unSafe.sh - 不安全

GartonChan/redis-cve-2025-62507
Create: 2026-06-02 07:09:24 +0000 UTC Push: 2026-06-02 07:09:24 +0000 UTC |

AzDevops143/fragnesia-cve-2026-46300
Create: 2026-06-02 06:42:25 +0000 UTC Push: 2026-06-02 06:42:26 +0000 UTC |

Karma4488/cve-2011-3192
Create: 2026-06-02 06:30:34 +0000 UTC Push: 2026-06-02 06:30:35 +0000 UTC |

jabir-dev/CVE-2026-ThreemaDesktop-ArbitraryFileRead Threema Desktop arbitrary file read via unrestricted CLI parameter. fs.readFileSync with no path validation. All builds affected.
Create: 2026-06-02 05:28:45 +0000 UTC Push: 2026-06-02 05:28:48 +0000 UTC |

m2sousa/CVE-2026-23744 CVE-2026-23744 Proof-of-concept.
Create: 2026-06-02 04:34:01 +0000 UTC Push: 2026-06-02 04:34:01 +0000 UTC |

HORKimhab/CVE-2026-31525 CVE-2026-31525 - Draft
Create: 2026-06-02 03:30:57 +0000 UTC Push: 2026-06-02 03:31:00 +0000 UTC |

CryptReaper12/CVE-2026-8732
Create: 2026-06-02 02:51:29 +0000 UTC Push: 2026-06-02 02:51:31 +0000 UTC |

alisster00/CVE-2026-23744-RCE
Create: 2026-06-02 02:25:52 +0000 UTC Push: 2026-06-02 02:25:52 +0000 UTC |

HORKimhab/CVE-2025-70849 CVE-2025-70849 - Draft
Create: 2026-06-02 01:21:01 +0000 UTC Push: 2026-06-02 01:21:05 +0000 UTC |

K3ysTr0K3R/CVE-2026-3600
Create: 2026-06-01 23:12:41 +0000 UTC Push: 2026-06-01 23:12:42 +0000 UTC |

0xBlackash/CVE-2026-20841 CVE-2026-20841
Create: 2026-06-01 21:58:05 +0000 UTC Push: 2026-06-01 21:58:06 +0000 UTC |

O99099O/CVE-2026-8206-Poc-
Create: 2026-06-01 19:32:28 +0000 UTC Push: 2026-06-01 19:32:39 +0000 UTC |

tematemaru/CVE-2026-31431-simple-test
Create: 2026-06-01 18:53:44 +0000 UTC Push: 2026-06-01 18:53:44 +0000 UTC |

victoriaalicex/CVE-2025-40536-Analysis CVE analysis of CVE-2025-40536, SolarWinds Web Help Desk security control bypass (CVSS 8.1). Covers vulnerability mechanics, attack chain with companion RCE CVEs, Storm-2603 threat actor attribution, MITRE ATT&CK mapping, and detection/remediation guidance for DoD and government environments.
Create: 2026-06-01 18:38:24 +0000 UTC Push: 2026-06-01 18:42:08 +0000 UTC |

jabir-dev/CVE-2026-ThreemaWeb-TURNCredentialLeak Threema Web hardcoded TURN server credentials in client-side code. CWE-798. Server abuse, traffic interception, DoS.
Create: 2026-06-01 16:21:00 +0000 UTC Push: 2026-06-01 16:21:06 +0000 UTC |

jabir-dev/CVE-2026-ThreemaWeb-PrototypePollution Threema Web Prototype Pollution via unsafe URI query parameter parsing. CWE-1321. 10/10 tests passed. Security bypass, config corruption.
Create: 2026-06-01 16:20:41 +0000 UTC Push: 2026-06-01 16:20:45 +0000 UTC |

jabir-dev/CVE-2026-BetterSQLCipher-RCE better-sqlcipher (Threema) loadExtension() RCE. Full system compromise via arbitrary native code loading. Confirmed on v12.10.0 (latest). CWE-427. CVSS 9.8.
Create: 2026-06-01 15:58:25 +0000 UTC Push: 2026-06-01 15:58:29 +0000 UTC |

jabir-dev/CVE-2026-BetterSQLCipher-PragmaInjection better-sqlcipher (Threema) PRAGMA injection. Encryption key theft, cipher config extraction, data exfiltration. CWE-20.
Create: 2026-06-01 15:36:38 +0000 UTC Push: 2026-06-01 15:36:42 +0000 UTC |

EvtDanya/CVE-2026-27886 Strapi. Leaking sensitive data via relational filtering due to lack of query sanitization
Create: 2026-06-01 13:07:23 +0000 UTC Push: 2026-06-01 13:07:24 +0000 UTC |

JTMH37/ICT279-CVE-2025-24813 ICT279 Vulnerability Detection and Mitigation Project using CVE-2025-24813 in an Internet Banking Environment
Create: 2026-06-01 12:09:00 +0000 UTC Push: 2026-06-01 12:09:01 +0000 UTC |