unSafe.sh - 不安全

AnggaTechI/Mass-Scanner-CVE-2026-3891 CVE-2026-3891 Mass Scanning
Create: 2026-04-16 06:43:25 +0000 UTC Push: 2026-04-16 06:43:25 +0000 UTC |

Saku0512/CVE-2026-40176-poc
Create: 2026-04-16 04:29:29 +0000 UTC Push: 2026-04-16 04:29:30 +0000 UTC |

danhle5402/CVE-2025-59528
Create: 2026-04-16 04:25:44 +0000 UTC Push: 2026-04-16 04:25:44 +0000 UTC |

terminat0r7031/composer-CVE-2026-40261-CVE-2026-40176-PoC
Create: 2026-04-16 04:00:23 +0000 UTC Push: 2026-04-16 04:01:17 +0000 UTC |

ZeroMemoryEx/CVE-2026-0827 CVE-2026-0827 PoC
Create: 2026-04-16 02:10:56 +0000 UTC Push: 2026-04-16 02:11:23 +0000 UTC |

rippsec/CVE-2025-49113-Roundcube-RCE CVE-2025-49113 – Roundcube ≤1.6.10 post-auth RCE via PHP object deserialization (HackTheBox CTF)
Create: 2026-04-16 01:18:22 +0000 UTC Push: 2026-04-16 01:18:24 +0000 UTC |

rippsec/CVE-2025-27591-Meta-below-LPE CVE-2025-27591 – Meta below symlink following local privilege escalation (HackTheBox CTF)
Create: 2026-04-16 01:18:19 +0000 UTC Push: 2026-04-16 01:18:21 +0000 UTC |

rippsec/CVE-2025-24893-XWiki-SSTI-RCE CVE-2025-24893 – XWiki SSTI unauthenticated RCE exploit (HackTheBox CTF)
Create: 2026-04-16 01:18:16 +0000 UTC Push: 2026-04-16 01:18:18 +0000 UTC |

Penguinsecq/CVE-2026-XXXXXX CVE Writeup
Create: 2026-04-16 01:13:08 +0000 UTC Push: 2026-04-16 01:13:08 +0000 UTC |

Penguinsecq/CVE-2026-6355 CVE Writeup
Create: 2026-04-16 01:13:08 +0000 UTC Push: 2026-04-18 08:52:51 +0000 UTC |

iTzR1g/CVE-2019-9053 Fixed CVE-2019-9053
Create: 2026-04-15 23:52:01 +0000 UTC Push: 2026-04-15 23:53:53 +0000 UTC |

gigachadusers/cve-2026-20127
Create: 2026-04-15 16:35:46 +0000 UTC Push: 2026-04-15 16:36:15 +0000 UTC |

yaghoubkhani/chrome_sandbox_scape_CVE-2024-5836_CVE-2024-6778 بررسی آسیب پذیری های CVE-2024-6778 و CVE-2024-5836 در مرورگر کروم و اجرایSandbox scape از طریق اکستنشن مخرب
Create: 2026-04-15 15:53:39 +0000 UTC Push: 2026-04-15 15:53:39 +0000 UTC |

NULL200OK/cve_2026_34621_advanced A sophisticated, cross-platform exploit generator for **CVE-2026-34621** – a critical prototype pollution vulnerability in Adobe Acrobat and Reader that leads to sandbox escape and arbitrary code execution on Windows and macOS.
Create: 2026-04-15 15:30:06 +0000 UTC Push: 2026-04-15 15:30:07 +0000 UTC |

Gr4y-r0se/CVE-2022-35650 Exploit for CVE-2022-35650, a Moodle Arbitrary File Read.
Create: 2026-04-15 14:21:19 +0000 UTC Push: 2026-04-15 14:21:20 +0000 UTC |

samu-delucas/CVE-2026-39808 PoC for Unauthenticated RCE in FortiSandbox via CVE-2026-39808
Create: 2026-04-15 14:10:25 +0000 UTC Push: 2026-04-15 14:30:56 +0000 UTC |

r3nsi15/Flowise-RCE-CVE-2025-59528 Authenticated Remote Code Execution (RCE) exploit for Flowise AI versions ≤ 3.0.4. Leverages a vulnerability in the /api/v1/node-load-method/customMCP endpoint to execute arbitrary system commands via Node.js child_process.execSync(). Includes full PoC script and remediation steps.
Create: 2026-04-15 12:47:25 +0000 UTC Push: 2026-04-15 12:47:25 +0000 UTC |

404-src/CVE-2026-34486 Apache Tomcat EncryptInterceptor Bypass → Unauthenticated RCE (CVE-2026-34486)
Create: 2026-04-15 12:40:13 +0000 UTC Push: 2026-04-15 12:40:14 +0000 UTC |

Astaruf/CVE-2026-40487 CVE-2026-40487 | Postiz <= 2.21.5 | Arbitrary File Upload via MIME-Type Spoofing → Stored XSS → Account Takeover | CVSS 8.9 High
Create: 2026-04-15 12:33:58 +0000 UTC Push: 2026-04-15 12:33:58 +0000 UTC |

r3nsi15/Flowise-CVE-2025-58434-PasswordReset Unauthenticated password reset exploit for Flowise AI ≤ 3.0.5. Abuses the /api/v1/account/forgot-password endpoint to change any user's password without prior authentication. Includes a proof-of-concept script and mitigation guidelines.
Create: 2026-04-15 11:54:21 +0000 UTC Push: 2026-04-15 11:54:22 +0000 UTC |