Exploit for CVE-2026-3844

CVE-2026-3844 Mass Exploit CVE-2026-3844 – Breeze Cache Word...

📄 OpenClaw 2026.3.13 MEDIA Protocol File Disclosure

This Python script is a security exploitation tool targeting the OpenClaw system integrated with Discord. It attempts to exfiltrate sensitive files from a victim environment by abusing a MEDIA: prompt injection mechanism...

📄 Redash 25.8.0 Password Hash Extraction

This PHP script is a security exploitation tool that targets Redash, an open-source data visualization platform. The tool leverages a configuration vulnerability in Redash's default PostgreSQL setup to perform two critical attacks. It can execute arbitrary system commands on the database server...

EUVD-2019-7198

Malware in sbrugna...

EUVD-2017-14217

Malware in sbrugna...

EUVD-2024-30744

Malicious code in bioql PyPI...

EUVD-2021-9621

Malicious code in bioql PyPI...

EUVD-2023-40662

Malicious code in bioql PyPI...

EUVD-2022-53156

Malicious code in bioql PyPI...

EUVD-2022-49127

Malicious code in bioql PyPI...

EUVD-2023-24265

Malicious code in bioql PyPI...

EUVD-2023-0987

Malicious code in bioql PyPI...

EUVD-2024-47299

Malicious code in bioql PyPI...

EUVD-2023-49915

Malicious code in bioql PyPI...

EUVD-2023-51440

Malicious code in bioql PyPI...

CVE-2024-43204

SSRF in Apache HTTP Server with modproxy loaded allows an attacker to send outbound proxy requests to a URL controlled by the attacker. Requires an unlikely configuration where modheaders is configured to modify the Content-Type request or response header with a value provided in the HTTP request...

Hijacking Ollama’s Signed Installer for Code Execution

This blog post is part of an ongoing series exploring how AI related tools aimed at developers can be exploited to compromise their machines. As these tools increasingly integrate deep system access, they also expand the attack surface available to threat actors. In our first post, we outlined a...

PT-2025-27348 · Unknown · Code-Projects Simple Forum

Name of the Vulnerable Software and Affected Versions: code-projects Simple Forum version 1.0 Description: A critical issue has been discovered, affecting an unknown part of the file /forum viewfile.php. The manipulation of the Name argument leads to SQL injection. This issue can be exploited...

CVE-2025-6763 Comet System H3531 Web-based Management setupA.cfg missing authentication

A vulnerability was found in Comet System T0510, T3510, T3511, T4511, T6640, T7511, T7611, P8510, P8552 and H3531 1.60. Affected by this issue is some unknown functionality of the file /setupA.cfg of the component Web-based Management Interface. Performing manipulation results in missing...

CVE-2024-9136

Access permission verification vulnerability in the App Multiplier module Impact: Successful exploitation of this vulnerability may affect service confidentiality...