POC-Generator-Burp_Suite_Extension

🎯 POC Generator - Burp Suite Extension From vulnerability...

CVE-2026-23523 Dive allows One-click Remote Code Execution through Deep Links for MCP Install

Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs. Prior to 0.13.0, crafted deeplink can install an attacker-controlled MCP server configuration without sufficient user confirmation and can lead to arbitrary local command execution on the...

Telegram to Add Warning for Proxy Links After IP Leak Concerns

Telegram will add a warning for proxy links after reports showed they can expose user IP addresses with a single click, bypassing VPN or privacy settings...

CVE-2023-4000

The Waiting: One-click countdowns plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.6.2. This is due to missing or incorrect nonce validation on its AJAX actions. This makes it possible for unauthenticated attackers to create and delete countdown...

CVE-2024-34433

Deserialization of Untrusted Data vulnerability in OCDI One Click Demo Import.This issue affects One Click Demo Import: from n/a through 3.2.0...

CVE-2024-2702

Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import allows importing settings and data, ultimately leading to XSS.This issue affects Olive One Click Demo Import: from n/a through 1.1.1...

Security Advisory: Credential Theft Incidents - ownCloud

Comprehensive MFA options with administrative controls to enforce policies organization-wide, plus alerts when risky settings are used Embedded network and web application firewalls that are pre-configured and continuously updated—no customer maintenance required Zero-trust architecture with...

EUVD-2025-206240

muffon is a cross-platform music streaming client for desktop. Versions prior to 2.3.0 have a one-click Remote Code Execution RCE vulnerability in. An attacker can exploit this issue by embedding a specially crafted muffon:// link on any website they control. When a victim visits the site or clic...

EUVD-2025-206033

A local privilege escalation vulnerability exists in SevenCs ORCA G2 2.0.1.35 EC2007 Kernel v5.22. The flaw is a Time-of-Check Time-of-Use TOCTOU race condition in the license management logic. The regService process, which runs with SYSTEM privileges, creates a fixed directory and writes files...

How to Spot the Most Common Crypto Phishing Scams

Crypto phishing scams surged 83% in 2025, targeting wallets with fake sites, approval tricks, and poisoned addresses. One click can drain your funds...

CVE-2025-68952

Eigent is a multi-agent Workforce. In version 0.0.60, a 1-click Remote Code Execution RCE vulnerability has been identified in Eigent. This vulnerability allows an attacker to execute arbitrary code on the victim's machine or server through a specific interaction 1-click. This issue has been...

CVE-2025-68952

Eigent is a multi-agent Workforce. In version 0.0.60, a 1-click Remote Code Execution RCE vulnerability has been identified in Eigent. This vulnerability allows an attacker to execute arbitrary code on the victim's machine or server through a specific interaction 1-click. This issue has been...

CVE-2025-68952 1-click Remote Code Execution (RCE) vulnerability in Eigent

Eigent is a multi-agent Workforce. In version 0.0.60, a 1-click Remote Code Execution RCE vulnerability has been identified in Eigent. This vulnerability allows an attacker to execute arbitrary code on the victim's machine or server through a specific interaction 1-click. This issue has been...

CVE-2025-68952

CVE-2025-68952 : Eigent (multi-agent Workforce) prior to version 0.0.61 is affected by a 1-click Remote Code Execution (RCE) vulnerability in version 0.0.60. The issue allows arbitrary code execution on the victim’s machine/server via a specific one-click interaction. Patch is available in versio...

EUVD-2025-205462

Eigent is a multi-agent Workforce. In version 0.0.60, a 1-click Remote Code Execution RCE vulnerability has been identified in Eigent. This vulnerability allows an attacker to execute arbitrary code on the victim's machine or server through a specific interaction 1-click. This issue has been...

CVE-2025-68952 1-click Remote Code Execution (RCE) vulnerability in Eigent

Eigent is a multi-agent Workforce. In version 0.0.60, a 1-click Remote Code Execution RCE vulnerability has been identified in Eigent. This vulnerability allows an attacker to execute arbitrary code on the victim's machine or server through a specific interaction 1-click. This issue has been...

Eigent 代码注入漏洞

Eigent is a multi-agent workflow desktop application open-sourced by Eigent AI. A code injection vulnerability exists in Eigent version 0.0.60, which stems from a 1-click remote code execution vulnerability that could lead to the execution of arbitrary code...

NVIDIA Isaac Launchable 安全漏洞

NVIDIA Isaac Launchable is a one-click deployment GPU development environment designed to simplify the AI development process and accelerate experimentation and deployment. NVIDIA Isaac Launchable suffers from a security vulnerability that stems from improper design and can be exploited by remote...

Exploit for Deserialization of Untrusted Data in Facebook React

React2Shell Detector A Chrome extension for detecting React2S...

Intellexa Leaks Reveal Zero-Days and Ads-Based Vector for Predator Spyware Delivery

A human rights lawyer from Pakistan's Balochistan province received a suspicious link on WhatsApp from an unknown number, marking the first time a civil society member in the country was targeted by Intellexa's Predator spyware, Amnesty International said in a report. The link, the non-profit...