unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Search
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
1beelze/CVE-2026-11387
Create: 2026-07-03 08:35:14 +0000 UTC Push: 2026-07-03 08:35:15 +0000 UTC |
BiiTts/CVE-2026-49468-LiteLLM-Auth-Bypass
Create: 2026-07-03 06:05:18 +0000 UTC Push: 2026-07-03 06:05:19 +0000 UTC |
Robertmak2014-sudow/CVE-2026-28995
A work exploit for read by CVE-2026-28995
Create: 2026-07-03 04:19:24 +0000 UTC Push: 2026-07-03 04:20:09 +0000 UTC |
Cyber-note/CVE-2026-34835-Black-box-Security-Analysis
A black-box (DAST) security analysis of CVE-2026-34835 focusing on external validation methodology, observable behavior, security impact, and defensive recommendations.
Create: 2026-07-03 02:50:25 +0000 UTC Push: 2026-07-03 02:50:26 +0000 UTC |
Cyber-note/CVE-2026-34835-Black-box-Analysis
A black-box (DAST) security analysis of CVE-2026-34835 focusing on external validation methodology, observable behavior, security impact, and defensive recommendations.
Create: 2026-07-03 02:50:25 +0000 UTC Push: 2026-07-03 02:54:03 +0000 UTC |
thecodeb0ss/Advanced-CVE-2026-53753
Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.7, the _safe_eval_expression() function in the computed fields feature uses an AST validator that only blocks attributes starting with underscore.
Create: 2026-07-03 02:17:54 +0000 UTC Push: 2026-07-03 02:17:55 +0000 UTC |
qwqqaqqwq00/opensource_defect_repare_cc
Redis 7.0.0 核心模块重构与漏洞修复交付(重构 sds/adlist/intset/listpack,相似度≤20%;修复 CVE-2023-25155/28856、CVE-2024-31449、CVE-2022-36021、CVE-2022-31144 等漏洞)
Create: 2026-07-03 00:55:25 +0000 UTC Push: 2026-07-03 00:55:25 +0000 UTC |
qwqqaqqwq00/opensource_defect_repair_cc
Redis 7.0.0 核心模块重构与漏洞修复交付(重构 sds/adlist/intset/listpack,相似度≤20%;修复 CVE-2023-25155/28856、CVE-2024-31449、CVE-2022-36021、CVE-2022-31144 等漏洞)
Create: 2026-07-03 00:54:46 +0000 UTC Push: 2026-07-03 00:54:46 +0000 UTC |
BastianXploited/CVE-2026-0740-mass
Create: 2026-07-02 23:18:38 +0000 UTC Push: 2026-07-02 23:18:54 +0000 UTC |
thecodeb0ss/CVE-2026-56782
Gorse < 0.5.10 contains an authentication bypass caused by empty admin_api_key in /api/dump and /api/restore endpoints, letting unauthenticated remote attackers access and modify protected data, exploit requires default empty admin_api_key configuration.
Create: 2026-07-02 23:12:44 +0000 UTC Push: 2026-07-02 23:12:45 +0000 UTC |
MichaelAdamGroberman/CVE-2026-54477
CVE-2026-54477: Admin Panel Missing Security Headers (clickjacking/XSS) - Gardyn (ICSA-26-183-03)
Create: 2026-07-02 20:18:29 +0000 UTC Push: 2026-07-02 20:18:32 +0000 UTC |
MichaelAdamGroberman/CVE-2026-55726
CVE-2026-55726: Publicly Listable Azure Blob Storage Container (device logs) - Gardyn (ICSA-26-183-03)
Create: 2026-07-02 20:18:26 +0000 UTC Push: 2026-07-02 20:18:29 +0000 UTC |
teteco/CVE-2026-52217-VTEX-Checkout-CrossTenant-IDOR
The VTEX Checkout Service exposes OrderForm data through the endpoints `/api/checkout/pub/orderForm/{orderFormId}` and `/attachments/*`. These endpoints do not validate the tenant (store account) of the authenticated session against the ownership of the requested OrderForm.
Create: 2026-07-02 20:06:01 +0000 UTC Push: 2026-07-02 20:06:01 +0000 UTC |
MichaelAdamGroberman/CVE-2026-13768
CVE-2026-13768: Privileged iothubowner IoT Hub credential — fleet enumeration, device RCE, home-network pivot — Gardyn (ICSA-26-183-03)
Create: 2026-07-02 19:38:56 +0000 UTC Push: 2026-07-02 20:18:15 +0000 UTC |
Mkps/CVE-2026-38751-OpenSTAManager-Arbitrary-File-Upload-PoC
This repository contains a proof-of-concept (PoC) exploit for CVE-2026-38751, affecting OpenSTAManager ≤ 2.10. The vulnerability allows an authenticated attacker to upload a malicious module via the module update functionality, leading to arbitrary file upload and remote code execution (RCE).
Create: 2026-07-02 19:29:00 +0000 UTC Push: 2026-07-02 19:29:00 +0000 UTC |
K3ysTr0K3R/CVE-2025-57819
Create: 2026-07-02 19:07:36 +0000 UTC Push: 2026-07-02 19:07:37 +0000 UTC |
J4ck3LSyN-Gen2/CVE-2026-48558
SimpleHelp OIDC Authentication Bypass PoC
Create: 2026-07-02 16:11:50 +0000 UTC Push: 2026-07-02 16:12:20 +0000 UTC |
sentinel-aidefense/CVE-2025-5777
Create: 2026-07-02 13:04:30 +0000 UTC Push: 2026-07-02 13:04:31 +0000 UTC |
vrtlbob/Linux-Kernel-Vulnerabilities-CVE-2026-23111
High Severity LPE vulnerability in Linux Kernel, with a CVS score of 7.8. An inverted check from user enables a process inside the container to break out of the sandbox along with full root privileges on user PC. I have been investigating about this vulnerability and has a lightweight script that runs in the terminal to check if you are vulnerable.
Create: 2026-07-02 09:54:54 +0000 UTC Push: 2026-07-02 09:54:55 +0000 UTC |
c0gnit00/CVE-2026-33017
Python POC, Exploit for CVE-2026-33017
Create: 2026-07-02 09:47:58 +0000 UTC Push: 2026-07-02 09:47:59 +0000 UTC |
Previous
-132
-131
-130
-129
-128
-127
-126
-125
Next