terminat0r7031/composer-CVE-2026-40261-CVE-2026-40176-PoC Create: 2026-04-16 04:00:23 +0000 UTC Push: 2026-04-16 04:01:17 +0000 UTC |

ZeroMemoryEx/CVE-2026-0827 CVE-2026-0827 PoC Create: 2026-04-16 02:10:56 +0000 UTC Push: 2026-04-16 02:11:23 +0000 UTC |

rippsec/CVE-2025-49113-Roundcube-RCE CVE-2025-49113 – Roundcube ≤1.6.10 post-auth RCE via PHP object deserialization (HackTheBox CTF) Create: 2026-04-16 01:18:22 +0000 UTC Push: 2026-04-16 01:18:24 +0000 UTC |

rippsec/CVE-2025-27591-Meta-below-LPE CVE-2025-27591 – Meta below symlink following local privilege escalation (HackTheBox CTF) Create: 2026-04-16 01:18:19 +0000 UTC Push: 2026-04-16 01:18:21 +0000 UTC |

rippsec/CVE-2025-24893-XWiki-SSTI-RCE CVE-2025-24893 – XWiki SSTI unauthenticated RCE exploit (HackTheBox CTF) Create: 2026-04-16 01:18:16 +0000 UTC Push: 2026-04-16 01:18:18 +0000 UTC |

Penguinsecq/CVE-2026-XXXXXX CVE Writeup Create: 2026-04-16 01:13:08 +0000 UTC Push: 2026-04-16 01:13:08 +0000 UTC |

iTzR1g/CVE-2019-9053 Fixed CVE-2019-9053 Create: 2026-04-15 23:52:01 +0000 UTC Push: 2026-04-15 23:53:53 +0000 UTC |

gigachadusers/cve-2026-20127 Create: 2026-04-15 16:35:46 +0000 UTC Push: 2026-04-15 16:36:15 +0000 UTC |

yaghoubkhani/chrome_sandbox_scape_CVE-2024-5836_CVE-2024-6778 بررسی آسیب پذیری های CVE-2024-6778 و CVE-2024-5836 در مرورگر کروم و اجرایSandbox scape از طریق اکستنشن مخرب Create: 2026-04-15 15:53:39 +0000 UTC Push: 2026-04-15 15:53:39 +0000 UTC |

NULL200OK/cve_2026_34621_advanced A sophisticated, cross-platform exploit generator for **CVE-2026-34621** – a critical prototype pollution vulnerability in Adobe Acrobat and Reader that leads to sandbox escape and arbitrary code execution on Windows and macOS. Create: 2026-04-15 15:30:06 +0000 UTC Push: 2026-04-15 15:30:07 +0000 UTC |

Gr4y-r0se/CVE-2022-35650 Exploit for CVE-2022-35650, a Moodle Arbitrary File Read. Create: 2026-04-15 14:21:19 +0000 UTC Push: 2026-04-15 14:21:20 +0000 UTC |

samu-delucas/CVE-2026-39808 PoC for Unauthenticated RCE in FortiSandbox via CVE-2026-39808 Create: 2026-04-15 14:10:25 +0000 UTC Push: 2026-04-15 14:30:56 +0000 UTC |

r3nsi15/Flowise-RCE-CVE-2025-59528 Authenticated Remote Code Execution (RCE) exploit for Flowise AI versions ≤ 3.0.4. Leverages a vulnerability in the /api/v1/node-load-method/customMCP endpoint to execute arbitrary system commands via Node.js child_process.execSync(). Includes full PoC script and remediation steps. Create: 2026-04-15 12:47:25 +0000 UTC Push: 2026-04-15 12:47:25 +0000 UTC |

404-src/CVE-2026-34486 Apache Tomcat EncryptInterceptor Bypass → Unauthenticated RCE (CVE-2026-34486) Create: 2026-04-15 12:40:13 +0000 UTC Push: 2026-04-15 12:40:14 +0000 UTC |

Astaruf/CVE-2026-40487 CVE-2026-40487 | Postiz <= 2.21.5 | Arbitrary File Upload via MIME-Type Spoofing → Stored XSS → Account Takeover | CVSS 8.9 High Create: 2026-04-15 12:33:58 +0000 UTC Push: 2026-04-15 12:33:58 +0000 UTC |

r3nsi15/Flowise-CVE-2025-58434-PasswordReset Unauthenticated password reset exploit for Flowise AI ≤ 3.0.5. Abuses the /api/v1/account/forgot-password endpoint to change any user's password without prior authentication. Includes a proof-of-concept script and mitigation guidelines. Create: 2026-04-15 11:54:21 +0000 UTC Push: 2026-04-15 11:54:22 +0000 UTC |

Lechansky/CVE-2026-39808 Improper neutralization of special elements used in an OS command (OS Command Injection) vulnerability in Fortinet FortiSandbox versions 4.4.0 through 4.4.8. This vulnerability allows attackers to execute unauthorized code or commands through an unspecified attack vector. Create: 2026-04-15 11:33:21 +0000 UTC Push: 2026-04-15 11:33:22 +0000 UTC |

Ava-Vispilio/CVE-2024-3094 Create: 2026-04-15 11:20:31 +0000 UTC Push: 2026-04-15 11:20:36 +0000 UTC |

zebbernCVE/CVE-2026-40579 Advisory for git-js ⌯⌲ 11 mill weekly downloads Create: 2026-04-15 11:19:04 +0000 UTC Push: 2026-04-15 11:23:05 +0000 UTC |

0xGunrunner/CVE-2024-26229-BOF CVE-2024-26229 Beacon Object File version Create: 2026-04-15 10:59:15 +0000 UTC Push: 2026-04-15 10:59:31 +0000 UTC |