CVE-2026-54236

creationtimestamp| type| source ---|---|--- 2026-06-21 23:10:21+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-54236.yaml 2026-06-23 00:30:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mow5iusltg2q...

CVE-2026-50230

creationtimestamp| type| source ---|---|--- 2026-06-12 02:49:16+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-50230.yaml...

Nuclei 3.9.0

Nuclei is a modern, high-performance vulnerability scanner that leverages simple YAML-based templates. It empowers you to design custom vulnerability detection scenarios that mimic real-world conditions, leading to zero false positives...

CVE-2026-25527

creationtimestamp| type| source ---|---|--- 2026-06-05 01:02:06+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-25527.yaml...

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via insufficient validation of query parameters used in JSP file creation. An attacker can execute arbitrary code on the server by supplying crafted query parameters that cause a JSP file containing...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Strapi

CVE-2026-27886 Strapi PoC For authorized security testing o...

Exploit-Databases

💥 Exploits Database & PoC Resources Koleksi exploit databas...

GodSearch

󰓾 GodSearch v20.0 — THE SOVEREIGN 💀 Universal Exploit Sear...

-GodSearch

󰓾 GodSearch v20.0 — THE SOVEREIGN 💀 Universal Exploit Sear...

CVE-2026-39352

creationtimestamp| type| source ---|---|--- 2026-05-25 09:50:58+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-39352.yaml...

CVE-2024-9362

creationtimestamp| type| source ---|---|--- 2026-05-23 14:18:54+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-9362.yaml...

GO-2026-4965 Nuclei: Local File Read via require() Module Loader Bypass in github.com/projectdiscovery/nuclei

Nuclei: Local File Read via require Module Loader Bypass in github.com/projectdiscovery/nuclei...

CVE-2026-47668

creationtimestamp| type| source ---|---|--- 2026-05-20 09:31:29+00:00| published-proof-of-concept| https://github.com/dbgate/dbgate/security/advisories/GHSA-8v3q-9vmx-36vc 2026-05-20 13:24:13+00:00| confirmed|...

CVE-2026-46372

creationtimestamp| type| source ---|---|--- 2026-05-20 08:35:00+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-46372.yaml 2026-05-29 23:00:43+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmznc7rrtw23...

PT-2026-42369

Nuclei: Local File Read via require Module Loader Bypass in github.com/projectdiscovery/nuclei...

eip-mcp

Exploit Intel Platform MCP Server Package/command: eip-mcp...

cve-arsenal

CVE Arsenal Automated CVE exploit scanners and Nuclei templat...

cve-poc-nuclei

CVE PoC & Nuclei Templates Auto-generated from t...

CVE-2026-41646

A flaw was found in Nuclei. A vulnerability in Nuclei's JavaScript protocol runtime allows JavaScript templates to read local .js and .json files. This can be exploited by an attacker through the require function, bypassing default local file access restrictions, leading to information disclosure...

Exploit for Server-Side Request Forgery in Vercel Next.Js

nextjs-cve-2026-44578 Nuclei templates for detecting...