unSafe.sh - 不安全

jayhutajulu1/CVE-2026-43284-DirtyFrag-PoC Proof-of-concept for CVE-2026-43284 — 4-byte XFRM/ESP page-cache write primitive to patch a setuid binary (x86_64, user namespaces). Includes kernel preflight + SUID scan.
Create: 2026-05-26 07:35:08 +0000 UTC Push: 2026-05-26 07:39:50 +0000 UTC |

nayakchinmohan/CVE-2026-45401 Working exploit for ssrf issue reported in CVE-2026–45401
Create: 2026-05-26 07:29:35 +0000 UTC Push: 2026-05-26 07:29:36 +0000 UTC |

HORKimhab/CVE-2026-5426 CVE-2026-5426 - Draft
Create: 2026-05-26 07:08:21 +0000 UTC Push: 2026-05-26 07:08:25 +0000 UTC |

xxconi/CVE-2026-3296 CVE-2026-3296 is a CVSS 9.8 Critical unauthenticated PHP Object Injection vulnerability in the Everest Forms WordPress plugin
Create: 2026-05-26 06:33:09 +0000 UTC Push: 2026-05-26 06:33:10 +0000 UTC |

xxconi/CVE-2026-5718 CVE-2026-5718: Unauthenticated File Upload To RCE in DnD Upload CF7 Plugin
Create: 2026-05-26 06:19:35 +0000 UTC Push: 2026-05-26 06:19:36 +0000 UTC |

xxconi/CVE-2026-6741 CVE-2026-6741 is a CVSS 8.8 (High) Authenticated (Agent+) Privilege Escalation vulnerability in the LatePoint – Calendar Booking Plugin
Create: 2026-05-26 06:10:28 +0000 UTC Push: 2026-05-26 06:10:29 +0000 UTC |

xxconi/CVE-2026-5229 CVE-2026-5229: Form Notify Auth Bypass via LINE OAuth Callback (CVSS 9.8)
Create: 2026-05-26 06:04:07 +0000 UTC Push: 2026-05-26 06:04:08 +0000 UTC |

xxconi/CVE-2026-6271
Create: 2026-05-26 05:52:33 +0000 UTC Push: 2026-05-26 05:52:34 +0000 UTC |

xxconi/CVE-2026-2942
Create: 2026-05-26 05:34:31 +0000 UTC Push: 2026-05-26 05:34:32 +0000 UTC |

Asbawy/GrafTraverse---CVE-2021-43798-MiNi-Exploitation-Framework CVE-2021-43798 MiNi Exploitation Framework
Create: 2026-05-26 02:12:42 +0000 UTC Push: 2026-05-26 02:12:43 +0000 UTC |

Asbawy/GrafTraverse-CVE-2021-43798 CVE-2021-43798 MiNi Exploitation Framework
Create: 2026-05-26 02:12:42 +0000 UTC Push: 2026-05-26 02:18:00 +0000 UTC |

Zvckster/CVE-2025-63353 Multi-language PoC (Python · Go · JS · C) and technical documentation for CVE-2025-63353, a critical predictable-default-PSK vulnerability in FiberHome HG6145F1 GPON ONT devices.
Create: 2026-05-25 23:43:11 +0000 UTC Push: 2026-05-25 23:43:12 +0000 UTC |

lvx9101-ux/CVE-2025-55182
Create: 2026-05-25 22:06:23 +0000 UTC Push: 2026-05-25 22:06:24 +0000 UTC |

m00ddy/CVE-2026-0073-Android-client-TLS-auth-bypass
Create: 2026-05-25 18:54:04 +0000 UTC Push: 2026-05-25 18:54:07 +0000 UTC |

portbuster1337/CVE-2026-33137 XWiki Platform - CVE-2026-33137 PoC - Unauthenticated XAR Import via REST /wikis/{wikiName}
Create: 2026-05-25 18:10:26 +0000 UTC Push: 2026-05-25 18:11:14 +0000 UTC |

x3roxismygood/CVE-2012-1803 Critical vulnerability in Siemens RuggedCom ROS devices allowing attackers to derive a hidden factory account password from the device MAC address and gain unauthorized administrative access via TELNET, rsh, or serial interfaces. Affects ROS 3.10.x and earlier.
Create: 2026-05-25 17:37:08 +0000 UTC Push: 2026-05-25 17:37:40 +0000 UTC |

russellwork2021-lgtm/cosmicsting-cve-2024-34102-exploit Complete CosmicSting (CVE-2024-34102) exploit suite for Magento/Adobe Commerce XXE vulnerability
Create: 2026-05-25 17:21:55 +0000 UTC Push: 2026-05-25 17:22:42 +0000 UTC |

portbuster1337/CVE-2026-33712 CVE-2026-33712 - Typebot <= 3.15.2 Unauthenticated SSRF via isolated-vm sandbox fetch
Create: 2026-05-25 16:43:09 +0000 UTC Push: 2026-05-25 16:43:11 +0000 UTC |

renewablehacking/CVE-2026-45321-Tanstack
Create: 2026-05-25 15:34:23 +0000 UTC Push: 2026-05-25 15:34:24 +0000 UTC |

notthemystery/CVE-2026-20700-POC-that-ll-never-work
Create: 2026-05-25 14:56:13 +0000 UTC Push: 2026-05-25 14:56:14 +0000 UTC |