unSafe.sh - 不安全

malvector/CVE-2025-70342 CVE-2025-70342: Credential Interception via Named Pipe in erase-install
Create: 2026-02-27 17:10:10 +0000 UTC Push: 2026-02-27 17:10:12 +0000 UTC |

malvector/CVE-2025-70341 CVE-2025-70341: Local Privilege Escalation via TOCTOU in App-Auto-Patch
Create: 2026-02-27 17:09:24 +0000 UTC Push: 2026-02-27 17:09:26 +0000 UTC |

JarvisDing-sdu/Yasa-CVE-2023-46229 Python exploit for CVE-2023-46229 with Yasa
Create: 2026-02-27 16:41:42 +0000 UTC Push: 2026-02-27 16:41:43 +0000 UTC |

JoshuaProvoste/CVE-2026-2472-Vertex-AI-SDK-Google-Cloud Technical PoC for CVE-2026-2472 (GCP-2026-011): Unauthenticated and Stored Cross-Site Scripting (XSS) in google-cloud-aiplatform _genai/_evals_visualization (Vertex AI Python SDK) affecting Jupyter/Colab.
Create: 2026-02-27 14:57:39 +0000 UTC Push: 2026-02-27 15:50:07 +0000 UTC |

rootdirective-sec/CVE-2026-1581-Analysis-Lab
Create: 2026-02-27 13:52:57 +0000 UTC Push: 2026-02-27 13:52:57 +0000 UTC |

NeCr00/CVE-2022-21445 Exploit for CVE-2022-21445 of Oracle Weblogic 12.2.1.X
Create: 2026-02-27 09:54:58 +0000 UTC Push: 2026-02-27 09:54:58 +0000 UTC |

SafeLock-D2E/Quiksand-CVE-2023-24012
Create: 2026-02-27 06:58:53 +0000 UTC Push: 2026-02-27 06:58:53 +0000 UTC |

dbwlsdnr95/CVE-2025-1302
Create: 2026-02-27 04:05:11 +0000 UTC Push: 2026-02-27 04:05:11 +0000 UTC |

Nxploited/CVE-2025-39459 Real Estate 7 <= 3.5.2 - Unauthenticated Privilege Escalation
Create: 2026-02-27 02:07:43 +0000 UTC Push: 2026-02-27 02:07:43 +0000 UTC |

atiilla/CVE-2026-21852-PoC
Create: 2026-02-27 01:13:21 +0000 UTC Push: 2026-02-27 01:13:22 +0000 UTC |

NeCr00/CVE-2020-14645 Exploit for CVE-2020-14645 of Weblogic 12.2.1.X
Create: 2026-02-26 23:33:30 +0000 UTC Push: 2026-02-26 23:33:31 +0000 UTC |

az4rvs/Mirth-Connect-CVE-2023-43208
Create: 2026-02-26 22:21:23 +0000 UTC Push: 2026-02-26 22:21:24 +0000 UTC |

kooyaniks/CVE-2025-14733-analysis CVE-2025-14733 — WatchGuard Firebox iked Out-of-Bounds Write Static Analysis
Create: 2026-02-26 21:27:04 +0000 UTC Push: 2026-02-26 21:27:08 +0000 UTC |

DanielHallbro/CVE-2022-36804-Bitbucket-RCE-Analysis Full-chain reproduction of CVE-2022-36804 (Bitbucket RCE). Includes a Dockerized laboratory, pspy64 monitoring for null-byte injection verification, and a custom Bash exploit script. Based on Assetnote research.
Create: 2026-02-26 20:42:45 +0000 UTC Push: 2026-02-26 20:42:46 +0000 UTC |

zaryouhashraf/CVE-2021-44228 CVE-2021-44228
Create: 2026-02-26 18:39:00 +0000 UTC Push: 2026-02-26 18:39:00 +0000 UTC |

0xAshwesker/CVE-2021-44228 CVE-2021-44228
Create: 2026-02-26 18:39:00 +0000 UTC Push: 2026-03-05 21:10:47 +0000 UTC |

Crims-on/CVE-2021-21239 A script to exploit a vulnerability in xmlsec1 where xmlsec ignores loaded public keys
Create: 2026-02-26 18:35:37 +0000 UTC Push: 2026-02-26 18:36:30 +0000 UTC |

oxfemale/CVE-2026-2636_PoC **CVE-2026-2636** is a vulnerability in the Windows Common Log File System (CLFS) driver (`CLFS.sys`). An unprivileged user can trigger an unrecoverable system state by calling the `ReadFile` API on a handle opened via `CreateLogFile`. This results in a Blue Screen of Death (BSoD), leading to a denial of service (DoS)
Create: 2026-02-26 17:28:02 +0000 UTC Push: 2026-02-26 17:28:02 +0000 UTC |

ChrisSub08/CVE-2026-32127_SqlInjectionVulnerabilityOpenEMR8.0.0 CVE-2026-32127: SQL Injection Vulnerability in OpenEMR <8.0.0.1
Create: 2026-02-26 17:25:38 +0000 UTC Push: 2026-03-16 14:48:30 +0000 UTC |

androidteacher/REACT-CVE-2025-55182-Lab Lab with PoC
Create: 2026-02-26 17:23:04 +0000 UTC Push: 2026-02-26 17:23:05 +0000 UTC |