gpheheise/CVE-2025-XXXXX-Remote-Code-Execution-RCE-Korbyte-3.6 Create: 2026-01-23 20:53:41 +0000 UTC Push: 2026-01-23 20:53:41 +0000 UTC |

SnailSploit/CVE-2026-1208 Friendly Functions for Welcart <= 1.2.5 - Cross-Site Request Forgery to Settings Update Create: 2026-01-23 20:51:35 +0000 UTC Push: 2026-01-23 20:51:35 +0000 UTC |

Sairbo/Unihackers---CVE-2025-55182- Create: 2026-01-23 18:05:59 +0000 UTC Push: 2026-01-23 18:05:59 +0000 UTC |

SystemVll/CVE-2026-24061 Create: 2026-01-23 17:26:43 +0000 UTC Push: 2026-01-23 17:26:45 +0000 UTC |

MalikHamza7/CVE-2026-22794-auto Create: 2026-01-23 15:10:31 +0000 UTC Push: 2026-01-23 15:10:31 +0000 UTC |

MalikHamza7/CVE-2026-22794-POC Create: 2026-01-23 15:10:31 +0000 UTC Push: 2026-01-23 15:15:06 +0000 UTC |

fumioryoto/CVE-2025-2294-Kubio-2.5.1-LFi-Checker The Kubio AI Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.5.1 via the `kubio_hybrid_theme_load_template` function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files.. Create: 2026-01-23 12:41:05 +0000 UTC Push: 2026-01-23 12:41:05 +0000 UTC |

balgan/CVE-2026-24061 inetutils-telnetd Authentication Bypass - working Create: 2026-01-23 12:33:03 +0000 UTC Push: 2026-01-23 12:33:03 +0000 UTC |

NiceTop1027/CVE-2026-Pending-Claude-Desktop-RCE Create: 2026-01-23 12:21:32 +0000 UTC Push: 2026-01-23 12:21:55 +0000 UTC |

ninjazan420/CVE-2025-52691-PoC-SmarterMail-authentication-bypass-exploit-WT-2026-0001 CVE-2025-52691 PoC: Based on watchtowr's article WT-2026-0001 about an authentication bypass exploit, this one is a functional Python attack script. Create: 2026-01-23 11:48:20 +0000 UTC Push: 2026-01-23 11:48:21 +0000 UTC |

nikn0laty/TYPO3-HTML-Sanitizer-XSS-CVE-2023-47125 DOM processing instructions are not handled correctly. This allows bypassing the cross-site scripting mechanism of typo3/html-sanitizer. Create: 2026-01-23 11:13:05 +0000 UTC Push: 2026-01-23 11:13:06 +0000 UTC |

r00tuser111/CVE-2026-24061 CVE-2026-24061 环境 Create: 2026-01-23 08:59:03 +0000 UTC Push: 2026-01-23 08:59:03 +0000 UTC |

m3ngx1ng/cve_2026_24061_cli cve_2026_24061快速利用工具 Create: 2026-01-23 08:51:03 +0000 UTC Push: 2026-01-23 08:51:04 +0000 UTC |

Ashwesker/Ashwesker-CVE-2026-24061 CVE-2026-24061 Create: 2026-01-23 07:20:01 +0000 UTC Push: 2026-01-23 07:20:01 +0000 UTC |

monstertsl/CVE-2026-24061 CVE-2026-24061 漏洞检测工具 Create: 2026-01-23 03:16:53 +0000 UTC Push: 2026-01-23 03:16:54 +0000 UTC |

bfdfhdsfdd-crypto/CVE-2026-22444 CVE-2026-22444 是一个影响 Apache Solr 的安全漏洞，于 2026 年 1 月 20 日左右公开披露。该漏洞源于 Apache Solr 的 "create core" API 在某些 API 参数上的输入验证不足（CWE-20: Improper Input Validation），允许攻击者在 Solr 运行于 "standalone" 模式时绕过安全规则，可能导致数据泄露、远程代码执行 (RCE) 或 NTLM 哈希披露。 1 2 3 具体而言，如果 Solr 未启用认证或用户具有创建核心的权限，攻击者可以通过精心构造的请求滥用该 API 来访问受保护的文件或执行恶意操作。 Create: 2026-01-23 02:18:02 +0000 UTC Push: 2026-01-23 02:18:03 +0000 UTC |

xuemian168/CVE-2026-24061 Create: 2026-01-23 02:14:15 +0000 UTC Push: 2026-01-23 02:14:15 +0000 UTC |

Mkway/CVE-2025-60021 Create: 2026-01-23 01:52:51 +0000 UTC Push: 2026-01-23 01:52:51 +0000 UTC |

Smarttfoxx/CVE-2026-29923 The pstrip64.sys kernel driver exposes an IOCTL that allows low-privileged users to map arbitrary ranges of physical memory into their own virtual address space. This primitive allows full read/write access to the system's physical RAM, enabling attackers to modify critical kernel structures and escalate privileges to NT AUTHORITY\SYSTEM. Create: 2026-01-23 00:02:29 +0000 UTC Push: 2026-04-05 19:00:54 +0000 UTC |

JoshuaProvoste/0-click-RCE-Exploit-for-CVE-2024-9932 Unauthenticated 0-click RCE exploit for CVE-2024-9932. Exploits an arbitrary file upload vulnerability in the Wux Blog Editor WordPress plugin to upload a remote PHP payload, detect the target operating system, and achieve remote command execution through an interactive web shell. Create: 2026-01-22 20:43:52 +0000 UTC Push: 2026-01-22 20:43:52 +0000 UTC |