unSafe.sh - 不安全

z4yd3/CVE-2026-33017-PoC CVE-2026-33017: Unauthenticated RCE in Langflow
Create: 2026-03-27 07:15:07 +0000 UTC Push: 2026-03-27 07:15:08 +0000 UTC |

z4yd3/PoC-CVE-2026-33017 CVE-2026-33017: Unauthenticated RCE in Langflow
Create: 2026-03-27 07:15:07 +0000 UTC Push: 2026-03-27 07:15:59 +0000 UTC |

b0b0haha/CVE-2026-29954
Create: 2026-03-27 06:11:47 +0000 UTC Push: 2026-03-27 06:11:48 +0000 UTC |

b0b0haha/CVE-2026-29955 The details for CVE-2026-29955
Create: 2026-03-27 06:02:37 +0000 UTC Push: 2026-03-27 06:03:26 +0000 UTC |

Nxploited/CVE-2026-3891 Pix for WooCommerce <= 1.5.0 - Unauthenticated Arbitrary File Upload
Create: 2026-03-27 06:00:10 +0000 UTC Push: 2026-03-27 06:00:10 +0000 UTC |

briskets/CVE-2026-22557 PoC for CVE-2026-22557 - UniFi Path Traversal
Create: 2026-03-27 05:07:41 +0000 UTC Push: 2026-03-27 05:08:45 +0000 UTC |

qalesyaSN/CVE-2025-39459 Real Estate 7 <= 3.5.2 - Unauthenticated Privilege Escalation
Create: 2026-03-27 01:18:21 +0000 UTC Push: 2026-03-27 01:18:22 +0000 UTC |

qflksheep/CVE-2026-29909-MRCMS-vulnerability MRCMS V3.1.2 contains an unauthenticated directory enumeration vulnerability in the file management module. The `/admin/file/list.do` endpoint lacks authentication controls and proper input validation, allowing remote attackers to enumerate directory contents on the server without any credentials.
Create: 2026-03-26 23:49:16 +0000 UTC Push: 2026-03-26 23:49:16 +0000 UTC |

SowatKheang/CVE_2026_2576_PoC
Create: 2026-03-26 23:19:57 +0000 UTC Push: 2026-03-26 23:19:57 +0000 UTC |

Tharooon/CVE-2026-29971 An attacker can execute arbitrary JavaScript in the victim's browser, potentially leading to session hijacking or privilege escalation.
Create: 2026-03-26 22:56:31 +0000 UTC Push: 2026-03-26 22:56:31 +0000 UTC |

tharunchidurala-cyber/CVE-2026-29971 An attacker can execute arbitrary JavaScript in the victim's browser, potentially leading to session hijacking or privilege escalation.
Create: 2026-03-26 22:39:43 +0000 UTC Push: 2026-03-26 22:39:43 +0000 UTC |

tharunchidurala-cyber/BACkupCVE-2026-29971 An attacker can execute arbitrary JavaScript in the victim's browser, potentially leading to session hijacking or privilege escalation.
Create: 2026-03-26 22:39:43 +0000 UTC Push: 2026-03-26 22:42:09 +0000 UTC |

Taxanehh/CVE-2025-34037 Python port of the Linksys tmUnblock.cgi RCE exploit
Create: 2026-03-26 21:55:13 +0000 UTC Push: 2026-03-26 21:55:13 +0000 UTC |

mathitam/thingsboard-ssrf-cve-2025-34282 PoC exploit for CVE-2025-34282 - ThingsBoard SSRF via SVG Image Upload
Create: 2026-03-26 21:41:22 +0000 UTC Push: 2026-03-26 21:41:23 +0000 UTC |

pgaSUS99/PoC-CVE-2025-52913 A Proof of Concept (PoC) for CVE-2025-52913, a path normalization vulnerability affecting Mitel MiCollab.
Create: 2026-03-26 20:31:51 +0000 UTC Push: 2026-03-26 20:31:53 +0000 UTC |

sh00bx/cve-2025-4615 cve-2025-4615 poc & deep dive
Create: 2026-03-26 20:29:21 +0000 UTC Push: 2026-03-26 20:29:51 +0000 UTC |

BishopFox/CVE-2026-25075-check
Create: 2026-03-26 17:16:37 +0000 UTC Push: 2026-03-26 17:18:49 +0000 UTC |

skoveit/CVE-2026-34200
Create: 2026-03-26 16:52:17 +0000 UTC Push: 2026-03-26 16:52:17 +0000 UTC |

ctzisme/CVE-2026-23744
Create: 2026-03-26 16:21:22 +0000 UTC Push: 2026-03-26 22:01:41 +0000 UTC |

Stalin-143/CVE-2026-29905
Create: 2026-03-26 16:15:08 +0000 UTC Push: 2026-03-26 16:15:11 +0000 UTC |