99 matches found
PT-2026-42369
Nuclei: Local File Read via require Module Loader Bypass in github.com/projectdiscovery/nuclei...
CVE-2026-23486
creationtimestamp| type| source ---|---|--- 2026-04-28 00:08:54+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-23486.yaml 2026-04-28 21:03:04+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mklibctkvh2z...
CVE-2025-59582
creationtimestamp| type| source ---|---|--- 2026-04-23 10:01:52+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-59582.yaml 2026-04-24 21:02:34+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mkbgeonn2v2i...
CVE-2026-41282
ProjectDiscovery Nuclei 3 before 3.8.0 allows DSL expression injection. This affects use of -env-vars for multi-step templates against untrusted targets not the default configuration...
Nuclei 安全漏洞
Nuclei is a fast-customizable vulnerability scanner based on simple YAML, open-sourced by ProjectDiscovery. Versions of Nuclei prior to 3.8.0 have security vulnerabilities, which stem from DSL expression injection and may affect the use of multi-step templates...
PT-2026-30328
Name of the Vulnerable Software and Affected Versions Directus versions prior to 11.16.1 Description Directus is susceptible to an open redirect issue through the redirect parameter on the /admin/tfa-setup page. An administrator who has not configured Two-Factor Authentication 2FA may be redirect...
CVE-2026-28358
creationtimestamp| type| source ---|---|--- 2026-04-02 04:59:00+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-28358.yaml...
CVE-2022-0188
creationtimestamp| type| source ---|---|--- 2026-01-18 19:58:12+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2022/CVE-2022-0188.yaml 2026-01-20 21:03:03+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mcv2l2eb4u2h...
CVE-2019-15823
creationtimestamp| type| source ---|---|--- 2026-01-07 10:48:00+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2019/CVE-2019-15823.yaml 2026-01-08 21:03:11+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mbwuxxqv5h2t...
CVE-2025-68645
creationtimestamp| type| source ---|---|--- 2025-12-25 21:00:05+00:00| published-proof-of-concept| Telegram/6v0tgXr67OHpT1VYYnEl9dNKXH-8Vq-uMwR5rJ3hS7Xe9zI 2025-12-30 23:50:40+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-68645.yaml...
CVE-2025-58360
creationtimestamp| type| source ---|---|--- 2025-11-26 18:02:43+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/60873 2025-11-26 21:00:05+00:00| published-proof-of-concept| Telegram/EQSEx6hVvMlnJ1ky7huxK4eSzyICfuehitJwgPSzGmUZN8M 2025-11-27 05:09:25+00:00| confirmed|...
nuclei-templates
This repository is an offensive tool for vulnerability scanning and exploitation, specifically for the nuclei engine. It contains a community-curated list of templates for discovering security vulnerabilities in applications. The templates are used by the nuclei scanner to power the actual scanni...
CVE-2021-27856
creationtimestamp| type| source ---|---|--- 2025-10-05 10:02:43+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-27856.yaml...
Information Exposure
Overview github.com/canonical/lxd is an a modern, secure and powerful system container and virtual machine manager. Affected versions of this package are vulnerable to Information Exposure via differing HTTP status code responses in the images endpoint's AllowUntrusted API. An attacker can...
CVE-2024-33832
creationtimestamp| type| source ---|---|--- 2025-07-17 11:51:46+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-33832.yaml 2025-07-18 21:02:27+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lubdsqw3eh2q...
CVE-2018-12455
creationtimestamp| type| source ---|---|--- 2025-06-03 12:58:58+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2018/CVE-2018-12455.yaml 2025-06-04 21:02:22+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lqspc47a2d2i...
CVE-2024-23901
Jenkins GitLab Branch Source Plugin 684.veafa7c1e2fe3 and earlier unconditionally discovers projects that are shared with the configured owner group, allowing attackers to configure and share a project, resulting in a crafted Pipeline being built by Jenkins during the next scan of the group...
CVE-2024-2473
creationtimestamp| type| source ---|---|--- 2025-05-15 07:24:21+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-2473.yaml 2025-05-15 21:02:28+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lpafxtmgqd2a 2026-01-27...
CVE-2025-32101
creationtimestamp| type| source ---|---|--- 2025-04-07 15:43:12+00:00| seen| https://bsky.app/profile/r-netsec-bot.bsky.social/post/3lmacfz7k7i26 2025-04-07 17:39:32+00:00| seen| https://bsky.app/profile/r-netsec.bsky.social/post/3lmaivzqr2u2l 2025-04-09 10:42:31+00:00| confirmed|...
CVE-2025-31131
creationtimestamp| type| source ---|---|--- 2025-04-01 16:32:25+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9944 2025-04-01 17:48:23+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114263962596198001 2025-04-01 17:48:23+00:00| seen|...