Lucene search
K

85301 matches found

GithubExploit
GithubExploit
added yesterday33 views

vuln-tracker

🔍 Vulnerability Tracking & Remediation Tracker A Python + SQL...

6.1AI score
Exploits0
GithubExploit
GithubExploit
added yesterday28 views

Exploit for Race Condition in Apple Ipados

CVE-2026-28992 — IOHIDFamily FastPathUserClient PoC Security...

4.7CVSS6.1AI score0.00143EPSS
Exploits1
Github Security Blog
Github Security Blog
added yesterday6 views

Clauster: Non-loopback deployments can serve the dashboard unauthenticated when auth.enabled is unset

Summary A Clauster instance bound to a non-loopback address e.g. 0.0.0.0 or a LAN IP can serve the entire dashboard and its API without any authentication — even when the operator has configured a password — if auth.enabled is left at its default false. The operator believes the instance is...

6.5AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added yesterday8 views

SiYuan: Stored XSS to RCE via attribute-view cell rendering in genAVValueHTML()

Summary The attribute-view database cell renderer genAVValueHTML interpolates cell content raw in four of its branches: text, url, phone, and mAsset. A cell value like or " breaks out of its surrounding tag and runs arbitrary JavaScript in the renderer when the victim opens the block-attribute...

9.9CVSS6.2AI score0.00289EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added yesterday7 views

CredSweeper: Recursive archive size-limit bypass in deep scanner allows crafted compressed inputs to exhaust resources

Summary CredSweeper's deep scanner does not enforce recursivelimitsize as a hard limit. Several recursive scanners fully decompress or fully read attacker-controlled content before the remaining budget is validated, and AbstractScanner.recursivescan continues processing even when the residual...

6.1AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added yesterday7 views

Excelize: Unbounded Row Index Allocation in Worksheet Parser (checkSheet OOM/Panic DoS)

Unbounded Row Index Allocation in Worksheet Parser checkSheet OOM/Panic DoS Summary The checkSheet function in github.com/xuri/excelize/v2 uses an attacker-controlled XML attribute value directly as the length argument to makexlsxRow, row without validating it against the Excel row limit TotalRow...

7.5CVSS6.2AI score0.0007EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added yesterday8 views

SiYuan: Stored XSS to RCE via CSS-snippet <style> breakout in renderSnippet()

Summary A CSS snippet body containing breaks out of its surrounding tag when renderSnippet interpolates it via insertAdjacentHTML. A payload like runs arbitrary JavaScript in the renderer. On Electron desktop builds the renderer runs with nodeIntegration:true, so require'childprocess' is reachabl...

9.9CVSS6.2AI score0.00307EPSS
Exploits0References3Affected Software1
GithubExploit
GithubExploit
added yesterday16 views

Exploit for Improper Input Validation in Motioneye_Project Motioneye

CVE-2025-60787 — motionEye Authenticated RCE Authenticated co...

7.2CVSS6.2AI score0.18993EPSS
Exploits17
GithubExploit
GithubExploit
added yesterday16 views

Apollo_Ultra_Agent

Apollo Ultra for OpenCode Apollo Ultra is an OpenCode configu...

6.1AI score
Exploits0
Github Security Blog
Github Security Blog
added yesterday8 views

libp2p: CPU DoS via oversized IHAVE and IWANT control message arrays

Summary gossipsub processes IHAVE and IWANT control messages by iterating every received message ID synchronously before doing anything with the results. There is no cap on how many IDs a single frame may contain. The default LP frame limit is 4MB, which fits roughly 180,000 message IDs. Iteratin...

7.5CVSS6.2AI score0.00446EPSS
Exploits0References6Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday5 views

Malicious code in express-session-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 076f813c0d0a60ee43f7a73f8aad609e5043cd8d92b57b5c3c3c08954accbb4f The package impersonates the popular express-session library by copying its name pattern, author metadata TJ Holowaychuk , and repository field...

6.5AI score
Exploits0References4
GithubExploit
GithubExploit
added yesterday30 views

Exploit for Argument Injection in Gnu Inetutils

🔥 Abyssal CVE-2026-24061 Telnet Vulnerability Scanner & Exp...

9.8CVSS7AI score0.98871EPSS
Exploits62
The Hacker News
The Hacker News
added yesterday6 views

Researcher Details WhatsApp-to-Host Attack Chain Using Three OpenClaw Flaws

Details have emerged about three now-patched security flaws in the OpenClaw personal artificial intelligence AI assistant that, if successfully exploited, could enable credential theft, privilege escalation, and arbitrary code execution on the host. A brief description of the high-severity...

6.6AI score
Exploits0
GithubExploit
GithubExploit
added yesterday31 views

patchtriage

PatchTriage !CIhttps://github.com/d01ki/patchtriage/actio...

7.2CVSS6.7AI score0.2241EPSS
Exploits3
GithubExploit
GithubExploit
added yesterday24 views

AI-Pentest

Auto Pentest Platform Platform otomasi penetration testing de...

6.1AI score
Exploits0
GithubExploit
GithubExploit
added yesterday24 views

cve-reverser

cve-reverser Reverse publicly disclosed WordPress plugin CV...

6.1AI score
Exploits2
GithubExploit
GithubExploit
added yesterday28 views

Exploit for Out-of-bounds Write in Mediatek Software_Development_Kit

CVE-2025-20720 — PolyShell: Magento 2 Unauthenticated File Uploa...

8.8CVSS6.5AI score0.00243EPSS
Exploits1
RedhatCVE
RedhatCVE
added yesterday4 views

CVE-2026-54528

A flaw was found in JupyterLab Git, a Git extension for JupyterLab. This vulnerability allows an authenticated user on a case-insensitive filesystem to bypass administrator-configured excluded paths by varying the case of the URL path segment. This bypass enables the user to read file content, vi...

7.1CVSS6AI score0.00285EPSS
Exploits0References6
GithubExploit
GithubExploit
added yesterday33 views

AVE

AVE Public Repository This directory is used for independentl...

5.9AI score
Exploits0
NCSC
NCSC
added yesterday4 views

Vulnerabilities managed in GitLab Enterprise Edition and Community Edition

GitLab has identified several vulnerabilities in GitLab Enterprise Edition EE and Community Edition CE versions ranging from 9.1 to 18.11.7, 19.0 to 19.0.4, and 19.1 to 19.1.2. The vulnerabilities include: - Creating repositories with discrepancies between the web interface and the actual...

8.7CVSS6.1AI score0.00282EPSS
Exploits0References1
Rows per page
Query Builder