-2026-5027","full_name":"min8282/CVE-2026-5027","html_url":"https://github.com/min8282/CVE-2026-5027","description":"Langflow, Remote Code Execution (RCE) via Cron Job Injection through Path Traversal (CVE-2026-5027)","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-03T12:07:23Z","pushed_at":"2026-04-03T12:07:19Z","created_at":"2026-04-03T09:48:58Z","topics":[],"owner":{"login":"min8282","html_url":"https://github.com/min8282"},"clone_url":"https://github.com/min8282/CVE-2026-5027.git"}]},{"cve_id":"CVE-2026-5059","repositories":[{"id":1212408201,"name":"CVE-2026-5059-poc","full_name":"venom203020/CVE-2026-5059-poc","html_url":"https://github.com/venom203020/CVE-2026-5059-poc","description":"poc CVE-2026-5059 in aws-mcp-server","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-16T11:00:13Z","pushed_at":"2026-04-16T11:00:09Z","created_at":"2026-04-16T10:52:43Z","topics":[],"owner":{"login":"venom203020","html_url":"https://github.com/venom203020"},"clone_url":"https://github.com/venom203020/CVE-2026-5059-poc.git"}]},{"cve_id":"CVE-2026-5147","repositories":[{"id":1200170505,"name":"cve-2026-5147-exp","full_name":"lan1oc/cve-2026-5147-exp","html_url":"https://github.com/lan1oc/cve-2026-5147-exp","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-03T05:39:00Z","pushed_at":"2026-04-03T05:38:56Z","created_at":"2026-04-03T05:36:23Z","topics":[],"owner":{"login":"lan1oc","html_url":"https://github.com/lan1oc"},"clone_url":"https://github.com/lan1oc/cve-2026-5147-exp.git"}]},{"cve_id":"CVE-2026-5173","repositories":[{"id":1205730725,"name":"CVE-2026-5173","full_name":"0xBlackash/CVE-2026-5173","html_url":"https://github.com/0xBlackash/CVE-2026-5173","description":"CVE-2026-5173","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-09T08:37:56Z","pushed_at":"2026-04-09T08:37:52Z","created_at":"2026-04-09T08:24:32Z","topics":[],"owner":{"login":"0xBlackash","html_url":"https://github.com/0xBlackash"},"clone_url":"https://github.com/0xBlackash/CVE-2026-5173.git"}]},{"cve_id":"CVE-2026-5194","repositories":[{"id":1214860922,"name":"CVE-2026-5194","full_name":"jenniferreire26/CVE-2026-5194","html_url":"https://github.com/jenniferreire26/CVE-2026-5194","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-19T06:30:17Z","pushed_at":"2026-04-19T06:30:13Z","created_at":"2026-04-19T06:30:05Z","topics":[],"owner":{"login":"jenniferreire26","html_url":"https://github.com/jenniferreire26"},"clone_url":"https://github.com/jenniferreire26/CVE-2026-5194.git"}]},{"cve_id":"CVE-2026-5201","repositories":[{"id":1198457756,"name":"CVE-2026-5201","full_name":"kagancapar/CVE-2026-5201","html_url":"https://github.com/kagancapar/CVE-2026-5201","description":"CVE-2026-5201: Heap-based buffer overflow in gdk-pixbuf JPEG loader (CWE-122, CVSS 7.5)","stargazers_count":12,"forks_count":4,"language":"C","updated_at":"2026-04-23T13:49:12Z","pushed_at":"2026-04-01T14:31:09Z","created_at":"2026-04-01T12:51:19Z","topics":[],"owner":{"login":"kagancapar","html_url":"https://github.com/kagancapar"},"clone_url":"https://github.com/kagancapar/CVE-2026-5201.git"}]},{"cve_id":"CVE-2026-5252","repositories":[{"id":1161746859,"name":"CVE-2026-5252-CVE-POC-ivanti","full_name":"aydin5245/CVE-2026-5252-CVE-POC-ivanti","html_url":"https://github.com/aydin5245/CVE-2026-5252-CVE-POC-ivanti","description":"CVE-2026-5252 CVE POC ivantiiiiiiii","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-19T21:53:56Z","pushed_at":"2026-02-19T21:53:52Z","created_at":"2026-02-19T13:23:19Z","topics":[],"owner":{"login":"aydin5245","html_url":"https://github.com/aydin5245"},"clone_url":"https://github.com/aydin5245/CVE-2026-5252-CVE-POC-ivanti.git"}]},{"cve_id":"CVE-2026-5281","repositories":[{"id":1202767151,"name":"CVE-2026-5281","full_name":"TheMalwareGuardian/CVE-2026-5281","html_url":"https://github.com/TheMalwareGuardian/CVE-2026-5281","description":"CVE-2026-5281 (Chrome Dawn WebGPU UAF) analysis, lab validation tools, and reproducible environment for vulnerable vs patched builds.","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-07T18:25:27Z","pushed_at":"2026-04-07T18:24:14Z","created_at":"2026-04-06T11:30:06Z","topics":["browser-exploitation","cve-2026-5281","google-chrome"],"owner":{"login":"TheMalwareGuardian","html_url":"https://github.com/TheMalwareGuardian"},"clone_url":"https://github.com/TheMalwareGuardian/CVE-2026-5281.git"},{"id":1199030213,"name":"CVE-2026-5281-Research-Toolkit","full_name":"umair-aziz025/CVE-2026-5281-Research-Toolkit","html_url":"https://github.com/umair-aziz025/CVE-2026-5281-Research-Toolkit","description":"Chrome WebGPU Use-After-Free (CWE-416)  This toolkit is for security research and defensive verification around CVE-2026-5281. Patched Chrome version: 146.0.7680.178 Potentially vulnerable versions: anything below 146.0.7680.178","stargazers_count":1,"forks_count":2,"language":"Python","updated_at":"2026-04-09T03:18:36Z","pushed_at":"2026-04-02T03:45:14Z","created_at":"2026-04-02T01:51:28Z","topics":[],"owner":{"login":"umair-aziz025","html_url":"https://github.com/umair-aziz025"},"clone_url":"https://github.com/umair-aziz025/CVE-2026-5281-Research-Toolkit.git"}]},{"cve_id":"CVE-2026-5465","repositories":[{"id":1203910049,"name":"CVE-2026-5465","full_name":"kaleth4/CVE-2026-5465","html_url":"https://github.com/kaleth4/CVE-2026-5465","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-07T13:59:48Z","pushed_at":"2026-04-07T13:59:42Z","created_at":"2026-04-07T13:59:32Z","topics":[],"owner":{"login":"kaleth4","html_url":"https://github.com/kaleth4"},"clone_url":"https://github.com/kaleth4/CVE-2026-5465.git"}]},{"cve_id":"CVE-2026-5530","repositories":[{"id":1206581732,"name":"CVE-2026-5530","full_name":"davidrxchester/CVE-2026-5530","html_url":"https://github.com/davidrxchester/CVE-2026-5530","description":"POC for CVE-2026-5530 - SSRF via Ollama Pull/Push API","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-10T03:53:16Z","pushed_at":"2026-04-10T03:53:13Z","created_at":"2026-04-10T03:52:57Z","topics":[],"owner":{"login":"davidrxchester","html_url":"https://github.com/davidrxchester"},"clone_url":"https://github.com/davidrxchester/CVE-2026-5530.git"}]},{"cve_id":"CVE-2026-5760","repositories":[{"id":1199613234,"name":"SGLang-0.5.9-RCE","full_name":"Stuub/SGLang-0.5.9-RCE","html_url":"https://github.com/Stuub/SGLang-0.5.9-RCE","description":"Proof of Concept exploitation of CVE-2026-5760 - RCE in SGLang 0.5.9 via malicious GGUF","stargazers_count":6,"forks_count":2,"language":"Python","updated_at":"2026-04-25T20:49:01Z","pushed_at":"2026-04-20T14:38:12Z","created_at":"2026-04-02T14:24:03Z","topics":["cve","cve-2026-5760","sglang"],"owner":{"login":"Stuub","html_url":"https://github.com/Stuub"},"clone_url":"https://github.com/Stuub/SGLang-0.5.9-RCE.git"}]},{"cve_id":"CVE-2026-6018","repositories":[{"id":1218647306,"name":"CVE-2026-6018-9-Local-Privilege-Escalation-Chain","full_name":"m0r4a/CVE-2026-6018-9-Local-Privilege-Escalation-Chain","html_url":"https://github.com/m0r4a/CVE-2026-6018-9-Local-Privilege-Escalation-Chain","description":"","stargazers_count":1,"forks_count":1,"language":"C","updated_at":"2026-04-24T01:28:37Z","pushed_at":"2026-04-24T01:28:33Z","created_at":"2026-04-23T04:41:44Z","topics":[],"owner":{"login":"m0r4a","html_url":"https://github.com/m0r4a"},"clone_url":"https://github.com/m0r4a/CVE-2026-6018-9-Local-Privilege-Escalation-Chain.git"}]},{"cve_id":"CVE-2026-6042","repositories":[{"id":1210575998,"name":"CVE-2026-6042-PoC","full_name":"jensnesten/CVE-2026-6042-PoC","html_url":"https://github.com/jensnesten/CVE-2026-6042-PoC","description":"Proof of concept and end-to-end test of Algorithmic Complexity DoS in musl libc 0.8.0-1.2.6 assigned CVE-2026-6042","stargazers_count":0,"forks_count":0,"language":"C","updated_at":"2026-04-16T17:56:55Z","pushed_at":"2026-04-16T17:56:51Z","created_at":"2026-04-14T14:49:26Z","topics":["denial-of-service","gb18030","iconv","musl-libc"],"owner":{"login":"jensnesten","html_url":"https://github.com/jensnesten"},"clone_url":"https://github.com/jensnesten/CVE-2026-6042-PoC.git"}]},{"cve_id":"CVE-2026-6043","repositories":[{"id":1200072807,"name":"p4wned","full_name":"flyingllama87/p4wned","html_url":"https://github.com/flyingllama87/p4wned","description":"Perforce security research and tools - CVE-2026-6043","stargazers_count":0,"forks_count":0,"language":"JavaScript","updated_at":"2026-04-27T01:28:50Z","pushed_at":"2026-04-27T01:28:46Z","created_at":"2026-04-03T02:24:42Z","topics":["metasploit","nodejs","nuclei-templates","offsec","p4d","perforce","python3","scanner"],"owner":{"login":"flyingllama87","html_url":"https://github.com/flyingllama87"},"clone_url":"https://github.com/flyingllama87/p4wned.git"}]},{"cve_id":"CVE-2026-6111","repositories":[{"id":1174303567,"name":"CVE-2026-6111","full_name":"MonsterWsr-hub/CVE-2026-6111","html_url":"https://github.com/MonsterWsr-hub/CVE-2026-6111","description":"this is poc test job","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-09T01:54:15Z","pushed_at":"2026-03-09T01:22:08Z","created_at":"2026-03-06T09:39:02Z","topics":[],"owner":{"login":"MonsterWsr-hub","html_url":"https://github.com/MonsterWsr-hub"},"clone_url":"https://github.com/MonsterWsr-hub/CVE-2026-6111.git"}]},{"cve_id":"CVE-2026-6182","repositories":[{"id":1201634103,"name":"CVE-2026-6182-SQLI-auth","full_name":"Xmyronn/CVE-2026-6182-SQLI-auth","html_url":"https://github.com/Xmyronn/CVE-2026-6182-SQLI-auth","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-13T11:47:06Z","pushed_at":"2026-04-08T22:04:37Z","created_at":"2026-04-05T00:09:35Z","topics":[],"owner":{"login":"Xmyronn","html_url":"https://github.com/Xmyronn"},"clone_url":"https://github.com/Xmyronn/CVE-2026-6182-SQLI-auth.git"}]},{"cve_id":"CVE-2026-6183","repositories":[{"id":1201647740,"name":"CVE-2026-6183-SQLI","full_name":"Xmyronn/CVE-2026-6183-SQLI","html_url":"https://github.com/Xmyronn/CVE-2026-6183-SQLI","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-13T11:46:32Z","pushed_at":"2026-04-08T22:03:50Z","created_at":"2026-04-05T00:48:35Z","topics":[],"owner":{"login":"Xmyronn","html_url":"https://github.com/Xmyronn"},"clone_url":"https://github.com/Xmyronn/CVE-2026-6183-SQLI.git"}]},{"cve_id":"CVE-2026-6184","repositories":[{"id":1201655645,"name":"CVE-2026-6184-stored-XSS","full_name":"Xmyronn/CVE-2026-6184-stored-XSS","html_url":"https://github.com/Xmyronn/CVE-2026-6184-stored-XSS","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-13T11:45:35Z","pushed_at":"2026-04-08T22:02:58Z","created_at":"2026-04-05T01:10:35Z","topics":[],"owner":{"login":"Xmyronn","html_url":"https://github.com/Xmyronn"},"clone_url":"https://github.com/Xmyronn/CVE-2026-6184-stored-XSS.git"}]},{"cve_id":"CVE-2026-6201","repositories":[{"id":1202324850,"name":"CVE-2026-6201-IDOR","full_name":"Xmyronn/CVE-2026-6201-IDOR","html_url":"https://github.com/Xmyronn/CVE-2026-6201-IDOR","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-13T11:44:15Z","pushed_at":"2026-04-08T21:59:27Z","created_at":"2026-04-05T22:28:22Z","topics":[],"owner":{"login":"Xmyronn","html_url":"https://github.com/Xmyronn"},"clone_url":"https://github.com/Xmyronn/CVE-2026-6201-IDOR.git"}]},{"cve_id":"CVE-2026-6227","repositories":[{"id":1209635199,"name":"CVE-2026-6227","full_name":"Pixel-DefaultBR/CVE-2026-6227","html_url":"https://github.com/Pixel-DefaultBR/CVE-2026-6227","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-13T16:17:33Z","pushed_at":"2026-04-13T16:22:31Z","created_at":"2026-04-13T16:16:54Z","topics":[],"owner":{"login":"Pixel-DefaultBR","html_url":"https://github.com/Pixel-DefaultBR"},"clone_url":"https://github.com/Pixel-DefaultBR/CVE-2026-6227.git"}]},{"cve_id":"CVE-2026-6355","repositories":[{"id":1212007433,"name":"CVE-2026-6355","full_name":"Penguinsecq/CVE-2026-6355","html_url":"https://github.com/Penguinsecq/CVE-2026-6355","description":" Exploit PoC of CVE-2026-6356 ","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-27T04:05:12Z","pushed_at":"2026-04-27T04:05:08Z","created_at":"2026-04-16T01:13:08Z","topics":[],"owner":{"login":"Penguinsecq","html_url":"https://github.com/Penguinsecq"},"clone_url":"https://github.com/Penguinsecq/CVE-2026-6355.git"}]},{"cve_id":"CVE-2026-6356","repositories":[{"id":1212007433,"name":"CVE-2026-6355","full_name":"Penguinsecq/CVE-2026-6355","html_url":"https://github.com/Penguinsecq/CVE-2026-6355","description":" Exploit PoC of CVE-2026-6356 ","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-27T04:05:12Z","pushed_at":"2026-04-27T04:05:08Z","created_at":"2026-04-16T01:13:08Z","topics":[],"owner":{"login":"Penguinsecq","html_url":"https://github.com/Penguinsecq"},"clone_url":"https://github.com/Penguinsecq/CVE-2026-6355.git"},{"id":1214220956,"name":"CVE-2026-6356","full_name":"Penguinsecq/CVE-2026-6356","html_url":"https://github.com/Penguinsecq/CVE-2026-6356","description":"Exploit PoC of CVE-2026-6356","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-27T04:04:58Z","pushed_at":"2026-04-27T04:04:54Z","created_at":"2026-04-18T09:21:17Z","topics":[],"owner":{"login":"Penguinsecq","html_url":"https://github.com/Penguinsecq"},"clone_url":"https://github.com/Penguinsecq/CVE-2026-6356.git"}]},{"cve_id":"CVE-2026-6643","repositories":[{"id":1223141685,"name":"CVE-2026-6643","full_name":"mlgzackfly/CVE-2026-6643","html_url":"https://github.com/mlgzackfly/CVE-2026-6643","description":"ASUSTOR ADM 5.1.2 vpnupload.cgi Format String \u0026 Stack Buffer Overflow RCE (CVE-2026-6643)","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-28T03:52:31Z","pushed_at":"2026-04-28T03:51:05Z","created_at":"2026-04-28T03:34:54Z","topics":["cve-2026-6643","exploit"],"owner":{"login":"mlgzackfly","html_url":"https://github.com/mlgzackfly"},"clone_url":"https://github.com/mlgzackfly/CVE-2026-6643.git"}]},{"cve_id":"CVE-2026-6644","repositories":[{"id":1224119798,"name":"CVE-2026-6644","full_name":"uky007/CVE-2026-6644","html_url":"https://github.com/uky007/CVE-2026-6644","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-29T01:34:04Z","pushed_at":"2026-04-29T01:34:00Z","created_at":"2026-04-29T01:27:42Z","topics":[],"owner":{"login":"uky007","html_url":"https://github.com/uky007"},"clone_url":"https://github.com/uky007/CVE-2026-6644.git"}]},{"cve_id":"CVE-2026-666","repositories":[{"id":1135421347,"name":"CVE-2026-666","full_name":"adriangigliotti/CVE-2026-666","html_url":"https://github.com/adriangigliotti/CVE-2026-666","description":"CVE-2026-666 - ShadowWeb Framework Remote Code Execution Vulnerability","stargazers_count":1,"forks_count":1,"language":"","updated_at":"2026-03-12T08:26:16Z","pushed_at":"2026-01-16T04:33:19Z","created_at":"2026-01-16T04:26:36Z","topics":[],"owner":{"login":"adriangigliotti","html_url":"https://github.com/adriangigliotti"},"clone_url":"https://github.com/adriangigliotti/CVE-2026-666.git"}]},{"cve_id":"CVE-2026-6770","repositories":[{"id":1224021535,"name":"CVE-2026-6770","full_name":"nightcorefan94/CVE-2026-6770","html_url":"https://github.com/nightcorefan94/CVE-2026-6770","description":"CVE-2026-6770 PoC for Firefox/Tor","stargazers_count":0,"forks_count":0,"language":"HTML","updated_at":"2026-04-28T22:14:26Z","pushed_at":"2026-04-28T22:14:22Z","created_at":"2026-04-28T22:12:30Z","topics":[],"owner":{"login":"nightcorefan94","html_url":"https://github.com/nightcorefan94"},"clone_url":"https://github.com/nightcorefan94/CVE-2026-6770.git"}]},{"cve_id":"CVE-2026-6807","repositories":[{"id":1223909022,"name":"Grassmarlin-CVE-2026-6807-XXE-POC","full_name":"SecTestAnnaQuinn/Grassmarlin-CVE-2026-6807-XXE-POC","html_url":"https://github.com/SecTestAnnaQuinn/Grassmarlin-CVE-2026-6807-XXE-POC","description":"Reverse Engineered based on CISA disclosure of new CVE","stargazers_count":1,"forks_count":1,"language":"Python","updated_at":"2026-04-29T03:18:12Z","pushed_at":"2026-04-28T19:26:28Z","created_at":"2026-04-28T19:18:44Z","topics":[],"owner":{"login":"SecTestAnnaQuinn","html_url":"https://github.com/SecTestAnnaQuinn"},"clone_url":"https://github.com/SecTestAnnaQuinn/Grassmarlin-CVE-2026-6807-XXE-POC.git"}]},{"cve_id":"CVE-2026-6849","repositories":[{"id":1218337664,"name":"CVE-2026-6849","full_name":"osmancanvural/CVE-2026-6849","html_url":"https://github.com/osmancanvural/CVE-2026-6849","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-22T19:19:17Z","pushed_at":"2026-04-22T19:19:17Z","created_at":"2026-04-22T19:19:17Z","topics":[],"owner":{"login":"osmancanvural","html_url":"https://github.com/osmancanvural"},"clone_url":"https://github.com/osmancanvural/CVE-2026-6849.git"}]},{"cve_id":"CVE-2026-7028","repositories":[{"id":1202973314,"name":"CVE-2026-7028-SQLI","full_name":"Xmyronn/CVE-2026-7028-SQLI","html_url":"https://github.com/Xmyronn/CVE-2026-7028-SQLI","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-26T11:16:29Z","pushed_at":"2026-04-08T22:00:41Z","created_at":"2026-04-06T15:39:15Z","topics":[],"owner":{"login":"Xmyronn","html_url":"https://github.com/Xmyronn"},"clone_url":"https://github.com/Xmyronn/CVE-2026-7028-SQLI.git"}]},{"cve_id":"CVE-2026-7071","repositories":[{"id":1204274854,"name":"CVE-2026-7071-access-Control","full_name":"Xmyronn/CVE-2026-7071-access-Control","html_url":"https://github.com/Xmyronn/CVE-2026-7071-access-Control","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-26T11:16:03Z","pushed_at":"2026-04-08T21:55:58Z","created_at":"2026-04-07T21:24:33Z","topics":[],"owner":{"login":"Xmyronn","html_url":"https://github.com/Xmyronn"},"clone_url":"https://github.com/Xmyronn/CVE-2026-7071-access-Control.git"}]},{"cve_id":"CVE-2026-7089","repositories":[{"id":1205124213,"name":"CVE-2026-7089-XSS","full_name":"Xmyronn/CVE-2026-7089-XSS","html_url":"https://github.com/Xmyronn/CVE-2026-7089-XSS","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-26T11:15:14Z","pushed_at":"2026-04-08T17:09:22Z","created_at":"2026-04-08T16:54:15Z","topics":[],"owner":{"login":"Xmyronn","html_url":"https://github.com/Xmyronn"},"clone_url":"https://github.com/Xmyronn/CVE-2026-7089-XSS.git"}]},{"cve_id":"CVE-2026-7222","repositories":[{"id":1207145398,"name":"CVE-2026-7222-XSS","full_name":"Xmyronn/CVE-2026-7222-XSS","html_url":"https://github.com/Xmyronn/CVE-2026-7222-XSS","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-29T10:45:49Z","pushed_at":"2026-04-29T10:45:46Z","created_at":"2026-04-10T16:14:28Z","topics":[],"owner":{"login":"Xmyronn","html_url":"https://github.com/Xmyronn"},"clone_url":"https://github.com/Xmyronn/CVE-2026-7222-XSS.git"}]},{"cve_id":"CVE-2026-7229","repositories":[{"id":1207213226,"name":"CVE-2026-7229-SQLI","full_name":"Xmyronn/CVE-2026-7229-SQLI","html_url":"https://github.com/Xmyronn/CVE-2026-7229-SQLI","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-27T22:33:40Z","pushed_at":"2026-04-10T18:35:50Z","created_at":"2026-04-10T17:42:03Z","topics":[],"owner":{"login":"Xmyronn","html_url":"https://github.com/Xmyronn"},"clone_url":"https://github.com/Xmyronn/CVE-2026-7229-SQLI.git"}]},{"cve_id":"CVE-2026-7393","repositories":[{"id":1208514869,"name":"CVE-2026-7393-RCE","full_name":"Xmyronn/CVE-2026-7393-RCE","html_url":"https://github.com/Xmyronn/CVE-2026-7393-RCE","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-29T10:44:22Z","pushed_at":"2026-04-29T10:44:18Z","created_at":"2026-04-12T11:46:15Z","topics":[],"owner":{"login":"Xmyronn","html_url":"https://github.com/Xmyronn"},"clone_url":"https://github.com/Xmyronn/CVE-2026-7393-RCE.git"}]},{"cve_id":"CVE-2026-7394","repositories":[{"id":1207949795,"name":"CVE-2026-7394-SQLI","full_name":"Xmyronn/CVE-2026-7394-SQLI","html_url":"https://github.com/Xmyronn/CVE-2026-7394-SQLI","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-29T10:45:10Z","pushed_at":"2026-04-29T10:45:06Z","created_at":"2026-04-11T16:11:33Z","topics":[],"owner":{"login":"Xmyronn","html_url":"https://github.com/Xmyronn"},"clone_url":"https://github.com/Xmyronn/CVE-2026-7394-SQLI.git"}]},{"cve_id":"CVE-2026-7401","repositories":[{"id":1208889582,"name":"CVE-2026-7401-XSS","full_name":"Xmyronn/CVE-2026-7401-XSS","html_url":"https://github.com/Xmyronn/CVE-2026-7401-XSS","description":"","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-29T11:46:41Z","pushed_at":"2026-04-29T11:46:38Z","created_at":"2026-04-12T21:50:22Z","topics":[],"owner":{"login":"Xmyronn","html_url":"https://github.com/Xmyronn"},"clone_url":"https://github.com/Xmyronn/CVE-2026-7401-XSS.git"}]},{"cve_id":"CVE-2026-7731","repositories":[{"id":1146026533,"name":"CTT-Refraction-Vortex-CVE-2026-7731-","full_name":"SimoesCTT/CTT-Refraction-Vortex-CVE-2026-7731-","html_url":"https://github.com/SimoesCTT/CTT-Refraction-Vortex-CVE-2026-7731-","description":"Under CTT, we see it as a Temporal Synchronization Mismatch between the Identity Provider and the Service Provider. By injecting a pulse at the \\alpha=0.0302011 frequency, we don't bypass the signature—we Refract the Time Window so the signature validates against a future state.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-30T14:28:05Z","pushed_at":"2026-01-31T11:29:43Z","created_at":"2026-01-30T14:26:20Z","topics":[],"owner":{"login":"SimoesCTT","html_url":"https://github.com/SimoesCTT"},"clone_url":"https://github.com/SimoesCTT/CTT-Refraction-Vortex-CVE-2026-7731-.git"}]},{"cve_id":"OTHER-2026","repositories":[{"id":1187780287,"name":"CVE-2026-XNU-AIO-KEVENT-UAF","full_name":"crazymind90/CVE-2026-XNU-AIO-KEVENT-UAF","html_url":"https://github.com/crazymind90/CVE-2026-XNU-AIO-KEVENT-UAF","description":"XNU AIO kevent use-after-free — kernel panic from app sandbox on iOS 26.2 (no entitlements). Patched in iOS 26.3","stargazers_count":25,"forks_count":4,"language":"Objective-C","updated_at":"2026-04-28T11:47:10Z","pushed_at":"2026-03-21T06:37:13Z","created_at":"2026-03-21T06:35:12Z","topics":[],"owner":{"login":"crazymind90","html_url":"https://github.com/crazymind90"},"clone_url":"https://github.com/crazymind90/CVE-2026-XNU-AIO-KEVENT-UAF.git"},{"id":1038411205,"name":"cve2025-20265","full_name":"jordan922/cve2025-20265","html_url":"https://github.com/jordan922/cve2025-20265","description":"Safe Python script to detect Cisco FMC instances potentially vulnerable to CVE-2025-20265.  Uses official FMC API to check version, supports single/multi-target scanning, and includes  a harmless local PoC marker.","stargazers_count":4,"forks_count":3,"language":"Python","updated_at":"2025-09-08T17:31:40Z","pushed_at":"2025-08-15T06:42:29Z","created_at":"2025-08-15T06:35:01Z","topics":[],"owner":{"login":"jordan922","html_url":"https://github.com/jordan922"},"clone_url":"https://github.com/jordan922/cve2025-20265.git"},{"id":1206998552,"name":"CVE-2026-APK","full_name":"zax-universe/CVE-2026-APK","html_url":"https://github.com/zax-universe/CVE-2026-APK","description":"Cve Scanner Made using fluterr","stargazers_count":2,"forks_count":0,"language":"Dart","updated_at":"2026-04-11T07:18:37Z","pushed_at":"2026-04-10T13:30:04Z","created_at":"2026-04-10T13:20:26Z","topics":[],"owner":{"login":"zax-universe","html_url":"https://github.com/zax-universe"},"clone_url":"https://github.com/zax-universe/CVE-2026-APK.git"},{"id":1140136337,"name":"cve_2026_21962_scanner","full_name":"gglessner/cve_2026_21962_scanner","html_url":"https://github.com/gglessner/cve_2026_21962_scanner","description":"","stargazers_count":2,"forks_count":1,"language":"Python","updated_at":"2026-04-03T07:23:17Z","pushed_at":"2026-01-22T21:51:39Z","created_at":"2026-01-22T21:51:37Z","topics":[],"owner":{"login":"gglessner","html_url":"https://github.com/gglessner"},"clone_url":"https://github.com/gglessner/cve_2026_21962_scanner.git"},{"id":1223164497,"name":"bomdrift","full_name":"Metbcy/bomdrift","html_url":"https://github.com/Metbcy/bomdrift","description":"SBOM diff with supply-chain risk signals — flags new CVEs, typosquats, and young maintainers on changed deps. Built after axios (Mar 2026), Shai-Hulud, and xz.","stargazers_count":1,"forks_count":0,"language":"Rust","updated_at":"2026-04-29T07:56:26Z","pushed_at":"2026-04-29T08:04:08Z","created_at":"2026-04-28T04:15:32Z","topics":[],"owner":{"login":"Metbcy","html_url":"https://github.com/Metbcy"},"clone_url":"https://github.com/Metbcy/bomdrift.git"},{"id":1200355221,"name":"CVE-2026","full_name":"mystichackers/CVE-2026","html_url":"https://github.com/mystichackers/CVE-2026","description":"PoCs for CVEs discovered in 2026","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-04-13T12:04:12Z","pushed_at":"2026-04-03T10:16:02Z","created_at":"2026-04-03T10:09:51Z","topics":[],"owner":{"login":"mystichackers","html_url":"https://github.com/mystichackers"},"clone_url":"https://github.com/mystichackers/CVE-2026.git"},{"id":1198463623,"name":"plain-crypto-js-lab","full_name":"0xHackshat/plain-crypto-js-lab","html_url":"https://github.com/0xHackshat/plain-crypto-js-lab","description":"A local simulation lab for reproducing and analyzing the Axios npm supply chain attack (CVE-2026), including malicious dependency injection via plain-crypto-js, for security research and awareness.","stargazers_count":1,"forks_count":0,"language":"JavaScript","updated_at":"2026-04-15T08:38:19Z","pushed_at":"2026-04-01T13:41:45Z","created_at":"2026-04-01T12:57:40Z","topics":[],"owner":{"login":"0xHackshat","html_url":"https://github.com/0xHackshat"},"clone_url":"https://github.com/0xHackshat/plain-crypto-js-lab.git"},{"id":1168914129,"name":"Win10-Security-Patches","full_name":"Win10-Legacy-Shield/Win10-Security-Patches","html_url":"https://github.com/Win10-Legacy-Shield/Win10-Security-Patches","description":"Windows 10 reached its official End of Life (EoL). Today, in 2026, over 1 billion PCs remain without free security updates. This repository is dedicated to bridging that gap by providing transparent, community-verified mitigations for critical CVEs discovered after the support ended.","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-02-28T01:18:59Z","pushed_at":"2026-02-28T00:40:26Z","created_at":"2026-02-28T00:01:23Z","topics":[],"owner":{"login":"Win10-Legacy-Shield","html_url":"https://github.com/Win10-Legacy-Shield"},"clone_url":"https://github.com/Win10-Legacy-Shield/Win10-Security-Patches.git"},{"id":1164897539,"name":"CVE-2025-54100-BYPASS-","full_name":"R3lva/CVE-2025-54100-BYPASS-","html_url":"https://github.com/R3lva/CVE-2025-54100-BYPASS-","description":"CVE-2025-54100 POC \"simple\" Bypass Patch (working on 2026)","stargazers_count":1,"forks_count":0,"language":"Batchfile","updated_at":"2026-02-23T20:12:58Z","pushed_at":"2026-02-23T15:59:15Z","created_at":"2026-02-23T15:53:57Z","topics":[],"owner":{"login":"R3lva","html_url":"https://github.com/R3lva"},"clone_url":"https://github.com/R3lva/CVE-2025-54100-BYPASS-.git"},{"id":1154618984,"name":"cve-2026-oracle","full_name":"compfaculty/cve-2026-oracle","html_url":"https://github.com/compfaculty/cve-2026-oracle","description":"","stargazers_count":1,"forks_count":0,"language":"Go","updated_at":"2026-03-15T18:20:36Z","pushed_at":"2026-02-10T16:08:59Z","created_at":"2026-02-10T15:40:34Z","topics":[],"owner":{"login":"compfaculty","html_url":"https://github.com/compfaculty"},"clone_url":"https://github.com/compfaculty/cve-2026-oracle.git"},{"id":1139171603,"name":"hikvision-exploiter","full_name":"saaydmr/hikvision-exploiter","html_url":"https://github.com/saaydmr/hikvision-exploiter","description":"CVE-2017-7921, CVE-2021-36260 updated 21/01/2026","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-02-18T09:46:56Z","pushed_at":"2026-01-21T16:07:19Z","created_at":"2026-01-21T16:04:47Z","topics":[],"owner":{"login":"saaydmr","html_url":"https://github.com/saaydmr"},"clone_url":"https://github.com/saaydmr/hikvision-exploiter.git"},{"id":1133984655,"name":"GitExpose","full_name":"fevra-dev/GitExpose","html_url":"https://github.com/fevra-dev/GitExpose","description":"Advanced security scanner detecting exposed files, React2Shell (CVE-2025-55182), ML model poisoning, LLM infrastructure exposure, and invisible Unicode attacks. Built for the 2026 threat landscape.","stargazers_count":1,"forks_count":0,"language":"Python","updated_at":"2026-03-09T12:47:37Z","pushed_at":"2026-01-21T02:17:10Z","created_at":"2026-01-14T04:45:20Z","topics":["asyncio","cli","git-security","llm-security","mcp","ml-security","offensive-security","pentesting","python","react2shell","secret-detection","security","security-scanner","supply-chain-security","vulnerability-scanner"],"owner":{"login":"fevra-dev","html_url":"https://github.com/fevra-dev"},"clone_url":"https://github.com/fevra-dev/GitExpose.git"},{"id":1131094542,"name":"List-CVE-2025-2026","full_name":"magercode/List-CVE-2025-2026","html_url":"https://github.com/magercode/List-CVE-2025-2026","description":"Daftar CVE 2025-2026 terupdate","stargazers_count":1,"forks_count":0,"language":"","updated_at":"2026-02-22T03:40:52Z","pushed_at":"2026-01-09T13:18:44Z","created_at":"2026-01-09T13:18:18Z","topics":[],"owner":{"login":"magercode","html_url":"https://github.com/magercode"},"clone_url":"https://github.com/magercode/List-CVE-2025-2026.git"},{"id":1224060550,"name":"CVE-2026-Exploit-PoC-atau-Log4j-v3-Patch","full_name":"andararauf423-sketch/CVE-2026-Exploit-PoC-atau-Log4j-v3-Patch","html_url":"https://github.com/andararauf423-sketch/CVE-2026-Exploit-PoC-atau-Log4j-v3-Patch","description":"Official Repository for Public Security Document Validation - Cyber Crime Investigation Division","stargazers_count":0,"forks_count":0,"language":"HTML","updated_at":"2026-04-29T13:13:25Z","pushed_at":"2026-04-29T13:13:21Z","created_at":"2026-04-28T23:28:21Z","topics":[],"owner":{"login":"andararauf423-sketch","html_url":"https://github.com/andararauf423-sketch"},"clone_url":"https://github.com/andararauf423-sketch/CVE-2026-Exploit-PoC-atau-Log4j-v3-Patch.git"},{"id":1210335253,"name":"CVE-2026-XNU-AIO-KEVENT-UAF","full_name":"Sonisi5085/CVE-2026-XNU-AIO-KEVENT-UAF","html_url":"https://github.com/Sonisi5085/CVE-2026-XNU-AIO-KEVENT-UAF","description":"Demonstrate XNU AIO kevent use-after-free, kernel panic, and double-free in iOS sandbox for security research","stargazers_count":0,"forks_count":0,"language":"Objective-C","updated_at":"2026-04-29T12:27:49Z","pushed_at":"2026-04-29T12:27:45Z","created_at":"2026-04-14T10:07:25Z","topics":["agents","book","chinese","computer-vision","convolutional-neural-networks","deep-learning","gluon","image-classification","inference","llm","matrix-multiplication","neural-network","rag","simd","typescript","uaf"],"owner":{"login":"Sonisi5085","html_url":"https://github.com/Sonisi5085"},"clone_url":"https://github.com/Sonisi5085/CVE-2026-XNU-AIO-KEVENT-UAF.git"},{"id":1224221471,"name":"thymeleaf.CVE_2026_40478","full_name":"bmvermeer/thymeleaf.CVE_2026_40478","html_url":"https://github.com/bmvermeer/thymeleaf.CVE_2026_40478","description":"","stargazers_count":0,"forks_count":0,"language":"Java","updated_at":"2026-04-29T04:29:50Z","pushed_at":"2026-04-29T04:29:46Z","created_at":"2026-04-29T04:29:27Z","topics":[],"owner":{"login":"bmvermeer","html_url":"https://github.com/bmvermeer"},"clone_url":"https://github.com/bmvermeer/thymeleaf.CVE_2026_40478.git"},{"id":1223867069,"name":"cve_2026_35414","full_name":"dehobbs/cve_2026_35414","html_url":"https://github.com/dehobbs/cve_2026_35414","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-28T19:11:17Z","pushed_at":"2026-04-28T19:11:13Z","created_at":"2026-04-28T18:23:40Z","topics":[],"owner":{"login":"dehobbs","html_url":"https://github.com/dehobbs"},"clone_url":"https://github.com/dehobbs/cve_2026_35414.git"},{"id":1221393548,"name":"cve-breeze-2026","full_name":"cazzysoci/cve-breeze-2026","html_url":"https://github.com/cazzysoci/cve-breeze-2026","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-26T08:20:17Z","pushed_at":"2026-04-26T08:20:14Z","created_at":"2026-04-26T06:24:21Z","topics":[],"owner":{"login":"cazzysoci","html_url":"https://github.com/cazzysoci"},"clone_url":"https://github.com/cazzysoci/cve-breeze-2026.git"},{"id":1218733759,"name":"cve-2026-human-001","full_name":"dermorz/cve-2026-human-001","html_url":"https://github.com/dermorz/cve-2026-human-001","description":"","stargazers_count":0,"forks_count":0,"language":"HTML","updated_at":"2026-04-23T07:02:43Z","pushed_at":"2026-04-23T07:02:40Z","created_at":"2026-04-23T06:56:22Z","topics":[],"owner":{"login":"dermorz","html_url":"https://github.com/dermorz"},"clone_url":"https://github.com/dermorz/cve-2026-human-001.git"},{"id":1217761038,"name":"CVE-2026-Mastodon-Streaming-Token-Leakage","full_name":"1402307692/CVE-2026-Mastodon-Streaming-Token-Leakage","html_url":"https://github.com/1402307692/CVE-2026-Mastodon-Streaming-Token-Leakage","description":"Mastodon Streaming Server Security Vulnerability PoC - CVE-2026-Mastodon-Streaming-Token-Leakage","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-04-22T07:45:05Z","pushed_at":"2026-04-22T07:45:04Z","created_at":"2026-04-22T07:34:44Z","topics":[],"owner":{"login":"1402307692","html_url":"https://github.com/1402307692"},"clone_url":"https://github.com/1402307692/CVE-2026-Mastodon-Streaming-Token-Leakage.git"},{"id":1217761013,"name":"CVE-2026-Mastodon-Streaming-Metrics-Unauthorized","full_name":"1402307692/CVE-2026-Mastodon-Streaming-Metrics-Unauthorized","html_url":"https://github.com/1402307692/CVE-2026-Mastodon-Streaming-Metrics-Unauthorized","description":"Mastodon Streaming Server Security Vulnerability PoC - CVE-2026-Mastodon-Streaming-Metrics-Unauthorized","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-04-22T07:45:03Z","pushed_at":"2026-04-22T07:44:59Z","created_at":"2026-04-22T07:34:41Z","topics":[],"owner":{"login":"1402307692","html_url":"https://github.com/1402307692"},"clone_url":"https://github.com/1402307692/CVE-2026-Mastodon-Streaming-Metrics-Unauthorized.git"},{"id":1217760987,"name":"CVE-2026-Mastodon-Streaming-CRLF-Injection","full_name":"1402307692/CVE-2026-Mastodon-Streaming-CRLF-Injection","html_url":"https://github.com/1402307692/CVE-2026-Mastodon-Streaming-CRLF-Injection","description":"Mastodon Streaming Server Security Vulnerability PoC - CVE-2026-Mastodon-Streaming-CRLF-Injection","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-04-22T07:37:35Z","pushed_at":"2026-04-22T07:37:32Z","created_at":"2026-04-22T07:34:39Z","topics":[],"owner":{"login":"1402307692","html_url":"https://github.com/1402307692"},"clone_url":"https://github.com/1402307692/CVE-2026-Mastodon-Streaming-CRLF-Injection.git"},{"id":1216132013,"name":"macos-vuln-check","full_name":"endiselmanaj/macos-vuln-check","html_url":"https://github.com/endiselmanaj/macos-vuln-check","description":"macOS vulnerability check script - detects 23 recent supply chain attacks and CVEs (Jan-Apr 2026)","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-04-20T15:46:14Z","pushed_at":"2026-04-20T15:46:01Z","created_at":"2026-04-20T15:45:59Z","topics":[],"owner":{"login":"endiselmanaj","html_url":"https://github.com/endiselmanaj"},"clone_url":"https://github.com/endiselmanaj/macos-vuln-check.git"},{"id":1212439336,"name":"cross-country-cve-2026","full_name":"janAWARE7/cross-country-cve-2026","html_url":"https://github.com/janAWARE7/cross-country-cve-2026","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-20T10:11:23Z","pushed_at":"2026-04-20T10:11:18Z","created_at":"2026-04-16T11:33:14Z","topics":[],"owner":{"login":"janAWARE7","html_url":"https://github.com/janAWARE7"},"clone_url":"https://github.com/janAWARE7/cross-country-cve-2026.git"},{"id":1210704084,"name":"Pixnapping-Key-Exfiltration","full_name":"thanhvan205/Pixnapping-Key-Exfiltration","html_url":"https://github.com/thanhvan205/Pixnapping-Key-Exfiltration","description":"🔓 CVE-2025-48561 Exploit Scanner 2026 - Android Security Audit Tool","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-14T17:15:04Z","pushed_at":"2026-04-14T17:15:00Z","created_at":"2026-04-14T17:14:53Z","topics":["android","attack","bitcoin","bitcoin-wallet","cve-2025-48561","googlepixel","pixnapping","private-key","seed","seed-recovery","seedphrase","vulnerability"],"owner":{"login":"thanhvan205","html_url":"https://github.com/thanhvan205"},"clone_url":"https://github.com/thanhvan205/Pixnapping-Key-Exfiltration.git"},{"id":1207444178,"name":"CVEChavez2026","full_name":"JEduardo-Chavez/CVEChavez2026","html_url":"https://github.com/JEduardo-Chavez/CVEChavez2026","description":"Curriculum actualizado al 2026","stargazers_count":0,"forks_count":0,"language":"TypeScript","updated_at":"2026-04-11T00:39:29Z","pushed_at":"2026-04-11T00:39:26Z","created_at":"2026-04-11T00:27:38Z","topics":[],"owner":{"login":"JEduardo-Chavez","html_url":"https://github.com/JEduardo-Chavez"},"clone_url":"https://github.com/JEduardo-Chavez/CVEChavez2026.git"},{"id":1202961230,"name":"forticlient_ems_cve_2026_35616_poc.py","full_name":"fevar54/forticlient_ems_cve_2026_35616_poc.py","html_url":"https://github.com/fevar54/forticlient_ems_cve_2026_35616_poc.py","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-06T15:31:59Z","pushed_at":"2026-04-06T15:31:55Z","created_at":"2026-04-06T15:24:37Z","topics":[],"owner":{"login":"fevar54","html_url":"https://github.com/fevar54"},"clone_url":"https://github.com/fevar54/forticlient_ems_cve_2026_35616_poc.py.git"},{"id":1196148984,"name":"CVE-2026-npm-bin-links-RCE-Exploit","full_name":"Anh-Khoa-PC/CVE-2026-npm-bin-links-RCE-Exploit","html_url":"https://github.com/Anh-Khoa-PC/CVE-2026-npm-bin-links-RCE-Exploit","description":"A critical Path Traversal vulnerability exists in the @npmcli/bin-links library due to insufficient sanitization of the bin field in package.json. By crafting a malicious package with traversal sequences (e.g., ../../), an attacker can escape the intended node_modules/.bin directory during installation.","stargazers_count":0,"forks_count":0,"language":"JavaScript","updated_at":"2026-04-05T05:39:49Z","pushed_at":"2026-04-05T05:39:45Z","created_at":"2026-03-30T12:21:53Z","topics":[],"owner":{"login":"Anh-Khoa-PC","html_url":"https://github.com/Anh-Khoa-PC"},"clone_url":"https://github.com/Anh-Khoa-PC/CVE-2026-npm-bin-links-RCE-Exploit.git"},{"id":1200120765,"name":"CVE-2025-43990-Magento-RCE","full_name":"AMkkk221/CVE-2025-43990-Magento-RCE","html_url":"https://github.com/AMkkk221/CVE-2025-43990-Magento-RCE","description":"Magento APSB25-94 Unauthenticated File Upload to RCE (CVE-2026-XXXX) - Eval Shell + Probe Scanner","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-09T07:20:09Z","pushed_at":"2026-04-03T04:02:53Z","created_at":"2026-04-03T04:00:25Z","topics":[],"owner":{"login":"AMkkk221","html_url":"https://github.com/AMkkk221"},"clone_url":"https://github.com/AMkkk221/CVE-2025-43990-Magento-RCE.git"},{"id":1199651560,"name":"CVE-2026-XXXXX","full_name":"roman-sv-sec/CVE-2026-XXXXX","html_url":"https://github.com/roman-sv-sec/CVE-2026-XXXXX","description":"Remote Code Execution (RCE) vulnerability in ExifTool (versions 12.82 - 13.53)","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-04-02T15:15:53Z","pushed_at":"2026-04-02T15:15:47Z","created_at":"2026-04-02T15:07:37Z","topics":[],"owner":{"login":"roman-sv-sec","html_url":"https://github.com/roman-sv-sec"},"clone_url":"https://github.com/roman-sv-sec/CVE-2026-XXXXX.git"},{"id":1198233547,"name":"axios-scanner","full_name":"ssynical/axios-scanner","html_url":"https://github.com/ssynical/axios-scanner","description":"A simple and minimal project designed to scan for axios supply chain attack (CVE-2026) IOCs","stargazers_count":0,"forks_count":0,"language":"JavaScript","updated_at":"2026-04-02T11:39:39Z","pushed_at":"2026-04-02T11:39:36Z","created_at":"2026-04-01T08:29:35Z","topics":[],"owner":{"login":"ssynical","html_url":"https://github.com/ssynical"},"clone_url":"https://github.com/ssynical/axios-scanner.git"},{"id":1198878577,"name":"axios-vulnerability","full_name":"slmingol/axios-vulnerability","html_url":"https://github.com/slmingol/axios-vulnerability","description":"Tools for assessing and fixing the axios npm supply chain vulnerability (CVE-2026-axios)","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-01T21:06:49Z","pushed_at":"2026-04-01T21:06:44Z","created_at":"2026-04-01T21:06:42Z","topics":[],"owner":{"login":"slmingol","html_url":"https://github.com/slmingol"},"clone_url":"https://github.com/slmingol/axios-vulnerability.git"},{"id":1135243460,"name":"CVE-2026","full_name":"samael0x4/CVE-2026","html_url":"https://github.com/samael0x4/CVE-2026","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-04-01T12:16:54Z","pushed_at":"2026-04-01T12:16:51Z","created_at":"2026-01-15T20:48:07Z","topics":[],"owner":{"login":"samael0x4","html_url":"https://github.com/samael0x4"},"clone_url":"https://github.com/samael0x4/CVE-2026.git"},{"id":1197855132,"name":"malxios-checker","full_name":"MyMel2001/malxios-checker","html_url":"https://github.com/MyMel2001/malxios-checker","description":"MALicious aXIOS CHECKER - Checks your packages for the CVE that happened March 31st 2026","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-04-01T00:18:29Z","pushed_at":"2026-04-01T00:18:26Z","created_at":"2026-04-01T00:16:01Z","topics":[],"owner":{"login":"MyMel2001","html_url":"https://github.com/MyMel2001"},"clone_url":"https://github.com/MyMel2001/malxios-checker.git"},{"id":1197561073,"name":"SecurityCheck","full_name":"elleleg-alt/SecurityCheck","html_url":"https://github.com/elleleg-alt/SecurityCheck","description":"Covers: claude.ai (Personal) · Claude Desktop · Claude Cowork · Claude Code · Claude Enterprise/Team · API \u0026 Developers Package: nextjs-security-skill Last updated: March 2026 Sources: Anthropic Help Center, Claude Code Docs, Anthropic Trust Center, Harmonic Security, PromptArmor CVE Disclosures","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-31T17:21:41Z","pushed_at":"2026-03-31T17:21:41Z","created_at":"2026-03-31T17:21:40Z","topics":[],"owner":{"login":"elleleg-alt","html_url":"https://github.com/elleleg-alt"},"clone_url":"https://github.com/elleleg-alt/SecurityCheck.git"},{"id":1190925520,"name":"CVE2026_21509","full_name":"YoussefMami/CVE2026_21509","html_url":"https://github.com/YoussefMami/CVE2026_21509","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-25T09:07:11Z","pushed_at":"2026-03-25T09:07:08Z","created_at":"2026-03-24T18:50:50Z","topics":[],"owner":{"login":"YoussefMami","html_url":"https://github.com/YoussefMami"},"clone_url":"https://github.com/YoussefMami/CVE2026_21509.git"},{"id":1164430404,"name":"cve-20260603","full_name":"luong005/cve-20260603","html_url":"https://github.com/luong005/cve-20260603","description":"","stargazers_count":0,"forks_count":0,"language":"Java","updated_at":"2026-03-24T01:58:53Z","pushed_at":"2026-03-23T12:07:00Z","created_at":"2026-02-23T04:22:59Z","topics":[],"owner":{"login":"luong005","html_url":"https://github.com/luong005"},"clone_url":"https://github.com/luong005/cve-20260603.git"},{"id":1184770639,"name":"Moodle-Auth-RCE-CVE-2026-XXXX","full_name":"r3m0t3nu11/Moodle-Auth-RCE-CVE-2026-XXXX","html_url":"https://github.com/r3m0t3nu11/Moodle-Auth-RCE-CVE-2026-XXXX","description":"Comming soon Moodle Auth RCE","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-18T00:10:43Z","pushed_at":"2026-03-18T00:10:39Z","created_at":"2026-03-17T23:15:43Z","topics":[],"owner":{"login":"r3m0t3nu11","html_url":"https://github.com/r3m0t3nu11"},"clone_url":"https://github.com/r3m0t3nu11/Moodle-Auth-RCE-CVE-2026-XXXX.git"},{"id":1181762567,"name":"Cve_2026_29000_exploit","full_name":"FranzAlvis/Cve_2026_29000_exploit","html_url":"https://github.com/FranzAlvis/Cve_2026_29000_exploit","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-14T16:12:04Z","pushed_at":"2026-03-14T16:12:01Z","created_at":"2026-03-14T15:37:43Z","topics":[],"owner":{"login":"FranzAlvis","html_url":"https://github.com/FranzAlvis"},"clone_url":"https://github.com/FranzAlvis/Cve_2026_29000_exploit.git"},{"id":1178151693,"name":"MangoPunch-CVE-2022-31898","full_name":"CryptoGhost1/MangoPunch-CVE-2022-31898","html_url":"https://github.com/CryptoGhost1/MangoPunch-CVE-2022-31898","description":"Authenticated Command Injection Tool (CVE-2022-31898) - HACKCONRD 2026.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-10T18:57:31Z","pushed_at":"2026-03-10T18:55:07Z","created_at":"2026-03-10T18:34:09Z","topics":[],"owner":{"login":"CryptoGhost1","html_url":"https://github.com/CryptoGhost1"},"clone_url":"https://github.com/CryptoGhost1/MangoPunch-CVE-2022-31898.git"},{"id":1178071310,"name":"CVE-2026-MOODLE-RCE","full_name":"r3m0t3nu11/CVE-2026-MOODLE-RCE","html_url":"https://github.com/r3m0t3nu11/CVE-2026-MOODLE-RCE","description":"Chained bugs lead to RCE","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-10T16:53:54Z","pushed_at":"2026-03-10T16:53:54Z","created_at":"2026-03-10T16:53:54Z","topics":[],"owner":{"login":"r3m0t3nu11","html_url":"https://github.com/r3m0t3nu11"},"clone_url":"https://github.com/r3m0t3nu11/CVE-2026-MOODLE-RCE.git"},{"id":1174811584,"name":"CVEs-exploit-2026","full_name":"anacarsi/CVEs-exploit-2026","html_url":"https://github.com/anacarsi/CVEs-exploit-2026","description":"Reproducing CVEs and testing impact.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-06T22:46:40Z","pushed_at":"2026-03-06T22:44:57Z","created_at":"2026-03-06T21:42:34Z","topics":[],"owner":{"login":"anacarsi","html_url":"https://github.com/anacarsi"},"clone_url":"https://github.com/anacarsi/CVEs-exploit-2026.git"},{"id":1172298173,"name":"CNVD-2026-12436-and-CVE-2024-10835","full_name":"6jeffr3y/CNVD-2026-12436-and-CVE-2024-10835","html_url":"https://github.com/6jeffr3y/CNVD-2026-12436-and-CVE-2024-10835","description":"DB-GPT信息泄露和sql注入综合利用","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-03-04T07:57:04Z","pushed_at":"2026-03-04T07:57:01Z","created_at":"2026-03-04T06:34:36Z","topics":[],"owner":{"login":"6jeffr3y","html_url":"https://github.com/6jeffr3y"},"clone_url":"https://github.com/6jeffr3y/CNVD-2026-12436-and-CVE-2024-10835.git"},{"id":1169898605,"name":"Snort-Rule","full_name":"luuryu/Snort-Rule","html_url":"https://github.com/luuryu/Snort-Rule","description":"Protect CVE 2026","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-03-01T11:53:47Z","pushed_at":"2026-03-01T11:53:47Z","created_at":"2026-03-01T11:53:47Z","topics":[],"owner":{"login":"luuryu","html_url":"https://github.com/luuryu"},"clone_url":"https://github.com/luuryu/Snort-Rule.git"},{"id":1167618210,"name":"CVE_2026_25892","full_name":"dzmind2312/CVE_2026_25892","html_url":"https://github.com/dzmind2312/CVE_2026_25892","description":"CVE_2026_25892 BY DZ MIND INJECTOR","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-26T23:42:06Z","pushed_at":"2026-02-26T23:42:03Z","created_at":"2026-02-26T13:51:31Z","topics":[],"owner":{"login":"dzmind2312","html_url":"https://github.com/dzmind2312"},"clone_url":"https://github.com/dzmind2312/CVE_2026_25892.git"},{"id":1149902392,"name":"CVE-2026-XXXX-NPrinting-On-Demand-Exploit","full_name":"sanmirgabriel/CVE-2026-XXXX-NPrinting-On-Demand-Exploit","html_url":"https://github.com/sanmirgabriel/CVE-2026-XXXX-NPrinting-On-Demand-Exploit","description":"Vulnerability in \"NPrinting On-Demand\" Extension for Qlik Sense","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-04T16:55:33Z","pushed_at":"2026-02-04T16:52:32Z","created_at":"2026-02-04T16:49:37Z","topics":[],"owner":{"login":"sanmirgabriel","html_url":"https://github.com/sanmirgabriel"},"clone_url":"https://github.com/sanmirgabriel/CVE-2026-XXXX-NPrinting-On-Demand-Exploit.git"},{"id":1149173466,"name":"CVE-2026-XXXX-Pixeon-WebLaudos-AuthBypass","full_name":"sanmirgabriel/CVE-2026-XXXX-Pixeon-WebLaudos-AuthBypass","html_url":"https://github.com/sanmirgabriel/CVE-2026-XXXX-Pixeon-WebLaudos-AuthBypass","description":"critical vulnerability,  Authentication Bypass via Client-Side + Unauthenticated IDOR, discovered in Pixeon WebLaudos","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-02-03T20:15:28Z","pushed_at":"2026-02-03T20:15:14Z","created_at":"2026-02-03T20:03:25Z","topics":[],"owner":{"login":"sanmirgabriel","html_url":"https://github.com/sanmirgabriel"},"clone_url":"https://github.com/sanmirgabriel/CVE-2026-XXXX-Pixeon-WebLaudos-AuthBypass.git"},{"id":1148732379,"name":"OAuth2-Proxy-Path-Traversal-Exploit-Tool","full_name":"zwanski2019/OAuth2-Proxy-Path-Traversal-Exploit-Tool","html_url":"https://github.com/zwanski2019/OAuth2-Proxy-Path-Traversal-Exploit-Tool","description":"exploit the OAuth2 Proxy path traversal vulnerability (CVE-2026-XXXXX):  Tool Features Automatic path traversal detection OIDC endpoint enumeration Unauthorized flow initiation Report generation Multi-target support","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-02-03T10:48:54Z","pushed_at":"2026-02-03T11:11:36Z","created_at":"2026-02-03T09:54:19Z","topics":[],"owner":{"login":"zwanski2019","html_url":"https://github.com/zwanski2019"},"clone_url":"https://github.com/zwanski2019/OAuth2-Proxy-Path-Traversal-Exploit-Tool.git"},{"id":1146766614,"name":"CVE-Aura-Audit-2026","full_name":"rtbrown88-cmyk/CVE-Aura-Audit-2026","html_url":"https://github.com/rtbrown88-cmyk/CVE-Aura-Audit-2026","description":"Comparative Analysis of AI-Enhanced Hardware Resilience","stargazers_count":0,"forks_count":0,"language":"","updated_at":"2026-01-31T17:40:16Z","pushed_at":"2026-01-31T17:40:13Z","created_at":"2026-01-31T16:40:51Z","topics":[],"owner":{"login":"rtbrown88-cmyk","html_url":"https://github.com/rtbrown88-cmyk"},"clone_url":"https://github.com/rtbrown88-cmyk/CVE-Aura-Audit-2026.git"},{"id":1146172543,"name":"openssl-january-2026-cve-scanner","full_name":"amnnrth/openssl-january-2026-cve-scanner","html_url":"https://github.com/amnnrth/openssl-january-2026-cve-scanner","description":"A lightweight scanner to identify potential OpenSSL CVE exposure by inferring OpenSSL versions from live HTTP and HTTPS services.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-30T18:16:26Z","pushed_at":"2026-01-30T18:16:22Z","created_at":"2026-01-30T18:06:26Z","topics":[],"owner":{"login":"amnnrth","html_url":"https://github.com/amnnrth"},"clone_url":"https://github.com/amnnrth/openssl-january-2026-cve-scanner.git"},{"id":1141585396,"name":"CVE-2026-Apple-V2","full_name":"NiceTop1027/CVE-2026-Apple-V2","html_url":"https://github.com/NiceTop1027/CVE-2026-Apple-V2","description":"","stargazers_count":0,"forks_count":0,"language":"C","updated_at":"2026-01-25T03:41:41Z","pushed_at":"2026-01-25T03:41:36Z","created_at":"2026-01-25T03:40:10Z","topics":[],"owner":{"login":"NiceTop1027","html_url":"https://github.com/NiceTop1027"},"clone_url":"https://github.com/NiceTop1027/CVE-2026-Apple-V2.git"},{"id":1141571227,"name":"CVE-2026-Discord","full_name":"NiceTop1027/CVE-2026-Discord","html_url":"https://github.com/NiceTop1027/CVE-2026-Discord","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-25T03:24:24Z","pushed_at":"2026-01-25T03:24:21Z","created_at":"2026-01-25T02:51:34Z","topics":[],"owner":{"login":"NiceTop1027","html_url":"https://github.com/NiceTop1027"},"clone_url":"https://github.com/NiceTop1027/CVE-2026-Discord.git"},{"id":1141299741,"name":"CVE-2026-Termius","full_name":"NiceTop1027/CVE-2026-Termius","html_url":"https://github.com/NiceTop1027/CVE-2026-Termius","description":"","stargazers_count":0,"forks_count":0,"language":"JavaScript","updated_at":"2026-01-24T16:08:22Z","pushed_at":"2026-01-24T16:08:18Z","created_at":"2026-01-24T16:07:16Z","topics":[],"owner":{"login":"NiceTop1027","html_url":"https://github.com/NiceTop1027"},"clone_url":"https://github.com/NiceTop1027/CVE-2026-Termius.git"},{"id":1141147651,"name":"CVE-2026-Apple","full_name":"NiceTop1027/CVE-2026-Apple","html_url":"https://github.com/NiceTop1027/CVE-2026-Apple","description":"","stargazers_count":0,"forks_count":0,"language":"C","updated_at":"2026-01-24T10:43:26Z","pushed_at":"2026-01-24T10:43:22Z","created_at":"2026-01-24T10:39:28Z","topics":[],"owner":{"login":"NiceTop1027","html_url":"https://github.com/NiceTop1027"},"clone_url":"https://github.com/NiceTop1027/CVE-2026-Apple.git"},{"id":1140539974,"name":"CVE-2026-Pending-Claude-Desktop-RCE","full_name":"NiceTop1027/CVE-2026-Pending-Claude-Desktop-RCE","html_url":"https://github.com/NiceTop1027/CVE-2026-Pending-Claude-Desktop-RCE","description":"","stargazers_count":0,"forks_count":1,"language":"JavaScript","updated_at":"2026-01-24T09:30:42Z","pushed_at":"2026-01-24T09:30:37Z","created_at":"2026-01-23T12:21:32Z","topics":[],"owner":{"login":"NiceTop1027","html_url":"https://github.com/NiceTop1027"},"clone_url":"https://github.com/NiceTop1027/CVE-2026-Pending-Claude-Desktop-RCE.git"},{"id":1141097980,"name":"CVE-2026-D0cker","full_name":"NiceTop1027/CVE-2026-D0cker","html_url":"https://github.com/NiceTop1027/CVE-2026-D0cker","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-24T08:41:28Z","pushed_at":"2026-01-24T08:41:24Z","created_at":"2026-01-24T08:38:12Z","topics":[],"owner":{"login":"NiceTop1027","html_url":"https://github.com/NiceTop1027"},"clone_url":"https://github.com/NiceTop1027/CVE-2026-D0cker.git"},{"id":1140522063,"name":"CVE-2025-52691-PoC-SmarterMail-authentication-bypass-exploit-WT-2026-0001","full_name":"ninjazan420/CVE-2025-52691-PoC-SmarterMail-authentication-bypass-exploit-WT-2026-0001","html_url":"https://github.com/ninjazan420/CVE-2025-52691-PoC-SmarterMail-authentication-bypass-exploit-WT-2026-0001","description":"CVE-2025-52691 PoC: Based on watchtowr's article WT-2026-0001 about an authentication bypass exploit, this one is a functional Python attack script.","stargazers_count":0,"forks_count":0,"language":"Shell","updated_at":"2026-04-25T05:35:28Z","pushed_at":"2026-01-24T08:12:32Z","created_at":"2026-01-23T11:48:20Z","topics":[],"owner":{"login":"ninjazan420","html_url":"https://github.com/ninjazan420"},"clone_url":"https://github.com/ninjazan420/CVE-2025-52691-PoC-SmarterMail-authentication-bypass-exploit-WT-2026-0001.git"},{"id":1140417583,"name":"cve_2026_24061_cli","full_name":"m3ngx1ng/cve_2026_24061_cli","html_url":"https://github.com/m3ngx1ng/cve_2026_24061_cli","description":"cve_2026_24061快速利用工具","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-23T08:55:18Z","pushed_at":"2026-01-23T08:55:14Z","created_at":"2026-01-23T08:51:03Z","topics":[],"owner":{"login":"m3ngx1ng","html_url":"https://github.com/m3ngx1ng"},"clone_url":"https://github.com/m3ngx1ng/cve_2026_24061_cli.git"},{"id":1140049404,"name":"CVE-2026-XXXX-Meru-Shell-OpenExternal-RCE","full_name":"NiceTop1027/CVE-2026-XXXX-Meru-Shell-OpenExternal-RCE","html_url":"https://github.com/NiceTop1027/CVE-2026-XXXX-Meru-Shell-OpenExternal-RCE","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-22T20:15:11Z","pushed_at":"2026-01-22T20:15:08Z","created_at":"2026-01-22T19:00:46Z","topics":[],"owner":{"login":"NiceTop1027","html_url":"https://github.com/NiceTop1027"},"clone_url":"https://github.com/NiceTop1027/CVE-2026-XXXX-Meru-Shell-OpenExternal-RCE.git"},{"id":1140030510,"name":"CVE-2026-Pending-Extract-Zip-Arbitrary-File-Write","full_name":"NiceTop1027/CVE-2026-Pending-Extract-Zip-Arbitrary-File-Write","html_url":"https://github.com/NiceTop1027/CVE-2026-Pending-Extract-Zip-Arbitrary-File-Write","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-22T18:28:51Z","pushed_at":"2026-01-22T18:28:47Z","created_at":"2026-01-22T18:28:04Z","topics":[],"owner":{"login":"NiceTop1027","html_url":"https://github.com/NiceTop1027"},"clone_url":"https://github.com/NiceTop1027/CVE-2026-Pending-Extract-Zip-Arbitrary-File-Write.git"},{"id":1140017394,"name":"CVE-2026-Pending-Delegator-Command-Injection","full_name":"NiceTop1027/CVE-2026-Pending-Delegator-Command-Injection","html_url":"https://github.com/NiceTop1027/CVE-2026-Pending-Delegator-Command-Injection","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-22T18:07:07Z","pushed_at":"2026-01-22T18:06:43Z","created_at":"2026-01-22T18:05:59Z","topics":[],"owner":{"login":"NiceTop1027","html_url":"https://github.com/NiceTop1027"},"clone_url":"https://github.com/NiceTop1027/CVE-2026-Pending-Delegator-Command-Injection.git"},{"id":1139963210,"name":"CVE-2026-Pending-Flask-Uploads-Path-Traversal-PoC","full_name":"NiceTop1027/CVE-2026-Pending-Flask-Uploads-Path-Traversal-PoC","html_url":"https://github.com/NiceTop1027/CVE-2026-Pending-Flask-Uploads-Path-Traversal-PoC","description":"Demonstration of CWE-22 Path Traversal in Flask-Uploads 0.2.1. For educational and security research purposes only. Tested on Python 3.11.","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-22T17:34:02Z","pushed_at":"2026-01-22T17:33:58Z","created_at":"2026-01-22T16:41:39Z","topics":[],"owner":{"login":"NiceTop1027","html_url":"https://github.com/NiceTop1027"},"clone_url":"https://github.com/NiceTop1027/CVE-2026-Pending-Flask-Uploads-Path-Traversal-PoC.git"},{"id":1139994136,"name":"CVE-2026-Pending-Django-Summernote-RCE","full_name":"NiceTop1027/CVE-2026-Pending-Django-Summernote-RCE","html_url":"https://github.com/NiceTop1027/CVE-2026-Pending-Django-Summernote-RCE","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-22T17:31:44Z","pushed_at":"2026-01-22T17:31:23Z","created_at":"2026-01-22T17:29:07Z","topics":[],"owner":{"login":"NiceTop1027","html_url":"https://github.com/NiceTop1027"},"clone_url":"https://github.com/NiceTop1027/CVE-2026-Pending-Django-Summernote-RCE.git"},{"id":1135888223,"name":"CVE-2026-XXXXX-OpenWrt-Exploit","full_name":"iwallplace/CVE-2026-XXXXX-OpenWrt-Exploit","html_url":"https://github.com/iwallplace/CVE-2026-XXXXX-OpenWrt-Exploit","description":"Proof of Concept exploit for CVE-2026-XXXXX in OpenWrt luci-app-https-dns-proxy","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-17T00:50:37Z","pushed_at":"2026-01-16T23:52:29Z","created_at":"2026-01-16T18:27:55Z","topics":[],"owner":{"login":"iwallplace","html_url":"https://github.com/iwallplace"},"clone_url":"https://github.com/iwallplace/CVE-2026-XXXXX-OpenWrt-Exploit.git"},{"id":1135183219,"name":"CVE-2026-XIAOMI-SSRF-HostHeaderInjection","full_name":"iwallplace/CVE-2026-XIAOMI-SSRF-HostHeaderInjection","html_url":"https://github.com/iwallplace/CVE-2026-XIAOMI-SSRF-HostHeaderInjection","description":"SSRF vulnerability in Xiaomi Mi Router 4A Gigabit Edition via Host Header Injection (CVE-2026-XXXXX)","stargazers_count":0,"forks_count":1,"language":"Python","updated_at":"2026-01-16T18:03:38Z","pushed_at":"2026-01-16T06:42:58Z","created_at":"2026-01-15T18:51:42Z","topics":[],"owner":{"login":"iwallplace","html_url":"https://github.com/iwallplace"},"clone_url":"https://github.com/iwallplace/CVE-2026-XIAOMI-SSRF-HostHeaderInjection.git"},{"id":1134181710,"name":"CVE-2026-Dashboard","full_name":"MehdiLeDeaut/CVE-2026-Dashboard","html_url":"https://github.com/MehdiLeDeaut/CVE-2026-Dashboard","description":"Interactive visualization - CVE-2026 chain attack demo","stargazers_count":0,"forks_count":0,"language":"HTML","updated_at":"2026-01-14T12:16:24Z","pushed_at":"2026-01-14T13:02:46Z","created_at":"2026-01-14T11:12:48Z","topics":[],"owner":{"login":"MehdiLeDeaut","html_url":"https://github.com/MehdiLeDeaut"},"clone_url":"https://github.com/MehdiLeDeaut/CVE-2026-Dashboard.git"},{"id":1095361987,"name":"CVE-2025-20260","full_name":"keyuraghao/CVE-2025-20260","html_url":"https://github.com/keyuraghao/CVE-2025-20260","description":"","stargazers_count":0,"forks_count":0,"language":"Python","updated_at":"2026-01-13T11:21:17Z","pushed_at":"2025-11-13T00:27:18Z","created_at":"2025-11-13T00:24:05Z","topics":[],"owner":{"login":"keyuraghao","html_url":"https://github.com/keyuraghao"},"clone_url":"https://github.com/keyuraghao/CVE-2025-20260.git"},{"id":1058160471,"name":"cve_2025_20265","full_name":"saruman9/cve_2025_20265","html_url":"https://github.com/saruman9/cve_2025_20265","description":"PoC for CVE-2025-20265 Cisco Secure FMC Software RADIUS Remote Code Execution Vulnerability","stargazers_count":0,"forks_count":2,"language":"Rust","updated_at":"2025-09-22T19:31:17Z","pushed_at":"2025-09-16T17:49:04Z","created_at":"2025-09-16T17:48:10Z","topics":["cisco","cisco-fmc","command-injection","cve","poc"],"owner":{"login":"saruman9","html_url":"https://github.com/saruman9"},"clone_url":"https://github.com/saruman9/cve_2025_20265.git"}]}]}