CLEANSTART-2026-FK40318 Security fixes for CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33186, CVE-2026-33747, CVE-2026-33748, CVE-2026-34040, CVE-2026-39882, CVE-2026-39883, ghsa-4c29-8rgm-jvjj, ghsa-4vrq-3vrq-g6gg, ghsa-hfvc-g4fc-pqhx, ghsa-p77j-4mvh-x3m3, ghsa-w8rr-5gcm-pp58 applied in versions: 5.1.0-r0

Multiple security vulnerabilities affect the docker-compose package. These issues are resolved in later releases. See references for individual vulnerability details...

Exploit for Improper Input Validation in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

🚀 Automated Log4Shell CVE-2021-44228 Play & Plug Lab An aut...

SECpocs

Next.js React Server Components RCE Exploit Exploits CVE-2025...

PT-2026-41141

Name of the Vulnerable Software and Affected Versions Portainer Community Edition versions 2.33.0 through 2.33.7 Portainer Community Edition versions 2.39.0 through 2.39.1 Portainer Community Edition versions prior to 2.41.0 Description Portainer supports deploying stacks from Git repositories...

Fedora 45 : docker-compose (2026-f5bc7ff320)

The remote Fedora 45 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-f5bc7ff320 advisory. Automatic update for docker-compose-5.1.3-1.fc45. Changelog Wed Apr 15 2026 Bradley G Smith - 5.1.3-1 - Update to release v5.1.3 - Resolves...

Exploit for Server-Side Request Forgery in Internlm Lmdeploy

CVE-2026-33626 — LMDeploy Vision-Language SSRF Lab Overvie...

PT-2026-39734

Name of the Vulnerable Software and Affected Versions SOCFortress CoPilot versions prior to 0.1.57 Description The application contains a hardcoded JSON Web Token JWT signing secret used as a fallback value in the backend/app/auth/utils.py file and the .env.example file. In deployments where the...

Exploit for Improper Input Validation in Postgresql

CVE-2018-1058 — PostgreSQL Search Path Demonstration This rep...

CVE-2026-39882 affecting package docker-compose for versions less than 2.27.0-9

CVE-2026-39882 affecting package docker-compose for versions less than 2.27.0-9. A patched version of the package is available...

CVE-2026-41930

Vvveb before version 1.0.8.2 contains a hard-coded credentials vulnerability in its docker-compose-apache.yaml configuration that allows unauthenticated attackers to access the bundled phpMyAdmin container with pre-configured database credentials. Attackers can connect to the phpMyAdmin port to...

vulnerability-lab

🔐 Vulnerability Lab Buffer Overflow + SQLi ⚠️ FOR EDUCATI...

aerobi-poc

Aerobi POC — Simulação local de monitoramento de câmeras Labo...

CVE-2026-41930

Vvveb before version 1.0.8.2 contains a hard-coded credentials vulnerability in its docker-compose-apache.yaml configuration that allows unauthenticated attackers to access the bundled phpMyAdmin container with pre-configured database credentials. Attackers can connect to the phpMyAdmin port to...

CVE-2026-41930

Vvveb

CVE-2026-41930

Vvveb before version 1.0.8.2 contains a hard-coded credentials vulnerability in its docker-compose-apache.yaml configuration that allows unauthenticated attackers to access the bundled phpMyAdmin container with pre-configured database credentials. Attackers can connect to the phpMyAdmin port to...

CVE-2026-41930 Vvveb < 1.0.8.2 Hard-coded Credentials Information Disclosure via phpMyAdmin

Vvveb before version 1.0.8.2 contains a hard-coded credentials vulnerability in its docker-compose-apache.yaml configuration that allows unauthenticated attackers to access the bundled phpMyAdmin container with pre-configured database credentials. Attackers can connect to the phpMyAdmin port to...

PT-2026-38219

Name of the Vulnerable Software and Affected Versions Vvveb versions prior to 1.0.8.2 Description A hard-coded credentials issue exists in the docker-compose-apache.yaml configuration. This allows unauthenticated attackers to access the bundled phpMyAdmin container using pre-configured database...

Vvveb 访问控制错误漏洞

Vvveb is a powerful and easy-to-use CMS developed by Givan’s individual developers. It is used to build websites, blogs, or e-commerce stores. Versions of Vvveb prior to 1.0.8.2 contained an access control vulnerability. This vulnerability stemmed from hard-coded credentials in the...

Astra Linux – Vulnerability in docker.io-app

Docker Compose relies on the path information embedded in remote OCI Compose artifacts. When a layer includes the annotations com.dockercompose.extends or com.dockercompose.envfile, Compose incorporates the value provided by the attacker from com.dockercompose.file/com.dockercompose.envfile into...

unicas_docker_exploit

Cyber-Range Didattico in Docker / Educational Docker Cyber-Ran...