Exploit for CVE-2026-45672

CVE-2026-45672 Overview The Open WebUI platform, designe...

Exploit for Heap-based Buffer Overflow in Microsoft

CVE-2026-41096 Overview CVE-2026-41096 is a critical secu...

Exploit for Unrestricted Upload of File with Dangerous Type in Stefanprodan Podinfo

CVE-2025-70849: Stored XSS in Podinfo Summary A security v...

KonR

KonR Hierarchical multi-agent AI penetration testing system p...

Exploit for Improper Input Validation in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

log4j-vuln-demo Intentionally vulnerable demo image for Sys...

Exploit for Missing Authentication for Critical Function in Coreweave Marimo

CVE-2026-39987 - Marimo Pre-Auth RCE Unauthenticated Remote...

A033

No d...

disclosures

Delphos Labs - Vulnerability Disclosures Public vulnerability...

Exploit for Improper Handling of Exceptional Conditions in Newtonsoft Json.Net

Browser + CLI Demo NuGet/C — .NET 7 Edition Why a .NET...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

copyfail — CVE-2026-31431 4-byte page-cache write primitive →...

Exploit for CVE-2012-3152

Oracle Reports rwservlet Scanner ⚠️ For authorized use on...

Vulnerability-Scanner-using-Ollama-3-

Vulnerability Scanning & Exploitation Toolkit A Python-based...

Exploit for OS Command Injection in Vsftpd_Project Vsftpd

CVE-2011-2523 🚀 Usage This poc script allows you t...

Exploit for CVE-2026-0532

CVE-2026-0...

Tenable Security Center

This module collects credentials and setup information from Tenable Security Center. root or TNS user permissions are required. We don't utilize SC's builtin backup functionality as that requires SC to be shut down. The module works in 2 phases: Phase 1: gather all passwords which can be decrypte...

HUSTOJ Admin users can zip-slip problem_import_qduoj.php, planting PHP files in webroot for RCE

A user with administrative privileges can abuse the problemimportqduoj.php CGI script using a crafted zip file zip-slip to traverse backwards through the filesystem, then to the webroot, where they can extract a PHP file that spawns a shell to get full RCE in the context of the webserver. Module...

Cisco Catalyst SD-WAN Controller vHub Authentication Bypass

This module exploits an authentication bypass vulnerability CVE-2026-20182 in the Cisco Catalyst SD-WAN Controller. The vdaemon DTLS control-plane service performs no certificate or credential verification for connecting peers that claim to be a vHub device type 2. The vbondprocchallengeack...

DirtyFrag-Linux-Kernel-Local-Privilege-Escalation-Educational-Mirror-

Dirty Frag: Universal Linux LPE Abstract !tuxasse...

Exploit for Improper Access Control in Getgrav Grav-Plugin-Admin

CVE-2021-21425 - GravCMS Unauthenticated RCE Unauthenticated...

Exploit for CVE-2025-9074

🐚 docker-shell A lightweight, dependency-free bash script tha...