unSafe.sh - 不安全

mbanyamer/CVE-2026-25939-SCADA-FUXA-Unauthenticated-Remote-Arbitrary
Create: 2026-02-10 10:41:44 +0000 UTC Push: 2026-02-10 10:41:45 +0000 UTC |

mbanyamer/SCADA-FUXA-1.2.8-1.2.11-CVE-2026-25939
Create: 2026-02-10 10:38:18 +0000 UTC Push: 2026-02-10 10:38:19 +0000 UTC |

av4nth1ka/jinjava-cve-2026-25526-poc lab setup + exploits for CVE-2026-25526
Create: 2026-02-10 10:24:52 +0000 UTC Push: 2026-02-10 10:25:29 +0000 UTC |

symphony2colour/CVE-2025-6018-udisks-lpe-no-image Script-only privilege escalation chain using CVE-2025-6018 and UDisks2 (no filesystem image included).
Create: 2026-02-10 09:29:32 +0000 UTC Push: 2026-02-10 09:29:32 +0000 UTC |

symphony2colour/CVE-2025-6019-udisks-lpe-no-image Script-only privilege escalation chain using CVE-2025-6018 and UDisks2 (no filesystem image included).
Create: 2026-02-10 09:29:32 +0000 UTC Push: 2026-02-10 09:29:32 +0000 UTC |

mbanyamer/CVE-2026-25961-SumatraPDF-3.5.0---3.5.2-RCE SumatraPDF versions 3.5.0 to 3.5.2 disable TLS hostname verification during update checks # (using INTERNET_FLAG_IGNORE_CERT_CN_INVALID) and do not perform any signature or integrity # validation on the downloaded installer.
Create: 2026-02-10 08:36:32 +0000 UTC Push: 2026-02-10 08:36:33 +0000 UTC |

ChrisSub08/CVE-2026-29187_SqlInjectionVulnerabilityOpenEmr7.0.4 CVE-2026-29187: SQL Injection Vulnerability in OpenEMR <8.0.0.3
Create: 2026-02-10 07:08:38 +0000 UTC Push: 2026-03-26 08:38:44 +0000 UTC |

bananoname/CVE-2024-6386-WPML-SSTI
Create: 2026-02-10 06:32:20 +0000 UTC Push: 2026-02-10 06:32:33 +0000 UTC |

faysalferdous/CVE-2025-68645-Exploiting-Zimbra-Webmail-LFI-Vulnerability
Create: 2026-02-10 04:28:52 +0000 UTC Push: 2026-02-10 04:28:53 +0000 UTC |

harrymaguire1878/CVE-2020-0796
Create: 2026-02-10 03:00:54 +0000 UTC Push: 2026-02-10 03:00:55 +0000 UTC |

ibrahmsql/CVE-2026-25807-Exploit CVE-2026-25807 Unauthenticated Remote Code Execution via P2P Sharing in ZAI-Shell Exploit and PoC
Create: 2026-02-10 02:54:13 +0000 UTC Push: 2026-02-10 02:54:14 +0000 UTC |

NtGabrielGomes/CVE-2025-69516 tactical rmm SSTI exploit
Create: 2026-02-10 01:40:03 +0000 UTC Push: 2026-02-10 01:40:03 +0000 UTC |

George0Papasotiriou/CVE-2025-61882-Oracle-BI-Publisher-RCE
Create: 2026-02-10 00:33:30 +0000 UTC Push: 2026-02-10 00:34:21 +0000 UTC |

George0Papasotiriou/CVE-2025-59470-PostgreSQL-Command-Injection
Create: 2026-02-10 00:32:02 +0000 UTC Push: 2026-02-10 00:32:54 +0000 UTC |

George0Papasotiriou/CVE-2025-8110-Gogs-Remote-Code-Execution
Create: 2026-02-10 00:30:07 +0000 UTC Push: 2026-02-10 00:30:08 +0000 UTC |

George0Papasotiriou/CVE-2025-14174-Chrome-Zero-Day
Create: 2026-02-10 00:26:50 +0000 UTC Push: 2026-02-10 00:26:51 +0000 UTC |

George0Papasotiriou/CVE-2025-15556-Notepad-WinGUp-Updater-RCE
Create: 2026-02-10 00:23:48 +0000 UTC Push: 2026-02-10 00:23:48 +0000 UTC |

George0Papasotiriou/CVE-2025-55182-React2Shell-CVSS-10.0-
Create: 2026-02-10 00:19:11 +0000 UTC Push: 2026-02-10 00:19:11 +0000 UTC |

George0Papasotiriou/CVE-2026-21962-Oracle-HTTP-Server-WebLogic-Proxy-Plug-in-Critical- Oracle Fusion Middleware Oracle HTTP Server / WebLogic Server Proxy Plug-in has an easily exploitable, unauthenticated, network-reachable flaw allowing compromise over HTTP. Affected supported versions include 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0.
Create: 2026-02-09 23:43:42 +0000 UTC Push: 2026-02-09 23:44:45 +0000 UTC |

George0Papasotiriou/CVE-2026-22187-Bio-Formats-unsafe-Java-deserialization-via-.bfmemo Bio-Formats ≤ 8.3.0 performs unsafe Java deserialization of attacker-controlled .bfmemo cache files during image processing; crafted .bfmemo can trigger deserialization of untrusted data (DoS/logic manipulation; potentially RCE if gadget chains exist).
Create: 2026-02-09 23:39:31 +0000 UTC Push: 2026-02-09 23:40:21 +0000 UTC |