unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Search
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
Smarttfoxx/CVE-2026-29923
The pstrip64.sys kernel driver exposes an IOCTL that allows low-privileged users to map arbitrary ranges of physical memory into their own virtual address space. This primitive allows full read/write access to the system's physical RAM, enabling attackers to modify critical kernel structures and escalate privileges to NT AUTHORITY\SYSTEM.
Create: 2026-01-23 00:02:29 +0000 UTC Push: 2026-04-05 19:00:54 +0000 UTC |
JoshuaProvoste/0-click-RCE-Exploit-for-CVE-2024-9932
Unauthenticated 0-click RCE exploit for CVE-2024-9932. Exploits an arbitrary file upload vulnerability in the Wux Blog Editor WordPress plugin to upload a remote PHP payload, detect the target operating system, and achieve remote command execution through an interactive web shell.
Create: 2026-01-22 20:43:52 +0000 UTC Push: 2026-01-22 20:43:52 +0000 UTC |
h3athen/CVE-2026-24061
CVE-2026-24061 - Exploit
Create: 2026-01-22 20:33:24 +0000 UTC Push: 2026-01-22 20:33:24 +0000 UTC |
JoshuaProvoste/0-click-RCE-Exploit-for-CVE-2024-50498
Unauthenticated 0-click RCE exploit for CVE-2024-50498. Exploits a code injection vulnerability in the LUBUS WP Query Console plugin to execute arbitrary PHP code, write a web shell to the uploads directory, detect the target operating system, and achieve remote command execution via an interactive shell.
Create: 2026-01-22 20:29:00 +0000 UTC Push: 2026-01-22 20:29:00 +0000 UTC |
Stp1t/CVE-2023-40028
Exploit for CVE-2023-40028 (for educational purposes)
Create: 2026-01-22 20:12:19 +0000 UTC Push: 2026-01-29 12:34:53 +0000 UTC |
JoshuaProvoste/0-click-RCE-Exploit-for-CVE-2024-10924
Unauthenticated authentication bypass to RCE exploit for CVE-2024-10924. Abuses an authentication and 2FA bypass in the Really Simple Security WordPress plugin to impersonate an admin user, upload a malicious plugin, and achieve remote command execution via an interactive shell.
Create: 2026-01-22 20:01:07 +0000 UTC Push: 2026-01-22 20:01:08 +0000 UTC |
m4sh-wacker/CVE-2026-0594-ListSiteContributors-Plugin-Exploit
Create: 2026-01-22 19:58:18 +0000 UTC Push: 2026-01-22 19:58:19 +0000 UTC |
Galaxy-sc/CVE-2026-0920-WordPress-LA-Studio-Exploit
Create: 2026-01-22 19:33:23 +0000 UTC Push: 2026-01-22 19:33:24 +0000 UTC |
Galaxy-sc/CVE-2026-0920
Create: 2026-01-22 19:29:56 +0000 UTC Push: 2026-01-22 19:29:57 +0000 UTC |
JoshuaProvoste/0-click-RCE-Exploit-for-CVE-2024-50526
Unauthenticated 0-click RCE exploit for CVE-2024-50526. Exploits an arbitrary file upload vulnerability in a vulnerable WordPress form plugin to upload a PHP payload, verify its location, detect the target operating system, and achieve remote command execution via an interactive shell.
Create: 2026-01-22 19:27:51 +0000 UTC Push: 2026-01-22 19:27:52 +0000 UTC |
NiceTop1027/CVE-2026-XXXX-Meru-Shell-OpenExternal-RCE
Create: 2026-01-22 19:00:46 +0000 UTC Push: 2026-01-22 19:00:46 +0000 UTC |
JoshuaProvoste/0-click-RCE-Exploit-for-CVE-2024-51791
Exploits an arbitrary file upload vulnerability in a vulnerable WordPress forms plugin to upload a PHP payload, locate the uploaded file, detect the target OS, and obtain remote command execution via an interactive shell.
Create: 2026-01-22 18:57:51 +0000 UTC Push: 2026-01-22 18:57:51 +0000 UTC |
SafeBreach-Labs/CVE-2026-24061
Exploitation of CVE-2026-24061
Create: 2026-01-22 18:30:17 +0000 UTC Push: 2026-01-22 19:22:08 +0000 UTC |
NiceTop1027/CVE-2026-Pending-Extract-Zip-Arbitrary-File-Write
Create: 2026-01-22 18:28:04 +0000 UTC Push: 2026-01-22 18:28:04 +0000 UTC |
NiceTop1027/CVE-2026-Pending-Delegator-Command-Injection
Create: 2026-01-22 18:05:59 +0000 UTC Push: 2026-01-22 18:05:59 +0000 UTC |
dptsec/CVE-2026-22444
PoC for CVE-2026-22444: Apache Solr 8.6-9.10.0 Windows standalone mode RCE/NTLM hash disclosure
Create: 2026-01-22 17:55:17 +0000 UTC Push: 2026-01-22 17:55:28 +0000 UTC |
JoshuaProvoste/0-click-RCE-Exploit-for-CVE-2024-51793
Unauthenticated 0-click RCE exploit for CVE-2024-51793. Exploits an arbitrary file upload vulnerability via admin-ajax.php to upload a PHP payload and achieve remote command execution on vulnerable WordPress installations, including OS detection and an interactive command shell.
Create: 2026-01-22 17:48:32 +0000 UTC Push: 2026-01-22 17:48:32 +0000 UTC |
MemerGamer/CVE-2025-55182
CVE-2025-55182
Create: 2026-01-22 17:39:41 +0000 UTC Push: 2026-01-22 17:39:45 +0000 UTC |
NiceTop1027/CVE-2026-Pending-Django-Summernote-RCE
Create: 2026-01-22 17:29:07 +0000 UTC Push: 2026-01-22 17:29:42 +0000 UTC |
JoshuaProvoste/0-click-RCE-Exploit-for-CVE-2023-51409
Unauthenticated 0-click RCE exploit for CVE-2023-51409. Abuses an arbitrary file upload flaw in the AI Engine WordPress plugin to upload a PHP webshell and achieve remote command execution without authentication, including OS detection and an interactive shell.
Create: 2026-01-22 17:21:29 +0000 UTC Push: 2026-01-22 17:21:29 +0000 UTC |
Previous
193
194
195
196
197
198
199
200
Next