Lucene search
K

812 matches found

GithubExploit
GithubExploit
added 2026/05/02 9:53 p.m.214 views

v3nomEyE

The All-in-One P1 Bug Bounty Reconnaissance & Exploitation...

5.9AI score
Exploits0
GithubExploit
GithubExploit
added 2026/05/01 6:36 p.m.125 views

IASS-ISP-ASN-Security-Scanner

💀 IASS — ISP ASN Security Scanner Automated reconnaissance &...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/04/30 10:21 a.m.92 views

VAPT-Practice-Labs

🔐 VAPT Practice Labs This repository contains my hands-on Vul...

5.5AI score
Exploits0
GithubExploit
GithubExploit
added 2026/04/28 6:35 p.m.95 views

offensive-security-labs

Offensive Security Labs — Penetration Testing on a Fictional T...

5.6AI score
Exploits0
GithubExploit
GithubExploit
added 2026/04/27 5:51 p.m.106 views

name-Omni

Omni – Autonomous Red Team Lead & Bug Bounty Hunter Powered...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.12 views

Selenium Grid 4.11.0 Selenoid Backend Detection and Safe Session Validation Inspector

The provided Python script is a non-exploit reconnaissance and validation tool designed to identify Selenium Grid or Selenoid deployments exposed via HTTP APIs...

5.2AI score
Exploits0
GithubExploit
GithubExploit
added 2026/04/26 7:34 p.m.94 views

DarkWin-NGASR

🌌 DARKWIN — Next-Gen Automated Security Research Develope...

5.4AI score
Exploits0
GithubExploit
GithubExploit
added 2026/04/26 6:9 p.m.110 views

Advanced-AI-Recon-and-Exploit-Framework

reNgine: The Ultimate Web Reconnaissance & Vulnerability Scanner...

6.1AI score
Exploits0
GithubExploit
GithubExploit
added 2026/04/25 8:50 p.m.121 views

Exploit for CVE-2026-41177

CVE-2026-41177: Squidex CMS Blind SSRF Technical research and...

5.5CVSS5.6AI score0.00329EPSS
Exploits1
NVD
NVD
added 2026/04/24 8:16 a.m.12 views

CVE-2025-11762

The HubSpot All-In-One Marketing - Forms, Popups, Live Chat plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 11.3.32 via the leadin/public/admin/class-adminconstants.php file. This makes it possible for authenticated attackers, with...

4.3CVSS0.00193EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/04/24 12:0 a.m.8 views

Automation-Exploit: A Multi-Agent LLM Framework for Adaptive Offensive Security with Digital Twin-Based Risk-Mitigated Exploitation

The offensive security landscape is highly fragmented: enterprise platforms avoid memory-corruption vulnerabilities due to Denial of Service DoS risks, Automatic Exploit Generation AEG systems suffer from semantic blindness, and Large Language Model LLM agents face safety alignment filters and...

5.5AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/04/23 7:17 p.m.4 views

CVE-2026-41271 Flowise: APIChain Prompt Injection SSRF in GET/POST API Chains

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Server-Side Request Forgery SSRF vulnerability exists in FlowiseAI's POST/GET API Chain components that allows unauthenticated attackers to force the server to make arbitrary HTTP requests t...

7.1CVSS7.2AI score0.00233EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.7 views

PT-2026-34736

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Server-Side Request Forgery SSRF vulnerability exists in FlowiseAI's POST/GET API Chain components that allows unauthenticated attackers to force the server to make arbitrary HTTP requests t...

7.1CVSS7.2AI score0.00233EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2026/04/21 9:58 p.m.118 views

recon2exploit

recon2exploit recon2exploit is a single-file security ass...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/20 7:22 p.m.3 views

CVE-2026-40348

Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can trigger server-side requests to arbitrary internal targets through POST /settings/jellyfin/server-url-verify. The endpoint accepts a user-controlled URL, appends...

7.7CVSS5.9AI score0.00379EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2026/04/20 10:34 a.m.115 views

ExploitIQ

⚡ ExploitIQ Autonomous AI-Powered Penetration Testing Assis...

5.8AI score
Exploits0
NVD
NVD
added 2026/04/18 12:16 a.m.8 views

CVE-2026-40348

Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can trigger server-side requests to arbitrary internal targets through POST /settings/jellyfin/server-url-verify. The endpoint accepts a user-controlled URL, appends...

7.7CVSS0.00379EPSS
Exploits1References4
EUVD
EUVD
added 2026/04/18 12:1 a.m.5 views

EUVD-2026-23617

Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can trigger server-side requests to arbitrary internal targets through POST /settings/jellyfin/server-url-verify. The endpoint accepts a user-controlled URL, appends...

7.7CVSS5.8AI score0.00379EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/04/18 12:1 a.m.11 views

CVE-2026-40348

Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can trigger server-side requests to arbitrary internal targets through POST /settings/jellyfin/server-url-verify. The endpoint accepts a user-controlled URL, appends...

7.7CVSS5.8AI score0.00379EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2026/04/18 12:0 a.m.12 views

Movary 安全漏洞

Movary is a film review program developed by Lee Peuker personally. Versions of Movary prior to 0.71.1 contained security vulnerabilities. These vulnerabilities stemmed from the /settings/jellyfin/server-url-verify endpoint, which allowed user-controlled URLs to initiate server-side HTTP requests...

7.7CVSS5.8AI score0.00379EPSS
Exploits1References2
Rows per page
Query Builder