Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4 matches found

Packet Storm
Packet Stormadded 2026/04/23 12:0 a.m.46 views

📄 Hoverfly 1.11.3 Remote Command Execution

This Python script is an exploitation tool targeting a vulnerable Hoverfly API endpoint, specifically the /api/v2/hoverfly/middleware functionality, which allows execution of user-supplied input through a backend binary...

5.9AI score
Exploits0
GithubExploit
GithubExploitadded 2026/03/30 10:58 p.m.77 views

Exploit for OS Command Injection in Hoverfly

CVE-2025-54123 - Hoverfly Command Injection RCE PoC CVE-2...

9.8CVSS6.4AI score0.50933EPSS
Exploits6
SUSE CVE
SUSE CVEadded 2025/09/19 11:22 p.m.1 views

SUSE CVE-2025-54123

Hoverfly is an open source API simulation tool. In versions 1.11.3 and prior, the middleware functionality in Hoverfly is vulnerable to command injection vulnerability at /api/v2/hoverfly/middleware endpoint due to insufficient validation and sanitization in user input. The vulnerability exists i...

9.8CVSS9.4AI score0.50933EPSS
Exploits6References2
Positive Technologies
Positive Technologiesadded 2025/09/10 12:0 a.m.1 views

PT-2025-37088

Name of the Vulnerable Software and Affected Versions: Hoverfly versions 1.11.3 and prior Description: Hoverfly is vulnerable to a command injection issue at the /api/v2/hoverfly/middleware endpoint due to insufficient validation and sanitization of user input. This vulnerability stems from a...

9.8CVSS7.7AI score0.50933EPSS
Exploits14References56
Rows per page
Query Builder