274450 matches found
React Native Community CLI remote command execution
Added: 02/04/2026 Background React Native is a framework for building mobile JavaScript applications. React Native Community CLI is a collection of command line tools that help developers build React Native mobile applications. Problem A vulnerability in React Native Community CLI when running wi...
windows 10/11 - NTLM Hash Disclosure Spoofing
Exploit Title: windows 10/11 - NTLM Hash Disclosure Spoofing Date: 2025-10-06 Exploit Author: Beatriz Fresno Naumova Vendor Homepage: https://www.microsoft.com Software Link: N/A Version: Not applicable this is a generic Windows library file behavior Tested on: Windows 10 x64 / Windows 11 x64 lab...
FortiWeb Fabric Connector 7.6.x - SQL Injection to Remote Code Execution
Exploit Title: FortiWeb Fabric Connector 7.6.x - Pre-authentication SQL Injection to Remote Code Execution Date: 2025-10-05 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Tested on: Win, Ubuntu CVE : CVE-2025-25257 Overvi...
Redis 8.0.2 - RCE
Exploit Title: Ingress-NGINX Admission Controller v1.11.1 - FD Injection to RCE Date: 2025-10-07 Exploit Author: Beatriz Fresno Naumova Vendor Homepage: https://redis.io/ Software Link: https://redis.io/ Version: Affects := 8.0.0, 8 + p8size & 0xff def buildmalformedhll: """ Construct a malformed...
OctoPrint 1.11.2 - File Upload
Exploit Title: OctoPrint 1.11.2 - File Upload Date: 2025-09-28 Exploit Author: prabhatverma.addada Vendor Homepage: https://octoprint.org Software Link: https://github.com/OctoPrint/OctoPrint Affected Versions: = 1.11.2 Patched Versions: 1.11.3 CVE: CVE-2025-58180 CVSS per advisory: 7.5 Platform:...
Docker Desktop 4.44.3 - Unauthenticated API Exposure
Exploit Title: Docker Desktop 4.44.3 - Unauthenticated API Exposure Date: 2025-10-06 Exploit Author: OilSeller2001 Vendor Homepage: https://www.docker.com/ Software Link: https://www.docker.com/products/docker-desktop/ Version: Affected on Windows and macOS versions prior to 4.44.3 Tested on:...
Ingress-NGINX Admission Controller v1.11.1 - FD Injection to RCE
Exploit Title: Ingress-NGINX Admission Controller v1.11.1 - FD Injection to RCE Date: 2025-10-07 Exploit Author: Beatriz Fresno Naumova Vendor Homepage: https://kubernetes.io Software Link: https://github.com/kubernetes/ingress-nginx Version: Affects v1.10.0 to v1.11.1 potentially others Tested o...
aiohttp 3.9.1 - directory traversal PoC
Exploit Title: Python aiohttp directory traversal PoC CVE-2024-23334 Google Dork: N/A Date: 2025-10-06 Exploit Author: Beatriz Fresno Naumova Vendor Homepage: https://www.aiohttp.org / https://www.python.org Software Link: https://github.com/aio-libs/aiohttp vulnerable tag: 3.9.1 Version: aiohttp...
Exploit for CVE-2026-24854
CVE-2026-24854 – ChurchCRM Authenticated Numeric SQL Injection...
Exploit for CVE-2026-25130
CVE-2026-25130 – Cybersecurity AI CAI Framework Argument Inj...
Exploit for Out-of-bounds Write in Netapp C400_Firmware
🔐 SLUBSTICK Exploitation Research Demonstrating Race Con...
Exploit for Argument Injection in Gnu Inetutils
🔒 CVE-2026-24061 - Exploit Critical Authentication Flaw 🚀...
Exploit for Server-Side Request Forgery in Rbaskets Request_Baskets
CVE-2023-27163---Maltrail-0.53---RCE...
Exploit for Server-Side Request Forgery in Rbaskets Request_Baskets
CVE-2023-27163---SSRF-Baskets-Reques...
Exploit for Code Injection in Vmware Spring_Framework
No d...
openclaw-security-quiz
🔒 Security & Best Practices Quiz A mobile-friendly quiz app w...
Exploit for Improper Input Validation in Boa Boa_Webserver
BOA Router Exploit Framework !Python Versionhttps://img...
Exploit for CVE-2026-25746
CVE-2026-25746 - SQL Injection Vulnerability in OpenEMR Weak...
Exploit for Path Traversal in Tuzitio Camaleon_Cms
CVE-2024-46987: Automated Path Traversal !Vulnerability Type...
Exploit for Deserialization of Untrusted Data in Facebook React
RSC Sentinel CVE-2025-55182 Next.js / React Server Components...