oscar-mine/CVE-2026-23980-Exploit Exploit for CVE-2026-23980 — Authenticated error-based SQL injection in Apache Superset < 6.0.0 via sqlExpression bypass Create: 2026-04-12 15:44:33 +0000 UTC Push: 2026-04-12 15:44:42 +0000 UTC |

oscar-mine/CVE-2026-33017-Exploit Exploit for CVE-2026-33017 — Unauthenticated RCE in Langflow <= 1.8.2 via exec() in flow build endpoint Create: 2026-04-12 15:44:31 +0000 UTC Push: 2026-04-12 15:44:41 +0000 UTC |

amusedx/CVE-2022-29078 Create: 2026-04-12 13:24:50 +0000 UTC Push: 2026-04-12 13:26:07 +0000 UTC |

p1ctur3p3rf3ct/CVE-2025-58434 CVE-2025-58434 PoC Create: 2026-04-12 12:42:40 +0000 UTC Push: 2026-04-12 12:42:40 +0000 UTC |

TYehan/CVE-2025-8110-Gogs-RCE-Exploit Create: 2026-04-12 12:06:42 +0000 UTC Push: 2026-04-12 12:06:49 +0000 UTC |

Rat5ak/CVE-2026-3805-curl-SMB-UAF CVE-2026-3805: Use-After-Free in curl SMB connection reuse - heap info disclosure Create: 2026-04-12 11:12:16 +0000 UTC Push: 2026-04-12 11:12:19 +0000 UTC |

Rat5ak/CVE-2026-31413-BPF-Container-Escape CVE-2026-31413: BPF verifier soundness bug - container escape exploit Create: 2026-04-12 10:41:02 +0000 UTC Push: 2026-04-12 11:08:01 +0000 UTC |

0xBlackash/CVE-2026-40175 CVE-2026-40175 Create: 2026-04-12 10:12:30 +0000 UTC Push: 2026-04-12 10:12:30 +0000 UTC |

TYehan/CVE-2025-58434-59528 CVE-2025-58434 and CVE-2025-59528 chain POC Create: 2026-04-12 06:39:37 +0000 UTC Push: 2026-04-12 06:39:45 +0000 UTC |

manbahadurthapa1248/CVE-2025-8110-Authenticated-Remote-Code-Execution-on-Gogs-v0.13.3- A remote code execution to get a reverse shell on Gogs (v0.13.3) Create: 2026-04-12 05:15:31 +0000 UTC Push: 2026-04-12 05:15:31 +0000 UTC |

AzureADTrent/CVE-2025-58434-59528 CVE-2025-58434 and CVE-2025-59528 chain POC Create: 2026-04-12 00:34:15 +0000 UTC Push: 2026-04-12 00:34:15 +0000 UTC |

ef3tr/CVE-2026-4106 WordPress HTMega Unauthenticated PII Disclosure Exploit (CVE-2026-4106) Create: 2026-04-12 00:26:34 +0000 UTC Push: 2026-04-12 00:26:35 +0000 UTC |

kayl22/cve-2025-8110-GOGS-RCE GOGS RCE cve-2025-8110 python script that automates the whole attack chain of creating a repository with a symlink file pointing to .git/config and then triggering rce via a poisoned sshCommand on the config file. Create: 2026-04-11 23:10:11 +0000 UTC Push: 2026-04-11 23:15:08 +0000 UTC |

Ghxstsec/CVE-2025-8110 Create: 2026-04-11 22:40:07 +0000 UTC Push: 2026-04-11 22:40:07 +0000 UTC |

BridgerAlderson/CVE-2025-81110-PoC Improper Symbolic link handling in the PutContents API in Gogs allows Local Execution of Code. Create: 2026-04-11 22:22:37 +0000 UTC Push: 2026-04-11 22:22:37 +0000 UTC |

mooder1/CVE-2025-49113 Roundcube Webmail post-auth RCE via PHP object deserialization (CVE-2025-49113) Create: 2026-04-11 21:54:07 +0000 UTC Push: 2026-04-11 21:54:09 +0000 UTC |

3jee/CVE-2025-8110 CVE-2025-8110 — Gogs <= 0.13.3 Arbitrary File Write via Symlink Traversal in PutContents API Create: 2026-04-11 20:28:17 +0000 UTC Push: 2026-04-11 20:28:19 +0000 UTC |

lukasz-rybak/CVE-2026-23500 CVE-2026-23500 - OS Command Injection (RCE) via MAIN_ODT_AS_PDF configuration in Dolibarr Create: 2026-04-11 19:37:51 +0000 UTC Push: 2026-04-11 19:37:53 +0000 UTC |

lukasz-rybak/CVE-2026-23498 CVE-2026-23498 - Shopware Has Improper Control of Generation of Code in Twig rendered views Create: 2026-04-11 19:15:40 +0000 UTC Push: 2026-04-11 19:15:41 +0000 UTC |

lukasz-rybak/CVE-2026-1434 CVE-2026-1434 - Omega-PSIR is vulnerable to Reflected XSS via the lang parameter. An attacker can craft a... Create: 2026-04-11 19:15:34 +0000 UTC Push: 2026-04-11 19:15:37 +0000 UTC |