Malicious code in lazmat (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 292e8512aa9e77a20a04a58cee3529ea31b9451e5c9067bbad7be57b5eb8c7fb Importing the module starts a telegram bot that connects to a chat and executes provided commands --- Category: MALICIOUS - The campaign has clearly malicious...

MAL-2025-191779 Malicious code in lazmat (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 292e8512aa9e77a20a04a58cee3529ea31b9451e5c9067bbad7be57b5eb8c7fb Importing the module starts a telegram bot that connects to a chat and executes provided commands --- Category: MALICIOUS - The campaign has clearly malicious...

Malicious code in hkmat (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c3c3063747c35c5ae091331ac2c35dbef66c945aca73b06ee32ef1f0ec088009 Importing the module starts a telegram bot that connects to a chat and executes provided commands --- Category: MALICIOUS - The campaign has clearly malicious...

MAL-2025-191759 Malicious code in hkmat (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c3c3063747c35c5ae091331ac2c35dbef66c945aca73b06ee32ef1f0ec088009 Importing the module starts a telegram bot that connects to a chat and executes provided commands --- Category: MALICIOUS - The campaign has clearly malicious...

Malicious code in hekamhelp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ac329f6244d2faf82ef12a167d1b46de2a9043fb1c086b67a45458d75d227562 Importing the module starts a telegram bot that connects to a chat and executes provided commands --- Category: MALICIOUS - The campaign has clearly malicious...

MAL-2025-191750 Malicious code in hekamhelp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ac329f6244d2faf82ef12a167d1b46de2a9043fb1c086b67a45458d75d227562 Importing the module starts a telegram bot that connects to a chat and executes provided commands --- Category: MALICIOUS - The campaign has clearly malicious...

Malicious code in talbat (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fa560ce194b853d26b02cc7a6fc99298c2b1de4516a8beb84b84475aa1fb23b3 Importing the module starts a telegram bot that connects to a chat and executes provided commands --- Category: MALICIOUS - The campaign has clearly malicious...

MAL-2025-191885 Malicious code in talbat (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fa560ce194b853d26b02cc7a6fc99298c2b1de4516a8beb84b84475aa1fb23b3 Importing the module starts a telegram bot that connects to a chat and executes provided commands --- Category: MALICIOUS - The campaign has clearly malicious...

CVE-2025-53927 MaxKB sandbox bypass

MaxKB is an open-source AI assistant for enterprise. Prior to version 2.0.0, the sandbox design rules can be bypassed because MaxKB only restricts the execution permissions of files in a specific directory. Therefore, an attacker can use the shutil.copy2 method in Python to copy the command they...

CVE-2025-53927

MaxKB before 2.0.0 has a sandbox bypass where the security design restricts only a specific directory’s execution permissions. An attacker can abuse Python’s shutil.copy2 to copy a command into the executable directory, bypassing the directory restrictions and enabling a reverse shell. Affected p...

MaxKB 代码注入漏洞

MaxKB is a 1Panel-dev open source open source knowledge base question and answer system based on a large language model and RAG. A code injection vulnerability exists in MaxKB versions prior to 2.0.0, which stems from the fact that sandbox design rules can be bypassed, potentially leading to a...

Exploit for CVE-2022-25226

ThinVNC 1.0b1 - Authentication Bypass to Remote Code Execution...

📄 Remote Mouse 4.601 Remote Command Execution

This exploit targets Remote Mouse version 4.6.0.1 by injecting malicious UDP packets that simulate keyboard input to execute arbitrary PowerShell commands. The vulnerability exists in the way Remote Mouse processes unauthenticated UDP commands on port 1978 by sending specially crafted packets...

📄 TouchServer 2.0.0 Remote Code Execution

TouchServer version 2.0.0 has a vulnerability that allows remote attackers to execute arbitrary commands by sending specially crafted UDP packets. This exploit delivers a PowerShell reverse shell by emulating keyboard input to trigger its download and execution. Exploit Title: TouchServer 2.0.0 -...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796 Remote Code Execution POC c 2020 ZecOps, Inc. - https://www.zecops.com - Find Attackers' Mistakes Remote Code Execution POC for CVE-2020-0796 / "SMBGhost" Expected outcome: Reverse shell with system access. Intended only for educational and testing in corporate environments. ZecOps...

Exploit for Improper Access Control in Appsmith

This is a PoC exploit for CVE-2024-55963, a vulnerability allowi...

Exploit for Code Injection in Langflow

CVE-2024-48061 Langflow vulnerable to remote code execution...

Exploit for Code Injection in Langflow

CVE-2025-3248 - Langflow Code Validation Endpoint RCE A proof...

CVE-2025-30131

An issue was discovered on IROAD Dashcam FX2 devices. An unauthenticated file upload endpoint can be leveraged to execute arbitrary commands by uploading a CGI-based webshell. Once a file is uploaded, the attacker can execute commands with root privileges, gaining full control over the dashcam...

📄 Mouselink 5.0.1 Remote Code Execution

Mouselink version 5.0.1 allows unauthenticated remote attackers to execute arbitrary commands by abusing an exposed login endpoint and insecure WebSocket-based keyboard simulation. With no password per default, an attacker can obtain a JWT token, open a WebSocket session, and simulate keystrokes ...