Lucene search
+L

93486 matches found

GithubExploit
GithubExploit
added 31 minutes ago6 views

deep-pentest-skill

Deep Pentest Skill !License: MIThttps://img.shields.io/bad...

Exploits0
GithubExploit
GithubExploit
added 5 hours ago13 views

Exploit for CVE-2026-60137

wp2shell-lab Educational PoC and lab for CVE-2026-63030 + C...

9.1CVSS6AI score
Exploits9
GithubExploit
GithubExploit
added 8 hours ago25 views

Exploit for Missing Release of Memory after Effective Lifetime in Linux Linux_Kernel

android-selinux-disabler Standalone extraction of the SELinux...

7.8CVSS7.1AI score0.00129EPSS
Exploits3
GithubExploit
GithubExploit
added 8 hours ago14 views

Exploit for Missing Release of Memory after Effective Lifetime in Linux Linux_Kernel

badepoll-selinux-disabler Standalone extraction of the SELinu...

7.8CVSS7.2AI score0.00129EPSS
Exploits3
GithubExploit
GithubExploit
added 9 hours ago21 views

Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

log4shell-scanner A dependency-free, defensive scanner for...

10CVSS7.6AI score0.99999EPSS
Exploits359
GithubExploit
GithubExploit
added yesterday18 views

Exploit for OS Command Injection in Hikvision Ds-2Cd2026G2-Iu\/Sl_Firmware

HIKRAVEN 🛡️ Advanced Hikvision Security Assessmen...

9.8CVSS9.1AI score0.99869EPSS
Exploits25
GithubExploit
GithubExploit
added yesterday22 views

Exploit for OS Command Injection in Zoneminder

CVE-2023-26039 Description ZoneMinder is a free, open sou...

8.8CVSS8.2AI score0.01246EPSS
Exploits1
NVD
NVD
added yesterday5 views

CVE-2026-54335

Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. In 5.0.44 and earlier, the .mergetarget, source utility exported by @feathersjs/commons recursively merges source into target by iterating Object.keyssource. When source was produced by...

3.7CVSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday9 views

Malicious code in trongridme (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e0388d3aee1f1a4d5c6a27ab1c30e0cb6c8b9679708bd8b1cf3f5c5e76624f77 Source: kam193 04117292d543eae5a1d22c78d8a4507cc196c8770c9fb0a09ae2f9a10a8009d4 Package appears to be designed for private key exfiltration, but no known...

5.3AI score
Exploits0References3
OSV
OSV
added yesterday5 views

MAL-2026-10771 Malicious code in trongridme (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e0388d3aee1f1a4d5c6a27ab1c30e0cb6c8b9679708bd8b1cf3f5c5e76624f77 Source: kam193 04117292d543eae5a1d22c78d8a4507cc196c8770c9fb0a09ae2f9a10a8009d4 Package appears to be designed for private key exfiltration, but no known...

5.3AI score
Exploits0References3
NVD
NVD
added yesterday7 views

CVE-2026-54242

Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, the Glide image proxy's URL validation in src/Imaging/RemoteUrlValidator.php and src/Imaging/GuzzleAdapter.php could be bypassed using DNS rebinding. The remote hostname was validated as publicly...

4.9CVSS
Exploits0References5
NVD
NVD
added yesterday7 views

CVE-2026-54244

Statamic is a Laravel and Git powered content management system CMS. Prior to 5.74.0 and 6.20.3, the Live Preview endpoint for existing entries and terms in src/Http/Controllers/CP/PreviewController.php only checked view authorization, but it accepts and renders caller-supplied field values. A...

3.5CVSS
Exploits0References5
NVD
NVD
added yesterday6 views

CVE-2026-54243

Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, form submission values in src/Forms/Exporters/CsvExporter.php were not neutralized for spreadsheet formula characters when exported to CSV. A submission containing a value beginning with a formula...

6.1CVSS
Exploits0References5
EUVD
EUVD
added yesterday5 views

EUVD-2026-45337

Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. In 5.0.44 and earlier, the .mergetarget, source utility exported by @feathersjs/commons recursively merges source into target by iterating Object.keyssource. When source was produced by...

3.7CVSS5.4AI score
Exploits0References4
CVE
CVE
added yesterday10 views

CVE-2026-54335

Feathersjs contains a prototype-pollution vulnerability in the lodash-like merge helper: @feathersjs/commons .merge. In versions up to 5.0.44, merging a source object that originates from JSON.parse and contains proto , constructor, or prototype keys causes the merge to access target['proto '], m...

3.7CVSS5.3AI score
Exploits0References4
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-54335

Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. In 5.0.44 and earlier, the .mergetarget, source utility exported by @feathersjs/commons recursively merges source into target by iterating Object.keyssource. When source was produced by...

3.7CVSS5.3AI score
Exploits0References5Affected Software1
Cvelist
Cvelist
added yesterday16 views

CVE-2026-54335 Feathersjs: Prototype pollution in @feathersjs/commons _.merge via JSON-parsed __proto__

Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. In 5.0.44 and earlier, the .mergetarget, source utility exported by @feathersjs/commons recursively merges source into target by iterating Object.keyssource. When source was produced by...

3.7CVSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added yesterday5 views

Security Bulletin:Multiple security vulnerabilities in IBM Process Automation Manager Open Edition Starter Kit for Banking

Summary In addition to many updates of operating system level packages, Multiple vulnerabilities were addressed in IBM Process Automation Manager Open Edition Starter Kit for Banking -9.4.2 Vulnerability Details CVEID:CVE-2026-13676 DESCRIPTION: fast-uri versions 2.3.1 through 3.1.2 and 4.0.0 fai...

9.1CVSS7.6AI score0.62368EPSS
Exploits2Affected Software1
CVE
CVE
added yesterday26 views

CVE-2026-54243

CVE-2026-54243 affects Statamic CMS (Laravel/Git-powered). Prior to 5.73.24 and 6.20.1, form submission values exported to CSV via CsvExporter.php were not neutralized for spreadsheet formula characters. A value starting with =, +, -, or @ could be interpreted as a live formula when an editor ope...

6.1CVSS5.3AI score
Exploits0References5
EUVD
EUVD
added yesterday6 views

EUVD-2026-45321

Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, form submission values in src/Forms/Exporters/CsvExporter.php were not neutralized for spreadsheet formula characters when exported to CSV. A submission containing a value beginning with a formula...

6.1CVSS5.3AI score
Exploits0References5
Rows per page
Query Builder