gigachadusers/cve-2026-20127 Create: 2026-04-15 16:35:46 +0000 UTC Push: 2026-04-15 16:36:15 +0000 UTC |

yaghoubkhani/chrome_sandbox_scape_CVE-2024-5836_CVE-2024-6778 بررسی آسیب پذیری های CVE-2024-6778 و CVE-2024-5836 در مرورگر کروم و اجرایSandbox scape از طریق اکستنشن مخرب Create: 2026-04-15 15:53:39 +0000 UTC Push: 2026-04-15 15:53:39 +0000 UTC |

NULL200OK/cve_2026_34621_advanced A sophisticated, cross-platform exploit generator for **CVE-2026-34621** – a critical prototype pollution vulnerability in Adobe Acrobat and Reader that leads to sandbox escape and arbitrary code execution on Windows and macOS. Create: 2026-04-15 15:30:06 +0000 UTC Push: 2026-04-15 15:30:07 +0000 UTC |

Gr4y-r0se/CVE-2022-35650 Exploit for CVE-2022-35650, a Moodle Arbitrary File Read. Create: 2026-04-15 14:21:19 +0000 UTC Push: 2026-04-15 14:21:20 +0000 UTC |

samu-delucas/CVE-2026-39808 PoC for Unauthenticated RCE in FortiSandbox via CVE-2026-39808 Create: 2026-04-15 14:10:25 +0000 UTC Push: 2026-04-15 14:30:56 +0000 UTC |

r3nsi15/Flowise-RCE-CVE-2025-59528 Authenticated Remote Code Execution (RCE) exploit for Flowise AI versions ≤ 3.0.4. Leverages a vulnerability in the /api/v1/node-load-method/customMCP endpoint to execute arbitrary system commands via Node.js child_process.execSync(). Includes full PoC script and remediation steps. Create: 2026-04-15 12:47:25 +0000 UTC Push: 2026-04-15 12:47:25 +0000 UTC |

404-src/CVE-2026-34486 Apache Tomcat EncryptInterceptor Bypass → Unauthenticated RCE (CVE-2026-34486) Create: 2026-04-15 12:40:13 +0000 UTC Push: 2026-04-15 12:40:14 +0000 UTC |

Astaruf/CVE-2026-40487 CVE-2026-40487 | Postiz <= 2.21.5 | Arbitrary File Upload via MIME-Type Spoofing → Stored XSS → Account Takeover | CVSS 8.9 High Create: 2026-04-15 12:33:58 +0000 UTC Push: 2026-04-15 12:33:58 +0000 UTC |

r3nsi15/Flowise-CVE-2025-58434-PasswordReset Unauthenticated password reset exploit for Flowise AI ≤ 3.0.5. Abuses the /api/v1/account/forgot-password endpoint to change any user's password without prior authentication. Includes a proof-of-concept script and mitigation guidelines. Create: 2026-04-15 11:54:21 +0000 UTC Push: 2026-04-15 11:54:22 +0000 UTC |

Lechansky/CVE-2026-39808 Improper neutralization of special elements used in an OS command (OS Command Injection) vulnerability in Fortinet FortiSandbox versions 4.4.0 through 4.4.8. This vulnerability allows attackers to execute unauthorized code or commands through an unspecified attack vector. Create: 2026-04-15 11:33:21 +0000 UTC Push: 2026-04-15 11:33:22 +0000 UTC |

Ava-Vispilio/CVE-2024-3094 Create: 2026-04-15 11:20:31 +0000 UTC Push: 2026-04-15 11:20:36 +0000 UTC |

zebbernCVE/CVE-2026-40579 Advisory for git-js ⌯⌲ 11 mill weekly downloads Create: 2026-04-15 11:19:04 +0000 UTC Push: 2026-04-15 11:23:05 +0000 UTC |

0xGunrunner/CVE-2024-26229-BOF CVE-2024-26229 Beacon Object File version Create: 2026-04-15 10:59:15 +0000 UTC Push: 2026-04-15 10:59:31 +0000 UTC |

X4BROZER/CVE-2025-8110 Gogs RCE PoC - CVE-2025-8110 Create: 2026-04-15 09:17:33 +0000 UTC Push: 2026-04-15 09:17:34 +0000 UTC |

keraattin/CVE-2026-39987 CVE-2026-39987: Marimo Python Notebook Pre-Auth RCE (CVSS 9.3). Python & Nmap NSE detection scripts. Missing authentication on /terminal/ws WebSocket endpoint gives attackers a full PTY shell without any credentials. Exploited in the wild within 10 hours of disclosure. Fixed in Marimo 0.23.0. Create: 2026-04-15 08:09:54 +0000 UTC Push: 2026-04-15 08:10:32 +0000 UTC |

Murguii/DEV-CVE-2021-4034 Repositorio para la práctica de DEV sobre la vulnerabilidad CVE-2021-4034. Realizada únicamente con fines académicos. Create: 2026-04-15 07:57:11 +0000 UTC Push: 2026-04-15 07:57:12 +0000 UTC |

AirSkye/CVE-2026-34486-poc CVE-2026-34486 Apache Tomcat EncryptInterceptor 绕过漏洞复现（使用GLM5.1复现完成） Create: 2026-04-15 07:30:15 +0000 UTC Push: 2026-04-15 07:30:15 +0000 UTC |

q1uf3ng/CVE-2025-51458-exp CVE-2025-51458 - DB-GPT Pre-Auth SQL Injection PoC Create: 2026-04-15 07:05:38 +0000 UTC Push: 2026-04-15 07:05:38 +0000 UTC |

tecnico4righettisollevamenti/CVE2026_SIMULATOR Create: 2026-04-15 06:49:26 +0000 UTC Push: 2026-04-15 06:49:26 +0000 UTC |

punitdarji/tomcat-cve-2026-34486 CVE labs Create: 2026-04-15 06:46:48 +0000 UTC Push: 2026-04-15 06:46:49 +0000 UTC |