Astra Linux - уязвимость в thunderbird

The ms-msdt, search, and search-ms protocols deliver content to Microsoft applications, bypassing the browser, when a user accepts a prompt. These applications have known vulnerabilities that have been exploited in the wild although we know of none exploited through Thunderbird. Therefore, in thi...

Pwn2Own Berlin 2026 Closes With $1.3 Million in Zero-Day Payouts

Cybersecurity researchers successfully demonstrated 47 unique zero-day exploits at Pwn2Own Berlin 2026, targeting major enterprise software and AI platforms...

zparty

Zparty Automated web penetration testing framework with loc...

exploits_atualizados

No d...

CVE_Vulnerability_Exploit

CVE Vulnerability Exploits This is a list of all CVE vulnerab...

bug-bounty-reports

Bug Bounty Reports — Josef Basner Sanitized, redacted, resp...

bleak

BLEAK — Bluetooth Link Exploitation & Attack Knowledgebase...

exploit-development

exploit-dev...

About Remote Code Execution - Apache ActiveMQ (CVE-2026-34197) vulnerability

About Remote Code Execution - Apache ActiveMQ CVE-2026-34197 vulnerability. Apache ActiveMQ is a popular open-source message broker written in Java. Its main purpose is to send messages between different services, systems, and microservices without a direct connection between them. This...

Exploit-POC

🛡️ Exploit-POC A curated collection of Proof-of-Concept Po...

KLA91048 SUI vulnerability in Microsoft Products (ESU)

A spoofing vulnerability was found in Microsoft Microsoft Products Extended Security Update. Malicious users can exploit this vulnerability to perform cross-site scripting attack, spoof user interface. Original advisories CVE-2026-42897 Exploitation Public exploits exist for this vulnerability...

exploits

No d...

SUSE CVE-2026-40016

Attacker can upload a malicious Sieve script over ManageSieve service or locally to bypass configured CPU time limits for Sieve up to 130 times of the configured limit. Attacker can use this to degrade server performance and bypass configured CPU time limits for Sieve scripts. Install fixed...

RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded

RubyGems , the standard package manager for the Ruby programming language, has temporarily paused account sign ups following what has been described as a "major malicious attack." "We're dealing with a major malicious attack on RubyGems right now," Maciej Mensfeld, senior product manager for...

CVE-2026-27851

When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe data to be unescaped. This can enable SQL / LDAP injection attacks when used in authentication. Avoid using safe filter until on fixed version. No...

PT-2026-40025

Name of the Vulnerable Software and Affected Versions Dovecot versions prior to 2.4.4-1.1 Description An attacker positioned between Dovecot and the client connection can use a specially crafted base64 exchange to fake SCRAM TLS channel binding. This allows the attacker to act as a MITM...

HPE Aruba Networking Wireless Operating System 安全漏洞

HPE Aruba Networking Wireless Operating System is a wireless network operating system developed by the American company HPE. There are security vulnerabilities in the HPE Aruba Networking Wireless Operating System. These vulnerabilities stem from buffer overflows in network management services,...

Google Says Hackers Used AI to Develop a Zero-Day Exploit

Google researchers say hackers used AI to develop zero-day exploits, Android backdoors, and automated supply chain attacks targeting GitHub and PyPI...

samsung-exploits

Samsung Exynos 4412 Kernel Exploits Device: Samsung Galax...

N4V3R41N-Suite

N4V3R41N: The Ultimate Unified iOS Exploit & Bypass Suite !V...