Red-MIRROR: Agentic LLM-Based Autonomous Penetration Testing with Reflective Verification and Knowledge-Augmented Interaction

Web applications remain the dominant attack surface in cybersecurity, where vulnerabilities such as SQL injection, XSS, and business logic flaws continue to cause significant data breaches. While penetration testing is effective for identifying these weaknesses, traditional manual approaches are...

penetration-testing-reports

penetration-testing-reports A collection of penetration testin...

JesterSploit

JesterSploit – Advanced WiFi Penetration Testing Framework !...

@clerk/agent-toolkit (>=0.3.1-canary.v20260303211310 <=0.3.16-snapshot.v20260416221307), @clerk/astro (>=3.0.1-canary.v20260303211310 <=3.0.19-canary.v20260422163039) +9 more potentially affected by CVE-2026-34076 via @clerk/backend (>=3.0.0 <=3.2.3-snapshot.v20260327200941)

@clerk/backend NPM version =3.0.0, =0.3.1-canary.v20260303211310, =3.0.1-canary.v20260303211310, =2.0.1-canary.v20260303211310, =3.0.1-canary.v20260303211310, =0.0.3-canary.v20260303211310, =7.0.1-canary.v20260303211310, =2.0.1-canary.v20260303211310, =3.0.1-canary.v20260303211310,...

Machine Learning Transferability for Malware Detection

Malware continues to be a predominant operational risk for organizations, especially when obfuscation techniques are used to evade detection. Despite the ongoing efforts in the development of Machine Learning ML detection approaches, there is still a lack of feature compatibility in public...

@activepieces/piece-google-gemini (=0.1.6), @activepieces/piece-google-vertexai (=0.1.2) +9 more potentially affected by CVE-2026-33750 via brace-expansion (>=2.0.0 <=2.0.2)

brace-expansion NPM version =2.0.0, =0.2.1, =1.16.0, =1.0.1, =0.0.20, =15.0.0 - fluid-webdriver =1.1.2 - nx-cargo =1.0.0-alpha.2 Source cves: CVE-2026-33750 Source advisory: SNYK:JS-BRACEEXPANSION-15789759...

@activepieces/piece-google-gemini (=0.1.6), @activepieces/piece-google-vertexai (=0.1.2) +9 more potentially affected by CVE-2026-33750 via brace-expansion (>=2.0.0 <=2.0.2)

brace-expansion NPM version =2.0.0, =0.2.1, =1.16.0, =1.0.1, =0.0.20, =15.0.0 - fluid-webdriver =1.1.2 - nx-cargo =1.0.0-alpha.2 Source cves: CVE-2026-33750 Source advisory: OSV:GHSA-F886-M6HF-6M8V...

CVE-2026-32573

Improper Control of Generation of Code 'Code Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through = 8.2.7...

Malicious code in pacbot (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 77976a83e69cb239c03d7d5f13eefeaa61eaae708c066a584609d8b7d8a932bd Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

CVE-2026-33502

WWBN AVideo is an open source video platform. In versions up to and including 26.0, an unauthenticated server-side request forgery vulnerability in plugin/Live/test.php allows any remote user to make the AVideo server send HTTP requests to arbitrary URLs. This can be used to probe...

[Webinar] Stop Guessing. Learn to Validate Your Defenses Against Real Attacks

Most teams have security tools in place. Alerts are firing, dashboards look clean, threat intel is flowing in. On the surface, everything feels under control. But one question usually stays unanswered: Would your defenses actually stop a real attack? That’s where things get shaky. A control exist...

Exploit for Argument Injection in Gnu Inetutils

Telnet Vulnerability Scanner CVE-2026-24061 & CVE-2026-32746...

Caido-Plugin

Github • Documentation &nbsp...

Exploit for CVE-2026-3891

⚠️ CVE-2026-3891 - Test Pix for WooCommerce Security !Downl...

AppSec-Penetration-Testing-Lab

🔐 AppSec Penetration Testing Lab A hands-on application sec...

EUVD-2026-15931

Improper Control of Generation of Code 'Code Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through = 8.2.7...

CVE-2026-32573

Improper Control of Generation of Code 'Code Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through = 8.2.7...

CVE-2026-32573

CVE-2026-32573 is an RCE/vulnerability in the WordPress Nelio AB Testing plugin, affecting Nelio AB Testing versions up to and including 8.2.7. The issue is described as Improper Control of Generation of Code (Code Injection) that can lead to remote code execution. Multiple connected sources (NVD...

CVE-2026-32573 WordPress Nelio AB Testing plugin <= 8.2.7 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through = 8.2.7...

CVE-2026-32573 WordPress Nelio AB Testing plugin <= 8.2.7 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through = 8.2.7...