unSafe.sh - 不安全

SnailSploit/CVE-2026-32885 CVE-2026-32885: ZipSlip Path Traversal in ddev/ddev rchive Extraction (CVSS 6.5 Moderate)
Create: 2026-03-23 23:18:39 +0000 UTC Push: 2026-03-23 23:18:39 +0000 UTC |

SnailSploit/CVE-2026-32809 CVE-2026-32809: Unvalidated Symlink Targets in Tar Extraction in ouch-org/ouch (CVSS 7.4 High)
Create: 2026-03-23 23:09:38 +0000 UTC Push: 2026-03-23 23:09:39 +0000 UTC |

SnailSploit/CVE-2026-33693 CVE-2026-33693: SSRF via 0.0.0.0 Bypass in activitypub-federation-rust v4_is_invalid() (CVSS 6.5 Moderate)
Create: 2026-03-23 23:00:03 +0000 UTC Push: 2026-03-23 23:00:04 +0000 UTC |

ColdFusionX/CVE-2024-46879-TikiCMS-XSS CVE-2024-46879 - Tiki CMS Reflected Cross-Site Scripting (XSS) Vulnerability
Create: 2026-03-23 18:48:44 +0000 UTC Push: 2026-03-23 18:48:45 +0000 UTC |

ColdFusionX/CVE-2024-46878-TikiCMS-XSS CVE-2024-46878 - Tiki CMS Reflected Cross-Site Scripting (XSS) Vulnerability
Create: 2026-03-23 18:42:42 +0000 UTC Push: 2026-03-23 18:42:43 +0000 UTC |

FrenzisRed/CVE-2026-23744 CVE-2026-23744 - MCPJam inspector Remote-Code-Execution: Proof Of Concept (POC
Create: 2026-03-23 18:38:28 +0000 UTC Push: 2026-03-23 18:38:28 +0000 UTC |

M4xSec/CVE-2024-2473 Wordpress Hidden Login Page Disclosure. Detect Login Page Disclosure in WordPress sites running WPS Hide Login ≤ 1.9.15.2 (CVE-2024-2473)
Create: 2026-03-23 18:32:24 +0000 UTC Push: 2026-03-23 18:45:51 +0000 UTC |

nomaisthere/CVE-2026-3888 Linux LPE via snap-confine + systemd-tmpfiles, explained in depth
Create: 2026-03-23 18:27:12 +0000 UTC Push: 2026-03-23 22:22:25 +0000 UTC |

Mehdi-Ben-Hamou/CVE-2026-30498
Create: 2026-03-23 17:58:37 +0000 UTC Push: 2026-03-23 17:58:38 +0000 UTC |

mponce-cve/CVE-2025-52204
Create: 2026-03-23 16:38:05 +0000 UTC Push: 2026-03-23 16:43:03 +0000 UTC |

J0qq3r/CVE-2025-52204 Advisory and disclosure timeline for CVE-2025-52204 affecting Znuny customer.pl.
Create: 2026-03-23 16:38:05 +0000 UTC Push: 2026-03-23 17:00:39 +0000 UTC |

cypher-21/CVE-2026-23520 CVE-2026-23520 is a critical command injection vulnerability in Arcane, a modern Docker management platform. The flaw exists in the platform's updater service and allows for Remote Code Execution (RCE).
Create: 2026-03-23 15:54:37 +0000 UTC Push: 2026-03-23 15:55:23 +0000 UTC |

victorGoeman/CVE-2024-51346
Create: 2026-03-23 15:22:14 +0000 UTC Push: 2026-03-23 15:22:14 +0000 UTC |

victorGoeman/CVE-2024-51347
Create: 2026-03-23 15:08:43 +0000 UTC Push: 2026-03-23 15:09:21 +0000 UTC |

victorGoeman/LSC-Indoor-Camera-Security-Research
Create: 2026-03-23 15:08:43 +0000 UTC Push: 2026-03-25 09:43:26 +0000 UTC |

jFriedli/CVE-2025-6792
Create: 2026-03-23 15:06:37 +0000 UTC Push: 2026-03-23 15:06:37 +0000 UTC |

jFriedli/CVE-2025-6783
Create: 2026-03-23 15:05:26 +0000 UTC Push: 2026-03-23 15:05:50 +0000 UTC |

jFriedli/CVE-2025-6782
Create: 2026-03-23 15:04:19 +0000 UTC Push: 2026-03-23 15:04:20 +0000 UTC |

jFriedli/CVE-2025-9172
Create: 2026-03-23 15:02:43 +0000 UTC Push: 2026-03-23 15:03:18 +0000 UTC |

jFriedli/CVE-2025-10307
Create: 2026-03-23 15:01:22 +0000 UTC Push: 2026-03-23 15:01:22 +0000 UTC |