Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 Security Lab "React2Shell" This repository c...

PoCLab

kernel-poc Minimal Linux kernel + QEMU environment for reprod...

Operation-Molasses

🍯 OPERATION MOLASSES PEKMEZ Zencefil Efendi's Cyber Dow...

Exploit for CVE-2026-42945

CVE-2026-42945 nginx 32-bit Exploit Lab This repository is a...

KonR

KonR Hierarchical multi-agent AI penetration testing system p...

Exploit for Missing Authentication for Critical Function in Coreweave Marimo

CVE-2026-39987 - Marimo Pre-Auth RCE Unauthenticated Remote...

Exploit for CVE-2025-9074

🐚 docker-shell A lightweight, dependency-free bash script tha...

dvwa_xss_lab

DVWA XSS Lab Project Introduction This project creates a...

SECpocs

Next.js React Server Components RCE Exploit Exploits CVE-2025...

Exploit for Insecure Default Initialization of Resource in Praison Praisonai

CVE-2026-44338 PraisonAI Authentication Bypass Lab Local Dock...

Exploit for Missing Authentication for Critical Function in Flowiseai Flowise

Silentium — HackTheBox Writeup Platform: HackTheBox...

Exploit for Improper Access Control in Joomla Joomla\!

Full-Lifecycle CMS Penetration Testing Joomla 4.2.5 📌 Pr...

GHSA-RRMM-9V76-H3P4 Portainer missing authorization on Docker plugin endpoints, which allows host RCE

Summary Portainer enforces Role-Based Access Control RBAC on top of the Docker API. The proxy layer routes incoming Docker API requests to per-resource handlers containers, images, services, volumes, etc. that apply authorization checks. The Docker plugin management endpoints /plugins/ were not...

Portainer missing authorization on Docker plugin endpoints, which allows host RCE

Summary Portainer enforces Role-Based Access Control RBAC on top of the Docker API. The proxy layer routes incoming Docker API requests to per-resource handlers containers, images, services, volumes, etc. that apply authorization checks. The Docker plugin management endpoints /plugins/ were not...

CVE-2026-42593

CVE-2026-42593 affects Gotenberg: multiple routes (merge, split, LibreOffice convert, chromium convert variants) improperly accept stampSource=pdf/stampExpression and watermarkSource=pdf/watermarkExpression from anonymous callers. If stampExpression or watermarkExpression points to a file path th...

CVE-2026-42589 Gotenberg: Unauthenticated RCE via ExifTool Metadata Key Injection

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, Gotenberg's /forms/pdfengines/metadata/write HTTP endpoint accepts a JSON metadata object and passes its keys directly to ExifTool via the go-exiftool library. No validation is performed on key characters. A \n embedded i...

CVE-2026-42589

Gotenberg exposes an unauthenticated RCE via the /forms/pdfengines/metadata/write endpoint. The root cause is that JSON metadata keys are passed to ExifTool without validation; a newline in a key allows injection of ExifTool flags (e.g., -if), enabling arbitrary code execution as the Gotenberg pr...

Incomplete List of Disallowed Inputs

Overview flowise-components is a Flowiseai Components Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs inadequate input validation in the validateCommandFlags and validateArgsForLocalFileAccess functions. An attacker can execute arbitrary commands on the...

Incomplete List of Disallowed Inputs

Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs inadequate input validation in the validateCommandFlags and validateArgsForLocalFileAccess functions. An attacker can execute arbitrary commands on the server by bypassi...

GHSA-M99R-2HXC-CP3Q Flowise has an MCP Security Bypass that Enables RCE

Summary There are three bypass methods for the security limitations of the Flowise MCP feature, and attackers can execute arbitrary commands by combining these three methods Details 【Vulnerability one】The Docker build subcommand not being on the blocklist leads to remote code execution The attack...