George0Papasotiriou/CVE-2026-20404-MediaTek-modem-remote-DoS-rogue-base-station-scenario- A MediaTek modem input validation issue can cause a system crash (remote DoS) when a UE connects to a rogue base station controlled by an attacker with no user interaction required. Create: 2026-02-09 23:32:38 +0000 UTC Push: 2026-02-09 23:32:39 +0000 UTC |

MichaelVenturella/CVE-2025-6018-6019-PoC A Proof of Concept for chaining **CVE-2025-6018** (PAM/Polkit Active Session Bypass) and **CVE-2025-6019** (libblockdev SUID Mount Flaw) to achieve Local Privilege Escalation (LPE) on vulnerable Linux systems. Create: 2026-02-09 19:17:23 +0000 UTC Push: 2026-02-09 19:19:40 +0000 UTC |

zeroxjf/CVE-2026-20687-AppleJPEGDriver-UAF CVE-2026-20687: AppleJPEGDriver startDecoder Timeout UAF — iOS/macOS kernel vulnerability leading to deferred panic (A19 Pro, iOS 26.3 RC) Create: 2026-02-09 18:21:45 +0000 UTC Push: 2026-04-06 20:18:20 +0000 UTC |

ISabbiI/PoC---Implementation-Plan---Grafana-CVE-2024-9264-SQL-Injection- Create: 2026-02-09 14:30:09 +0000 UTC Push: 2026-02-09 14:30:23 +0000 UTC |

ISabbiI/PoC---CVE-2023-26482-RCE-LAB-Nextcloud Create: 2026-02-09 14:30:09 +0000 UTC Push: 2026-02-10 09:00:50 +0000 UTC |

0rionCollector/Exploit-Chain-CVE-2025-6018-6019 Exploit Chain of CVE-2025-6018 to CVE-2025-6019 Create: 2026-02-09 13:44:36 +0000 UTC Push: 2026-02-09 13:44:36 +0000 UTC |

mverschu/CVE-2017-7921 HikVision Auth Bypass CVE, tool is able to extract credentials, and take snapshots based on magic cookie or supplied credentials. Create: 2026-02-09 13:17:27 +0000 UTC Push: 2026-02-09 13:17:50 +0000 UTC |

cwjchoi01/CVE-2025-66676 CVE-2025-66676 Create: 2026-02-09 12:42:22 +0000 UTC Push: 2026-02-16 02:47:18 +0000 UTC |

mysara2022/CVE-2025-8671-vulnerability-POC- CVE-2025-8671 vulnerability POC Create: 2026-02-09 11:39:51 +0000 UTC Push: 2026-02-09 11:39:52 +0000 UTC |

ssophiz/CVE-2023-34632 Reflected XSS in 1000projects Book Management System 1.0 Create: 2026-02-09 11:28:34 +0000 UTC Push: 2026-02-09 11:28:34 +0000 UTC |

matesz44/CVE-2025-9074 CVE-2025-9074: Docker Desktop LPE via Docker Engine API wo/ AuthN in posix sh Create: 2026-02-09 10:50:13 +0000 UTC Push: 2026-02-09 10:50:13 +0000 UTC |

mbanyamer/CVE-2026-25916-Roundcube-Webmail-DOM-based-XSS-Exploit-via-SVG-href-Attribute Create: 2026-02-09 10:17:48 +0000 UTC Push: 2026-02-09 10:17:49 +0000 UTC |

edobagusp14/CVEDO2026 Create: 2026-02-09 08:09:52 +0000 UTC Push: 2026-02-09 08:09:53 +0000 UTC |

muyuanlove/CVE-2025-6018-CVE-2025-6019-Privilege-Escalation-Exploit CVE-2025-6018 + CVE-2025-6019 Privilege Escalation Exploit Create: 2026-02-09 08:01:28 +0000 UTC Push: 2026-02-09 08:01:28 +0000 UTC |

0x5chltz/CVE-2025-6019 Create: 2026-02-09 07:10:04 +0000 UTC Push: 2026-02-09 07:10:04 +0000 UTC |

AzureADTrent/CVE-2025-6018-and-CVE-2025-6019-Privilege-Escalation This is just a quick note on how to exploit these vulnerabilities to get root. Create: 2026-02-09 04:41:18 +0000 UTC Push: 2026-02-09 04:41:44 +0000 UTC |

Ch35h1r3c47/CVE-2026-23723-POC This is a lightweight Python helper script designed to automate the generation of sqlmap-compatible PoC files for the authenticated error-based SQL injection vulnerability in WeGIA (≤ 3.6.1), identified as GHSA-xfmp-2hf9-gfjp. Create: 2026-02-09 01:43:55 +0000 UTC Push: 2026-02-09 01:43:55 +0000 UTC |

BrianLopezM99/react2shell-CVE-2025-55182 An exploitation tool for the Next.js vulnerability CVE-2025-55182 that allows remote command execution through a poisoning prototype in React Server Components. Create: 2026-02-09 00:39:46 +0000 UTC Push: 2026-02-09 00:39:46 +0000 UTC |

rabouzia/-CVE-2024-46987 This Rust PoC exploits CVE-2024-46987, a Path Traversal bug in Camaleon CMS 2.8.0 < 2.8.2 (work on 2.9.0). Create: 2026-02-08 20:34:56 +0000 UTC Push: 2026-02-08 20:34:57 +0000 UTC |

rabouzia/CVE-2024-46987 This Rust PoC exploits CVE-2024-46987, a Path Traversal bug in Camaleon CMS 2.8.0 < 2.8.2 (work on 2.9.0). Create: 2026-02-08 20:34:56 +0000 UTC Push: 2026-02-08 20:34:57 +0000 UTC |