George0Papasotiriou/CVE-2025-8110-Gogs-Remote-Code-Execution Create: 2026-02-10 00:30:07 +0000 UTC Push: 2026-02-10 00:30:08 +0000 UTC |

George0Papasotiriou/CVE-2025-14174-Chrome-Zero-Day Create: 2026-02-10 00:26:50 +0000 UTC Push: 2026-02-10 00:26:51 +0000 UTC |

George0Papasotiriou/CVE-2025-15556-Notepad-WinGUp-Updater-RCE Create: 2026-02-10 00:23:48 +0000 UTC Push: 2026-02-10 00:23:48 +0000 UTC |

George0Papasotiriou/CVE-2025-55182-React2Shell-CVSS-10.0- Create: 2026-02-10 00:19:11 +0000 UTC Push: 2026-02-10 00:19:11 +0000 UTC |

George0Papasotiriou/CVE-2026-21962-Oracle-HTTP-Server-WebLogic-Proxy-Plug-in-Critical- Oracle Fusion Middleware Oracle HTTP Server / WebLogic Server Proxy Plug-in has an easily exploitable, unauthenticated, network-reachable flaw allowing compromise over HTTP. Affected supported versions include 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0. Create: 2026-02-09 23:43:42 +0000 UTC Push: 2026-02-09 23:44:45 +0000 UTC |

George0Papasotiriou/CVE-2026-22187-Bio-Formats-unsafe-Java-deserialization-via-.bfmemo Bio-Formats ≤ 8.3.0 performs unsafe Java deserialization of attacker-controlled .bfmemo cache files during image processing; crafted .bfmemo can trigger deserialization of untrusted data (DoS/logic manipulation; potentially RCE if gadget chains exist). Create: 2026-02-09 23:39:31 +0000 UTC Push: 2026-02-09 23:40:21 +0000 UTC |

George0Papasotiriou/CVE-2026-20404-MediaTek-modem-remote-DoS-rogue-base-station-scenario- A MediaTek modem input validation issue can cause a system crash (remote DoS) when a UE connects to a rogue base station controlled by an attacker with no user interaction required. Create: 2026-02-09 23:32:38 +0000 UTC Push: 2026-02-09 23:32:39 +0000 UTC |

MichaelVenturella/CVE-2025-6018-6019-PoC A Proof of Concept for chaining **CVE-2025-6018** (PAM/Polkit Active Session Bypass) and **CVE-2025-6019** (libblockdev SUID Mount Flaw) to achieve Local Privilege Escalation (LPE) on vulnerable Linux systems. Create: 2026-02-09 19:17:23 +0000 UTC Push: 2026-02-09 19:19:40 +0000 UTC |

zeroxjf/CVE-2026-20687-AppleJPEGDriver-UAF CVE-2026-20687: AppleJPEGDriver startDecoder Timeout UAF — iOS/macOS kernel vulnerability leading to deferred panic (A19 Pro, iOS 26.3 RC) Create: 2026-02-09 18:21:45 +0000 UTC Push: 2026-04-06 20:18:20 +0000 UTC |

ISabbiI/PoC---Implementation-Plan---Grafana-CVE-2024-9264-SQL-Injection- Create: 2026-02-09 14:30:09 +0000 UTC Push: 2026-02-09 14:30:23 +0000 UTC |

ISabbiI/PoC---CVE-2023-26482-RCE-LAB-Nextcloud Create: 2026-02-09 14:30:09 +0000 UTC Push: 2026-02-10 09:00:50 +0000 UTC |

0rionCollector/Exploit-Chain-CVE-2025-6018-6019 Exploit Chain of CVE-2025-6018 to CVE-2025-6019 Create: 2026-02-09 13:44:36 +0000 UTC Push: 2026-02-09 13:44:36 +0000 UTC |

mverschu/CVE-2017-7921 HikVision Auth Bypass CVE, tool is able to extract credentials, and take snapshots based on magic cookie or supplied credentials. Create: 2026-02-09 13:17:27 +0000 UTC Push: 2026-02-09 13:17:50 +0000 UTC |

cwjchoi01/CVE-2025-66676 CVE-2025-66676 Create: 2026-02-09 12:42:22 +0000 UTC Push: 2026-02-16 02:47:18 +0000 UTC |

mysara2022/CVE-2025-8671-vulnerability-POC- CVE-2025-8671 vulnerability POC Create: 2026-02-09 11:39:51 +0000 UTC Push: 2026-02-09 11:39:52 +0000 UTC |

ssophiz/CVE-2023-34632 Reflected XSS in 1000projects Book Management System 1.0 Create: 2026-02-09 11:28:34 +0000 UTC Push: 2026-02-09 11:28:34 +0000 UTC |

matesz44/CVE-2025-9074 CVE-2025-9074: Docker Desktop LPE via Docker Engine API wo/ AuthN in posix sh Create: 2026-02-09 10:50:13 +0000 UTC Push: 2026-02-09 10:50:13 +0000 UTC |

mbanyamer/CVE-2026-25916-Roundcube-Webmail-DOM-based-XSS-Exploit-via-SVG-href-Attribute Create: 2026-02-09 10:17:48 +0000 UTC Push: 2026-02-09 10:17:49 +0000 UTC |

edobagusp14/CVEDO2026 Create: 2026-02-09 08:09:52 +0000 UTC Push: 2026-02-09 08:09:53 +0000 UTC |

muyuanlove/CVE-2025-6018-CVE-2025-6019-Privilege-Escalation-Exploit CVE-2025-6018 + CVE-2025-6019 Privilege Escalation Exploit Create: 2026-02-09 08:01:28 +0000 UTC Push: 2026-02-09 08:01:28 +0000 UTC |