E-Learning System 1.0 - SQL Injection

E-Learning System 1.0 contains an unauthenticated SQL injection caused by unsanitized input, letting remote attackers execute arbitrary code on the server and gain a reverse shell, exploit requires no authentication. id: CVE-2021-3239 info: name: E-Learning System 1.0 - SQL Injection author:...

📄 MCPJam Inspector 1.4.2 Command Injection

This is an advanced Python proof of concept for CVE-2026-23744 demonstrating command injection through a vulnerable MCP API endpoint, leading to remote code execution and reverse shell access. The script supports multiple payload types, endpoint discovery, listener management, and several...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS : rsync vulnerabilities (USN-8349-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8349-1 advisory. Calum Hutton discovered that rsync contained a heap-based out-of-bounds read when handling file transfers. A remote...

EUVD-2026-34148

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 uses a static authentication nonce that does not change between requests from the same source IP. Combined with the predictable XOR-based password encoding securityEncode function, this allows an attacker to reverse captured authentication...

System-Exploitation-Compromising

💀 System Exploitation & Compromising CAP 6135 – Cyber Lab...

CVE-2026-40961

A bug in the login redirect route in Apache Airflow allowed authenticated users to craft URLs that bypassed the issafeurl check, enabling redirection from a trusted Airflow domain to an attacker-controlled origin. Users are advised to upgrade to apache-airflow 3.2.2 or later. As a defense-in-dept...

EUVD-2026-33902

Server-Side Template Injection SSTI in Wirtualna Uczelnia allows an unauthenticated attacker to perform Remote Code Execution RCE. In the endpoint redirectToUrl and parameter redirectUrlParameter, insufficient input validation permits injection of arbitrary template expressions that are executed ...

CVE-2026-34906 Server-Side Template Injection (SSTI) in Wirtualna Uczelnia

Server-Side Template Injection SSTI in Wirtualna Uczelnia allows an unauthenticated attacker to perform Remote Code Execution RCE. In the endpoint redirectToUrl and parameter redirectUrlParameter, insufficient input validation permits injection of arbitrary template expressions that are executed ...

JDWPEx

JDWP Remote Code Execution Exploit A Python 3 implement...

CVE-2026-40961

A bug in the login redirect route in Apache Airflow allowed authenticated users to craft URLs that bypassed the issafeurl check, enabling redirection from a trusted Airflow domain to an attacker-controlled origin. Users are advised to upgrade to apache-airflow 3.2.2 or later. As a defense-in-dept...

CVE-2026-40961 Apache Airflow: Open Redirect Bypass Vulnerability

A bug in the login redirect route in Apache Airflow allowed authenticated users to craft URLs that bypassed the issafeurl check, enabling redirection from a trusted Airflow domain to an attacker-controlled origin. Users are advised to upgrade to apache-airflow 3.2.2 or later. As a defense-in-dept...

CVE-2026-40961

A bug in the login redirect route in Apache Airflow allowed authenticated users to craft URLs that bypassed the issafeurl check, enabling redirection from a trusted Airflow domain to an attacker-controlled origin. Users are advised to upgrade to apache-airflow 3.2.2 or later. As a defense-in-dept...

[SECURITY] Fedora 43 Update: nginx-1.30.2-1.fc43

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

PT-2026-45364

A bug in the login redirect route in Apache Airflow allowed authenticated users to craft URLs that bypassed the is safe url check, enabling redirection from a trusted Airflow domain to an attacker-controlled origin. Users are advised to upgrade to apache-airflow 3.2.2 or later. As a...

Exploit for OS Command Injection in Dolibarr Dolibarr_Erp\/Crm

CVE-2023-30253 — Dolibarr ERP/CRM 17.0.0 Remote Code Execution...

CVE-2026-45613

Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a heap-buffer-overflow in librz/bin/format/omf/omf.c. This vulnerability is fixed by commit e6d0937c8a083e23ed76ccfb9f631cdc50c7af47...

The vulnerability was concealed in Starlette

There is a vulnerability in Starlette, a Python library for developing web services. Starlette is used by various products, including FastAPI. An unauthorized malicious actor can exploit this vulnerability to bypass authentication checks. This allows the malicious actor to access protected URL...

EUVD-2026-33367

Neotoma provides versioned records that persist across agent runs. From 0.6.0 to before 0.11.1, Neotoma can treat public reverse-proxied requests as local when the app receives them over a loopback socket and no Bearer token is present. In affected deployments, the REST auth middleware can resolv...

CVE-2026-45577

Neotoma AG vulnerability CVE-2026-45577 affects versions 0.6.0 through before 0.11.1. When requests arrive via a loopback socket and are not Bearer-token authenticated, public reverse-proxied requests can be treated as local, causing the REST auth middleware to resolve unauthenticated requests as...

CVE-2026-45577 Neotoma: Unauthenticated Inspector/API access via reverse-proxy loopback auth bypass

Neotoma provides versioned records that persist across agent runs. From 0.6.0 to before 0.11.1, Neotoma can treat public reverse-proxied requests as local when the app receives them over a loopback socket and no Bearer token is present. In affected deployments, the REST auth middleware can resolv...