dbus-security-poc

No d...

lightweight-msf

Lightweight-MSF !License: MIThttps://img.shields.io/badge...

📄 listmonk Session Persistence

listmonk has a flaw where sessions persist as valid after password reset and password change. CVE-2026-34828 listmonk’s Session Persistence After Password Reset and Password Change Intro I found this issue while reviewing listmonk, an open-source newsletter and mailing list manager, with a simple...

📄 Bloomberg Memray Cross Site Scripting

Bloomberg Memray prior to versions 1.19.2 rendered the command line of the tracked process directly into generated HTML reports without escaping, allowing for cross site scripting attacks. CVE-2026-32722 Bloomberg Memray’s Stored XSS via Unescaped Command-Line Metadata Intro I found this issue...

📄 Langflow 1.8.4 File Write / Traversal / Remote Code Execution

Langflow versions 1.8.4 and below have an issue where the POST /api/v2/files endpoint does not sanitize the filename parameter from the multipart form data, allowing an attacker to write files to arbitrary locations on the filesystem using path traversal sequences. When Langflow runs with...

Exploit for External Control of File Name or Path in Microsoft

No d...

Exploit for Out-of-bounds Read in Citrix Netscaler_Application_Delivery_Controller

CVE-2026-3055 NetScaler SAML IdP check Python helper to probe...

VulnHawk

🛡️ VulnHawk — OWASP Top 10 Web Vulnerability Scanner...

MyPortIO-Exploit

MyPortIO-Exploit Local privilege escalation via arbitrary phy...

Exploit for Path Traversal in Apache Http_Server

🚀 AutoReconAI – Intelligent Vulnerability Scanner & Exploit Re...

Exploit for Improper Handling of Exceptional Conditions in Sudo_Project Sudo

🐧 Linux Privilege Escalation Structured notes from the TCM...

CVEs

...

Exploit for CVE-2026-30332

CVE-2026-30332 Description A Time-of-Check to Time-of-Use...

Exploit for CVE-2026-5201

CVE-2026-5201 Heap-based buffer overflow in gdk-pixbuf JPEG...

Exploit for CVE-2025-48757

Vibe Coding Security Scanner A security audit skill for AI-as...

exploitdb

No d...

Exploit for CVE-2025-2783

Chromium CVE-2025-2783: Sandbox Escape & Full-Chain RCE Exploi...

privyctf

No d...

Exploit for OS Command Injection in Gnu Bash

AppAssault Lab — Attacking Common Applications ╔═════...

📄 MetInfo CMS 8.1 Code Injection

MetInfo CMS versions 8.1 and below suffer from a PHP code injection vulnerability in weixinreply.class.php. --------------------------------------------------------------------------- MetInfo CMS = 8.1 weixinreply.class.php PHP Code Injection Vulnerability...