Exploit for CVE-2026-44403

Wing FTP Server v8.1.2 contains a Remote Code Execution RCE vu...

Exploit for CVE-2026-35330

CVE-2026-35330 strongSwan EAP-SIM / EAP-AKA attribute parser...

anti-hacking

🛡️ anti-hacking: Comprehensive Defensive Security Knowledge Ba...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

██████╗ ██████╗ ██████╗...

Exploit for CVE-2026-42945

NGINX Rift RCE Proof of concept for CVE-2026-42945, a cri...

Exploit for CVE-2026-42945

NGINX Rift Configuration Scanner Language: Chinese | English...

Exploit for Improper Access Control in Langfuse

CVE-2026-24055 — Unauthenticated Slack OAuth Install in Langfu...

Exploit for Out-of-bounds Read in Microsoft

CVE-2025-24055 — Unauthenticated Slack OAuth Install in Langfu...

Windows-pentest-lab

Windows-pentest-lab Penetration testing and vulnerability asse...

Exploit for CVE-2026-4060

CVE-2026-4060 — Geo Mashup ≤ 1.13.18 Unauthenticated SQL Injec...

knet-exploit-2013

KNet Web Server 1.04b Remote...

minalic-exploit-2013

MinaliC Webserver version...

pkexec-exploit-2011

Linux pkexec and polkitd...

ePati Antikor NGFW 2.0.1301 - Authentication Bypass

Exploit Title: ePati Antikor NGFW 2.0.1301 - Authentication Bypass Date: 2026-04-13 Exploit Author: SADIK ERTÜRK Vendor Homepage: https://www.epati.com.tr/ Software Link: https://www.epati.com.tr/antikor-ngfw/ Version: v.2.0.1298 - v.2.0.1301 Tested on: Linux / Antikor OS CVE: CVE-2026-2624 impor...

PJPROJECT 2.16 - Heap Bufferoverflow

Exploit Title: PJPROJECT 2.16 - Heap Bufferoverflow Google Dork: CVE-2026-25994 PJSIP PJNATH pjsip ≤ 2.16 Date: Apr 6 2026 Exploit Author: V.Nos - BinSmaser Team Vendor Homepage: https://github.com/pjsip/pjproject Software Link: https://github.com/VABISMO/cve-2026-25994PJSIP Version: rxufrag; -...

Apache HertzBeat 1.8.0 - Remote Code Execution

Exploit Title: Apache HertzBeat 1.8.0 - Remote Code Execution Google Dork: N/A Date: 2026-03-09 Exploit Author: Brett Gervasoni Vendor Homepage: https://hertzbeat.apache.org/ Software Link: https://github.com/apache/hertzbeat/releases Version: 1.8.0 Tested on: Linux Docker; official HertzBeat...

WordPress Plugin Supsystic Contact Form 1.7.36 - SSTI

Exploit Title: WordPress Plugin Supsystic Contact Form 1.7.36 - SSTI Date: 3/30/2026 Exploit Author: bootstrapbool Vendor Homepage: https://supsystic.com/plugins/contact-form-plugin/ Software Link: https://wordpress.org/plugins/contact-form-by-supsystic/ Version: str: try: res = requests.geturl...

📄 PJPROJECT 2.16 Buffer Overflow

PJPROJECT versions 2.16 and below suffer from a heap buffer overflow vulnerability. Exploit Title: PJPROJECT 2.16 - Heap Bufferoverflow Google Dork: CVE-2026-25994 PJSIP PJNATH pjsip ≤ 2.16 Date: Apr 6 2026 Exploit Author: V.Nos - BinSmaser Team Vendor Homepage: https://github.com/pjsip/pjproject...

📄 WordPress Supsystic Contact Form 1.7.36 Server-Side Template Injection

Proof of concept code execution exploit for a server-side template injection vulnerability in WordPress Supsystic Contact Form plugin versions 1.7.36 and below Exploit Title: WordPress Plugin Supsystic Contact Form 1.7.36 - SSTI Date: 3/30/2026 Exploit Author: bootstrapbool Vendor Homepage:...

📄 Apache HertzBeat 1.8.0 Remote Command Execution

Apache HertzBeat version 1.8.0 suffers from a remote command execution vulnerability via the scriptCommand parameter in a monitoring template definition. Exploit Title: Apache HertzBeat 1.8.0 - Remote Code Execution Google Dork: N/A Date: 2026-03-09 Exploit Author: Brett Gervasoni Vendor Homepage...