SpeatX/CVE-2019-8942-WordPress-RCE Python exploit toolkit for WordPress Crop Image RCE — CVE-2019-8942 & CVE-2019-8943 Create: 2026-05-22 16:36:35 +0000 UTC Push: 2026-05-23 22:59:47 +0000 UTC |

SpeatX/WordPress-RCE-CVE-2019-8942 Python exploit toolkit for WordPress Crop Image RCE — CVE-2019-8942 & CVE-2019-8943 Create: 2026-05-22 16:36:35 +0000 UTC Push: 2026-05-23 22:59:47 +0000 UTC |

x48ps/CVE-2026-8181 This vulnerability allows unauthenticated attackers who know a valid administrator username to impersonate that admin during REST API requests by using any incorrect password in a Basic Authentication header. Attackers could abuse this flaw to create a new administrator account without prior authentication. Create: 2026-05-22 16:12:48 +0000 UTC Push: 2026-05-22 16:12:49 +0000 UTC |

Pumila03/CVE-2026-6009 Create: 2026-05-22 15:43:22 +0000 UTC Push: 2026-05-23 21:08:41 +0000 UTC |

NullByte8080/CVE-2026-36226 Create: 2026-05-22 14:18:27 +0000 UTC Push: 2026-05-22 14:18:37 +0000 UTC |

NullByte8080/CVE-2026-36228 Create: 2026-05-22 13:46:12 +0000 UTC Push: 2026-05-22 13:46:13 +0000 UTC |

NullByte8080/CVE-2026-36227 Create: 2026-05-22 13:36:01 +0000 UTC Push: 2026-05-22 13:36:01 +0000 UTC |

ahmedFarhat80/CVE-2025-0680-Exploit CVE-2025-0680 Exploit — New Rock Technologies MX8G/OM500/NRP1302 Cloud RPC OS Command Injection (CWE-78) | CVSS 9.8 CRITICAL | Pre-Auth RCE → Root User Injection Create: 2026-05-22 13:18:56 +0000 UTC Push: 2026-05-22 13:18:57 +0000 UTC |

GraoMelo/CVE-2026-AES-Wrap-PAD-PoC Heap Buffer Overflow in AES Wrap with Padding (OpenSSL 4.0.0) — CVE-2026 draft PoC Create: 2026-05-22 12:50:22 +0000 UTC Push: 2026-05-22 12:50:23 +0000 UTC |

GraoMelo/CVE-2026-TDES-Wrap-PoC Heap Buffer Overflow in TDES Wrap Cipher (OpenSSL 4.0.0) — CVE-2026 draft PoC Create: 2026-05-22 12:50:21 +0000 UTC Push: 2026-05-22 12:50:22 +0000 UTC |

mein-0/cve-2025-7771-poc Create: 2026-05-22 11:19:01 +0000 UTC Push: 2026-05-22 11:19:02 +0000 UTC |

96613686/CVE-2026-45584 Create: 2026-05-22 11:04:08 +0000 UTC Push: 2026-05-22 11:04:09 +0000 UTC |

logis11/CVE-2025-55423-analysis-and-reproduction Create: 2026-05-22 10:33:26 +0000 UTC Push: 2026-05-22 10:33:27 +0000 UTC |

HORKimhab/CVE-2026-34926 CVE-2026-34926 Create: 2026-05-22 09:58:04 +0000 UTC Push: 2026-05-22 09:58:07 +0000 UTC |

vuducmanhno100-cloud/CVE-2024-6387 CVE-2024-6387 POC (Currently being edited) Create: 2026-05-22 08:54:27 +0000 UTC Push: 2026-05-22 08:54:27 +0000 UTC |

anansi2safe/CVE-2026-5281 Create: 2026-05-22 08:50:43 +0000 UTC Push: 2026-05-22 08:50:44 +0000 UTC |

Yucaerin/CVE-2026-5118 Divi Form Builder <= 5.1.2 — Unauthenticated Privilege Escalation via Role Injection Create: 2026-05-22 07:53:21 +0000 UTC Push: 2026-05-22 07:53:22 +0000 UTC |

BastianXploited/CVE-2026-8181-mass Create: 2026-05-22 07:46:33 +0000 UTC Push: 2026-05-22 07:46:40 +0000 UTC |

FelineKeeper/CVE-2025-50165-Windows-Graphics-Component-RCE Critical WIC bug (9.8): uninitialized JPEG encode pointers in WindowsCodecs.dll — triggers on 12/16-bit re-encode, not casual preview. Create: 2026-05-22 07:08:27 +0000 UTC Push: 2026-05-22 07:08:28 +0000 UTC |

guard-wait/CVE-2025-39682 just save bzImage Create: 2026-05-22 06:48:33 +0000 UTC Push: 2026-05-22 06:48:34 +0000 UTC |