CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

GithubExploit•added 2026/03/05 2:52 p.m.•100 views

Exploits

Exploit FreePBX / Elastix - callmepage.php Auteur : LECOMT...

6AI score

OSV•added 2026/02/28 10:36 p.m.•3 views

MAL-2026-1092 Malicious code in jwrincident (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ad20c4d6c73e649f0907879ef431132bb1566c890b55d8c5933abc09e10085fd During installation, the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

6.1AI score

OSSF Malicious Packages•added 2026/02/28 10:36 p.m.•6 views

Malicious code in jwrincident (PyPI)

6.1AI score

GithubExploit•added 2026/02/27 5:7 p.m.•136 views

k8s-container-escape-lkm

🛠️ Kernel Module Reverse Shell – Privileged Container Escape P...

6.4AI score

Packet Storm•added 2026/02/23 12:0 a.m.•82 views

📄 Supermicro Onboard IPMI X9SCL / X9SCM SMT_X9_214 PHP Buffer Overflow

Supermicro Onboard IPMI X9SCL and X9SCM with firmware SMTX9214 PHP proof of concept buffer overflow exploit that spawns a reverse shell. It exploits an older vulnerability from 2013...

10CVSS5.9AI score0.8637EPSS

Exploits10

OSSF Malicious Packages•added 2026/02/22 7:42 p.m.•7 views

Malicious code in myasicapi (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 62067570b5217e75a025ba09e5e4f0d059439d8a7d30e056bdd501fe97e4f844 The code and related Github project promise to monitor hardware cryptominers. However, the code additionally hides two malicious capabilities functionalities: ...

OSV•added 2026/02/22 7:42 p.m.•3 views

Exploits0References2

MAL-2026-984 Malicious code in myasicapi (PyPI)

GithubExploit•added 2026/02/21 4:6 p.m.•148 views

Exploits0References2

Exploit for CVE-2026-27574

CVE-2026-27574-OneUptime-RCE !Authorhttps://img.shields.io/...

9.9CVSS6.1AI score0.00028EPSS

Exploits2

ATTACKERKB•added 2026/02/19 8:43 p.m.•2 views

CVE-2026-27476

RustFly 2.0.0 contains a command injection vulnerability in its remote UI control mechanism that accepts hex-encoded instructions over UDP port 5005 without proper sanitization. Attackers can send crafted hex-encoded payloads containing system commands to execute arbitrary operations on the targe...

9.8CVSS6.2AI score0.00389EPSS

Exploits1References2Affected Software1

CVE•added 2026/02/19 8:43 p.m.•12 views

CVE-2026-27476

RustFly 2.0.0 is affected by a command-injection vulnerability in its remote UI control that accepts hex-encoded instructions over UDP port 5005 without proper sanitization. The flaw allows an attacker to send crafted hex payloads to execute arbitrary commands on the target, potentially enabling ...

9.8CVSS6.2AI score0.00389EPSS

Exploits1References2

GithubExploit•added 2026/02/18 2:41 a.m.•120 views

DrakonixReverseShellPlayground

No d...

5.4AI score

GithubExploit•added 2026/02/17 12:35 p.m.•114 views

System-Exploitation-Privilege-Escalation

System Exploitation & Privilege Escalation Lab 📄 Project O...

5.5AI score

OSSF Malicious Packages•added 2026/02/16 5:55 p.m.•5 views

Malicious code in cicibot-fix-message-naming (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7fb20d1d9da8ede0270346034bb6fdca56ef578e35a73b4cb0301664ab4a27ab Importing the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

OSV•added 2026/02/16 5:55 p.m.•3 views

MAL-2026-921 Malicious code in cicibot-fix-message-naming (PyPI)

OSSF Malicious Packages•added 2026/02/15 11:20 p.m.•2 views

Malicious code in dns-execution-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4fc1fd65caa9c7f199fba16c9d3772c7db895ed78b29130a7ddc3347a4b34ba7 Installing the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

5.8AI score

OSV•added 2026/02/15 11:20 p.m.•2 views

MAL-2026-910 Malicious code in dns-execution-test (PyPI)

5.8AI score