Exploit for CVE-2026-31431

Copy Fail PoC English Python PoC for CVE-2026-31431,...

AWS VDP: SQL Injection Detection Bypass in AWS WAF Managed Rules (AWSManagedRulesSQLiRuleSet)

Researchers This vulnerability was discovered through collaborative security research. Researchers: - █████ - █████████ - █████████ --- Summary AWS WAF fails to detect certain SQL injection payload variants. These payloads bypass the AWS WAF SQL injection detection rules and reach the backend...

Exploit for Deserialization of Untrusted Data in Facebook React

⚡ CVE-2025-55182 – Auto Exploit Toolkit Precision Engine...

Exploit for Deserialization of Untrusted Data in Facebook React

⚡ CVE-2025-55182 – Advanced Auto Exploit Toolkit Precisi...

ysoserial

This is a Java-based tool called ysoserial, which generates payloads that exploit unsafe Java object deserialization. The tool is designed to create payloads that can be used to attack vulnerable Java applications. The tool uses a variety of payloads, including CommonsCollectionsK1,...

CVE-2020-26291

URI.js is a javascript URL mutation library npm package urijs. In URI.js before version 1.19.4, the hostname can be spoofed by using a backslash \ character followed by an at @ character. If the hostname is used in security decisions, the decision may be incorrect. Depending on library usage and...