17671 matches found
WordPress Copyright Proof <=4.16 - Cross-Site-Scripting
WordPress Copyright Proof plugin 4.16 and prior contains a cross-site scripting vulnerability. It does not sanitize and escape a parameter before outputting it back via an AJAX action available to both unauthenticated and authenticated users when a specific setting is enabled. id: CVE-2022-1906...
CVE-2026-12787
Technical details (affected product/version, root cause, remediation) are not provided in the supplied documents; monitor for updates.
The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes
The Gentlemen ransomware-as-a-service RaaS operation is actively developing and maintaining a suite of endpoint detection and response EDR killers that it hands out to affiliates for impairing system defenses before deploying the encryptor. This mature portfolio of EDR-terminating tools is center...
CVE-2026-55447
creationtimestamp| type| source ---|---|--- 2026-06-19 13:25:18+00:00| published-proof-of-concept| https://github.com/langflow-ai/langflow/security/advisories/GHSA-ccv6-r384-xp75 2026-06-20 01:38:03+00:00| seen| https://bsky.app/profile/suriq.io/post/3moopuvtpix24...
CVE-2026-55603
creationtimestamp| type| source ---|---|--- 2026-06-17 17:17:39+00:00| published-proof-of-concept| https://github.com/chimurai/http-proxy-middleware/security/advisories/GHSA-gcq2-9pq2-cxqm...
CVE-2026-55602
creationtimestamp| type| source ---|---|--- 2026-06-17 17:17:28+00:00| published-proof-of-concept| https://github.com/chimurai/http-proxy-middleware/security/advisories/GHSA-64mm-vxmg-q3vj...
CVE-2026-55450
creationtimestamp| type| source ---|---|--- 2026-06-17 03:40:00+00:00| published-proof-of-concept| https://github.com/langflow-ai/langflow/security/advisories/GHSA-x223-p2gf-v735 2026-06-22 00:56:19+00:00| seen| https://bsky.app/profile/kitafox.bsky.social/post/3motoi5iyzb2k...
CVE-2026-55388
creationtimestamp| type| source ---|---|--- 2026-06-16 21:00:59+00:00| published-proof-of-concept| https://github.com/piscinajs/piscina/security/advisories/GHSA-x9g3-xrwr-cwfg 2026-06-22 16:44:13+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116794762930791425 2026-06-22...
objdump-dlx-calc-poc
objdump dlx calc poc Small repro for an objdump -g crash-to...
Exploit for CVE-2026-54686
CVE-2026-54686: Warp Remote SSH Command Injection PoC Desc...
Exploit for CVE-2026-53519
CVE-2026...
Exploit for Uncontrolled Resource Consumption in Microsoft
CVE-2026-491...
CVE-2026-53571
creationtimestamp| type| source ---|---|--- 2026-06-15 17:17:45+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-fx2h-pf6j-xcff 2026-06-22 23:27:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3movzya3cb62w...
Malicious code in nativescript-swisspost-imagepicker (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2271ce1525f722f302ee59b9de3270020e6d1aa84d74cc2972cb6ffa34d9a62 package.json declares preinstall: node index.js. On npm install, index.js reads process.env.INITCWD the installing project's working directory, takes...
MAL-2026-5792 Malicious code in nativescript-swisspost-imagepicker (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2271ce1525f722f302ee59b9de3270020e6d1aa84d74cc2972cb6ffa34d9a62 package.json declares preinstall: node index.js. On npm install, index.js reads process.env.INITCWD the installing project's working directory, takes...
Exploit for CVE-2026-9277
CVE-2026-9277 - Shell-Quote Command Injection Expl...
PT-2026-49346
I've earned my first CVE ever, by discovering unauthenticated SSRF at @lobehub. This vulnerability affects all versions up to and including v2.1.56, fixed in 2.1.57. CVE ID: CVE-2026-54157 PoC: https://t.co/N9xo8e1TWZ bugbounty cybersecurity bugbountytips CVE...
Exploit-Development-master
Exploit-Dev...
pac-exploits-priv
CVE-2021-4034 PoC for PwnKit: Local Privilege Escalation Vulne...
Exploit for CVE-2026-1555
CVE-2026-1555: Unauthenticated Arbitrary File Upload in WebSta...