KosmicOwl045/ICT287-CVE-2022-42889 Environment setup and recreation of CVE‑2022‑42889. Create: 2026-03-30 07:14:49 +0000 UTC Push: 2026-03-30 07:14:50 +0000 UTC |

0xNode1337/CVE-2026-3098-POC CVE-2026-3098 Proof-of-Concept Lab Setup Script Create: 2026-03-30 05:20:50 +0000 UTC Push: 2026-03-30 05:20:50 +0000 UTC |

JacobTaylor3/CVE-2021-21191---CVE-2021-21192 Create: 2026-03-30 02:19:07 +0000 UTC Push: 2026-03-30 02:19:09 +0000 UTC |

Cr0wld3r/CVE-2026-30082 Stored cross-site scripting (XSS) vulnerabilities in IngEstate Server v11.14.0 Create: 2026-03-30 01:46:48 +0000 UTC Push: 2026-03-30 01:46:48 +0000 UTC |

vognik/CVE-2026-26980 [CVE-2026-26980] 👻 Ghost CMS Unauthenticated SQLi via Content API Create: 2026-03-29 21:53:44 +0000 UTC Push: 2026-03-29 21:53:44 +0000 UTC |

ByteCodeSecure/CVE-2025-60709 CVE-2025-60709 — Windows CLFS.sys Local Privilege Escalation PoC. Buffer overflow → arbitrary kernel write → SYSTEM token theft. C + Go implementations. Security research only. Create: 2026-03-29 18:07:07 +0000 UTC Push: 2026-03-29 18:07:10 +0000 UTC |

regaan/CVE-2026-33340 CVE-2026-33340: Critical SSRF in lollms-webui /api/proxy - Unauthenticated arbitrary request forgery (CVSS 9.1) Create: 2026-03-29 16:59:53 +0000 UTC Push: 2026-03-29 16:59:53 +0000 UTC |

farid-khelil/CVE_2025_23209 a poc exploit scripte for CVE_2025_23209 that get RCE and ReverseShell from server running Craft CMS Craft CMS `>= 4.0.0-RC1` and `< 4.13.8` - Craft CMS `>= 5.0.0-RC1` and `< 5.5.8` Create: 2026-03-29 16:30:41 +0000 UTC Push: 2026-03-29 16:30:41 +0000 UTC |

CyLock11/CVE-2026-23744 CVE-2026-23744 - MCP Connect RCE via Unauthenticated Command Injection Create: 2026-03-29 16:26:01 +0000 UTC Push: 2026-03-29 16:26:02 +0000 UTC |

Shashivanth009/CVE-2022-46364---Apache-CXF-XOP-Include-LFI-PoC Create: 2026-03-29 14:31:19 +0000 UTC Push: 2026-03-29 14:31:20 +0000 UTC |

tristanqtn/CVE-2025-54123 CVE-2025-54123 exploit and documentation Create: 2026-03-29 12:37:25 +0000 UTC Push: 2026-03-29 12:37:25 +0000 UTC |

JollyPropoganda/CVE_2024_3273_adv_shell_script adv shell script with more functionalities Create: 2026-03-29 12:05:42 +0000 UTC Push: 2026-03-29 12:05:42 +0000 UTC |

0xBlackash/CVE-2026-3055 CVE-2026-3055 Create: 2026-03-29 10:58:13 +0000 UTC Push: 2026-03-29 10:58:14 +0000 UTC |

0x0asif/CVE-2025-55182 Create: 2026-03-29 10:15:49 +0000 UTC Push: 2026-03-29 10:15:49 +0000 UTC |

HyperPS/CVE-2026-0897 Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service (DoS) through memory exhaustion and a crash of the Python interpreter via a crafted .keras Create: 2026-03-29 08:44:34 +0000 UTC Push: 2026-03-29 08:44:35 +0000 UTC |

HyperPS/CVE-2026-0848 nltk.tokenize.StanfordSegmenter dynamically loads external Java .jar files without verification or sandboxing. If an attacker can supply or replace the JAR (e.g., a poisoned model download, MITM package swap, or dependency poisoning), arbitrary Java bytecode executes at import time. Create: 2026-03-29 08:20:30 +0000 UTC Push: 2026-03-29 08:20:31 +0000 UTC |

HyperPS/CVE-2026-0847 A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. Create: 2026-03-29 08:00:18 +0000 UTC Push: 2026-03-29 08:00:19 +0000 UTC |

xitexploiter96-dot/CVE-2025-23419 Create: 2026-03-29 05:03:18 +0000 UTC Push: 2026-03-29 05:03:36 +0000 UTC |

cybermaksxx/CVE-2022-46364-Proof-of-the-concept This vulnerability allows an attacker to perform SSRF (Server-Side Request Forgery) attacks on Apache CXF webservices that accept MTOM/XOP requests. The issue exists in how the href attribute of xop:Include is parsed, allowing arbitrary URLs to be requested by the server. Create: 2026-03-29 02:04:26 +0000 UTC Push: 2026-03-29 02:04:26 +0000 UTC |

0xzap/CVE-2025-54123 Create: 2026-03-28 23:15:32 +0000 UTC Push: 2026-03-28 23:24:03 +0000 UTC |