1321 matches found
DMonitor 1.0.3 Outbound Connection / Port Configuration Auditor
This Python script is an outbound connection and port configuration auditor for DMonitor version 1.0.3...
Malicious code in ethers-signing-key (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6735be7311be4f6b4f609762cfb77504fe141bc9d8d5b5c0a75d521119aa2fa The package's npm postinstall hook executes a one-liner that uses childprocess.exec to curl/wget an unpinned Python script from a personal user's...
MAL-2026-3761 Malicious code in ethers-signing-key (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6735be7311be4f6b4f609762cfb77504fe141bc9d8d5b5c0a75d521119aa2fa The package's npm postinstall hook executes a one-liner that uses childprocess.exec to curl/wget an unpinned Python script from a personal user's...
Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation
Google on Monday disclosed that it identified an unknown threat actor using a zero-day exploit that it said was likely developed with an artificial intelligence AI system, marking the first time the technology has been put to use in the wild in a malicious context for vulnerability discovery and...
Apache mod_http2 Double-Free Detector
This is a python script that assist with detecting whether or not a server is vulnerable to the Apache modhttp2 double-free vulnerability...
ex-kernel
EXPLOIT KERNEL LINUX Installation gu...
exploit-db-skill
Exploit-DB Skill Cross-Platform Small cross-platform helper...
Windows Persistence via UserInitMprLogonScript Registry Key
This Python script demonstrates a Windows persistence technique based on modifying the HKCU\Environment\UserInitMprLogonScript registry value, which allows execution of a program each time the user logs in...
Exploit for SQL Injection in Cmsmadesimple Cms_Made_Simple
-CVE-201...
π OpenClaw 2026.3.13 MEDIA Protocol File Disclosure
This Python script is a security exploitation tool targeting the OpenClaw system integrated with Discord. It attempts to exfiltrate sensitive files from a victim environment by abusing a MEDIA: prompt injection mechanism...
CVE-2026-41264
Flowise CVE-2026-41264 affects the Flowise CSV Agent node. The flaw is in the run method of the CSV_Agents class, where an LLM-generated Python script is evaluated without proper sandboxing, enabling prompt-injection to cause execution of attacker-controlled commands on the Flowise server. This a...
CVE-2026-41265
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the specific flaw exists within the run method of the AirtableAgents class. The issue results from the lack of proper sandboxing when evaluating an LLM generated python script. Using prompt...
Grav CMS Authenticated Scanner
This Python script is a safe, read-only scanner designed to detect whether a target running Grav CMS with its Admin plugin may be vulnerable to CVE-2025-50286, based purely on version analysis...
EspoCRM 9.3.3 API Security Audit Tool
This Python script is a lightweight, non-invasive security audit tool designed to test the API surface of EspoCRM version 9.3.3...
DNG File Generator with Malformed Metadata
This Python script generates a custom DNG Digital Negative image file by manually constructing TIFF/DNG structures, including headers, Image File Directories IFDs, and metadata tags...
DNG File Fuzzer for Robustness
This Python script is a mutation-based fuzzing tool designed to test the robustness of DNG Digital Negative / TIFF-based file parsers by generating large numbers of corrupted or semi-valid image files. It works by starting from a minimal valid DNG structure, then applying random mutations to...
Exploit for CVE-2004-2687
The goal of this script NOT to use Metasplo...
PT-2026-34743
Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.0 Description An issue exists in the run method of the Airtable Agents class due to insufficient sandboxing when evaluating Python scripts generated by a Large Language Model LLM. An unauthenticated attacker can u...
Eclipse Che Machine-Exec WebSocket Service Exposure Detector
This Python script is a lightweight security detection tool designed to identify potentially exposed or misconfigured machine-exec WebSocket services associated with Eclipse Che running on port 3333...
GLPI 10.0.18 Log Exposure Probe Script Directory Leak Detection
This Python script is designed to assess a GLPI application for potential information disclosure vulnerabilities, specifically focusing on exposed log files and sensitive directories...