📄 Forcepoint One Endpoint macOS 25.08.5008 DLP Bypass

Forcepoint One Endpoint DLP Endpoint for macOS version 25.08.5008 with DLP Policy Engine version 10.2.0.298 allows a local standard non-admin user to bypass DLP content inspection and policy enforcement by sending SIGSTOP to user-owned browser helper processes Websense Endpoint Helper,...

📄 Ghost CMS 6.19.0 SQL Injection

Ghost CMS versions 3.24.0 through 6.19.0 suffer from a remote SQL injection vulnerability via the content API. Exploit Title: Ghost CMS Unauthenticated SQLi via Content API Date: 2026-03-30 Exploit Author: Maksim Rogov Exploit Licence: GPL-3.0 Software Link: https://ghost.org/ Version: Ghost =...

📄 Bludit CMS Shell Upload

Bludit CMS versions prior to 3.18.4 have an unrestricted API file upload vulnerability that allows for remote code execution. Exploit Title: Bludit CMS . The uploadFile function performs no file extension or content validation, allowing upload of PHP webshells that execute as www-data. The API...

📄 LuaJIT 2.1.1774638290 Arbitrary Code Execution

LuaJIT's Foreign Function Interface FFI provides unrestricted access to native C functions including syscall, mmap, mprotect and arbitrary shared library loading. When FFI is accessible to untrusted Lua code in embedding scenarios OpenResty, Redis, game engines, IoT, an attacker can achieve...

Exploit for SQL Injection in Ghost

CVE-2026-26980 👻 Ghost CMS Unauthenticated SQLi via Content...

Exploit for Exposure of Resource to Wrong Sphere in Linuxfoundation Containerd

ZipSlip Container Escape Vulnerability in containerd CVE...

fissure

No d...

Exploit for Exposure of Resource to Wrong Sphere in Linuxfoundation Containerd

ZipSlip Container Escape Vulnerability in containerd CVE...

Exploit for Out-of-bounds Read in Microsoft

!CVEhttps://img.shields.io/badge/CVE-2025--60709-FF0000?styl...

Exploit for Code Injection in Craftcms Craft_Cms

CVE-2025-23209 For authorized security testing and research e...

Exploit for Missing Authentication for Critical Function in Mcpjam Inspector

CVE-2026-23744 — MCP Connect RCE via Unauthenticated Command I...

CVE-TOTOLINK-A800R

TOTOLINK A800R V5.9c.681 - Multiple Vulnerabilities Affect...

Exploit for Server-Side Request Forgery in Apache Cxf

Apache CXF XOP Include LFI CVE-2022-46364 Overview This...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

CVE PoC Search Engine English | 中文READMECN.m...

Exploit for OS Command Injection in Hoverfly

CVE-2025-54123 A PoC demonstrating a RCE in Hoverfly version...

Exploit for OS Command Injection in Hoverfly

CVE-2025-54123 Exploit Hoverfly Authenticated Middleware Comm...

Wa3r-OffSec-Kit

🔐 Wa3r-OffSec-Kit - Practical Security Tools and Notes !Dow...

Exploit for Server-Side Request Forgery in Apache Cxf

CVE-2022-46364 Exploit Apache CXF SSRF via MTOM XOP:Include |...

Exploit for Path Traversal in Isaacs Tar

🛡️ CVE-2026-31802 - Simple Proof of Concept Viewer !Downloa...

Exploit for Missing Authentication for Critical Function in Mcpjam Inspector

CVE-2026-23744 - Kobold Exploit Full chain exploit for the Ko...