K3rn3l-32/Threaded-CVE-2018-15473 A Python 3 reimplementation of the classic CVE-2018-15473 OpenSSH user enumeration exploit, extended with multi-threading, wordlist support, automatic vulnerability detection, and thread-safe exploit patching. Create: 2026-03-25 20:00:29 +0000 UTC Push: 2026-03-25 20:00:29 +0000 UTC |

l0lsec/cve-2025-55182-lab Intentionally vulnerable Next.js RSC Docker lab for CVE-2025-55182 (React2Shell) local testing Create: 2026-03-25 18:29:03 +0000 UTC Push: 2026-03-25 18:29:05 +0000 UTC |

0xzap/CVE-2025-32463 A proof-of-concept exploit demonstrating local privilege escalation to root in sudo (CVE-2025-32463) by abusing the --chroot (-R) option and injecting a malicious NSS configuration Create: 2026-03-25 16:46:04 +0000 UTC Push: 2026-03-25 16:48:56 +0000 UTC |

qoo7972365/CVE-2022-36883-Poc Create: 2026-03-25 15:28:19 +0000 UTC Push: 2026-03-25 15:28:19 +0000 UTC |

Noidolosity/CVE-2022-32250 Create: 2026-03-25 15:09:48 +0000 UTC Push: 2026-03-25 15:09:49 +0000 UTC |

ImVihanga03/Static-Malware-Analysis-Follina-CVE-2022-30190 Static Malware Analysis of Follina (CVE-2022-30190) from Blue Team Labs Online Create: 2026-03-25 14:23:35 +0000 UTC Push: 2026-03-25 14:23:36 +0000 UTC |

cyber-sparky/CVE-2019-3835 It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Create: 2026-03-25 13:41:39 +0000 UTC Push: 2026-03-25 13:42:08 +0000 UTC |

sergicortesabadia/CVE-2026-26198-analysis Deep dive into a critical SQL injection in Python's Ormar ORM — reproduction, fix, and tests Create: 2026-03-25 13:09:40 +0000 UTC Push: 2026-03-25 13:09:41 +0000 UTC |

lennertdefauw/CVE-2025-8088 WinRAR < 7.13 path traversal for persistency Create: 2026-03-25 13:04:51 +0000 UTC Push: 2026-03-25 13:04:51 +0000 UTC |

Yucaerin/CVE-2026-3584 CVE-2026-3584 Create: 2026-03-25 09:21:54 +0000 UTC Push: 2026-03-25 09:21:55 +0000 UTC |

NeoArtemis37/OverlayFS-PrivEsc-CVE-2022-0944 Create: 2026-03-25 07:13:10 +0000 UTC Push: 2026-03-25 07:13:39 +0000 UTC |

devianntsec/CVE-2024-30051-DWMHeapOverflow-Masters-Thesis Master's Thesis research on CVE-2024-30051 (Windows DWM Heap Overflow). Improved PoC with auto-retry, session logging, and empirical heap spray analysis across controlled sessions. Portfolio piece demonstrating Windows exploit development and security research. Create: 2026-03-25 06:18:49 +0000 UTC Push: 2026-03-25 06:18:49 +0000 UTC |

devianntsec/CVE-2024-51324 Master's Thesis research on CVE-2024-51324 (BYOVD). Advanced exploit with 4 operational modes (SCANNER, LOADER, KILLER, CLEANUP), SHA-256 driver verification, and full academic documentation. Portfolio piece covers Windows kernel driver security, IOCTL reverse engineering, and Bring Your Own Vulnerable Driver exploitation. Create: 2026-03-25 06:16:48 +0000 UTC Push: 2026-04-27 17:21:38 +0000 UTC |

devianntsec/CVE-2024-51324-BYOVD-Masters-Thesis Master's Thesis research on CVE-2024-51324 (BYOVD). Advanced exploit with 4 operational modes (SCANNER, LOADER, KILLER, CLEANUP), SHA-256 driver verification, and full academic documentation. Portfolio piece covers Windows kernel driver security, IOCTL reverse engineering, and Bring Your Own Vulnerable Driver exploitation. Create: 2026-03-25 06:16:48 +0000 UTC Push: 2026-03-25 06:16:48 +0000 UTC |

devianntsec/CVE-2021-4034-PwnKit-Masters-Thesis Master's Thesis research on CVE-2021-4034 (PwnKit). Advanced exploit with 6 payload modes (shell, id, whoami, backdoor, root user, reverse shell), automated environment setup, and complete academic documentation. Portfolio piece demonstrating Linux exploit development, memory corruption analysis, and privilege escalation research. Create: 2026-03-25 06:13:40 +0000 UTC Push: 2026-03-25 06:14:23 +0000 UTC |

devianntsec/CVE-2025-55182 Advanced security research on CVE-2025-55182 (React2Shell). Features an exploitation framework with 6 functional impact scenarios (RCE to Secret Exfiltration), an interactive reverse shell, and a complete laboratory. Portfolio piece demonstrating deep analysis of Prototype Pollution and Insecure Deserialization in React Server Components Create: 2026-03-25 06:11:08 +0000 UTC Push: 2026-04-22 17:19:03 +0000 UTC |

devianntsec/CVE-2025-55182-React2Shell-Masters-Thesis Master's Thesis research on CVE-2025-55182 (React2Shell). Advanced exploit with 4 attack vectors, interactive shell, and complete vulnerable laboratory. Portfolio piece demonstrating security research and exploit development. Create: 2026-03-25 06:11:08 +0000 UTC Push: 2026-03-25 06:11:09 +0000 UTC |

z4yd3/PoC-CVE-2026-23744 Remote Code Execution on MCPJam Inspector <= 1.4.2 Create: 2026-03-25 02:24:21 +0000 UTC Push: 2026-03-25 02:24:21 +0000 UTC |

pppxo/CVE-2025-49596-PoC PoC for CVE-2025-49596 on linux targets Create: 2026-03-25 01:53:42 +0000 UTC Push: 2026-03-25 01:53:42 +0000 UTC |

InzegoSec/CVE-2026-23744 Exploit to MCPJam Inspector <=1.4.2 Create: 2026-03-24 19:18:14 +0000 UTC Push: 2026-03-24 19:18:15 +0000 UTC |