cyhe50/cve-2022-23636-poc Create: 2026-04-27 02:03:37 +0000 UTC Push: 2026-04-27 02:03:47 +0000 UTC |

Hex-Neo/CVE-2026-22812-OpenCode-RCE-exp Create: 2026-04-27 01:38:45 +0000 UTC Push: 2026-04-27 01:39:10 +0000 UTC |

murrez/CVE-2026-0911 CVE-2026-0911 için kimlik doğrulamalı test aracı: Hustle eklentisinde modül içe aktarma üzerinden zayıf dosya yükleme ve “yetim dosya” davranışını kontrol eder; yalnızca izinli ortamlarda ve geçerli WordPress oturumuyla kullanılmalıdır. Create: 2026-04-27 01:00:21 +0000 UTC Push: 2026-04-27 01:00:33 +0000 UTC |

vytlanikhil/CVE-2026-37272 Create: 2026-04-26 20:18:34 +0000 UTC Push: 2026-05-07 13:19:08 +0000 UTC |

vxqs/Lenovo-CVE-2025-8061 My PoC of Lenovo-CVE-2025-8061 Create: 2026-04-26 17:47:59 +0000 UTC Push: 2026-04-26 17:48:15 +0000 UTC |

4chech/CVE-2026-41242 some simple node.js web app with PoC code for CVE-2026-41242 Create: 2026-04-26 16:48:56 +0000 UTC Push: 2026-04-26 16:49:26 +0000 UTC |

monkeontheroof/cve-2026-21877-rce Create: 2026-04-26 12:52:28 +0000 UTC Push: 2026-04-26 12:52:29 +0000 UTC |

cazzysoci/cve-breeze-2026 Create: 2026-04-26 06:24:21 +0000 UTC Push: 2026-04-26 06:24:47 +0000 UTC |

Dhiaelhak-Rached/CVE-2026-39987-lab-or-marimo-cve-lab Create: 2026-04-26 05:54:04 +0000 UTC Push: 2026-04-26 05:54:05 +0000 UTC |

sw0rd1ight/CVE-2026-1207 Django 框架在使用 PostGIS 查询地理栅格（raster）数据时，若将未经验证的用户输入直接作为 band index（波段索引）参数，会引发 SQL 注入 Create: 2026-04-26 02:54:10 +0000 UTC Push: 2026-04-26 02:54:11 +0000 UTC |

killukeren/-CVE-2019-9053 CMS Simple CVE Recode Script Python 3 Create: 2026-04-25 23:44:29 +0000 UTC Push: 2026-04-25 23:44:53 +0000 UTC |

murrez/CVE-2026-0740 CVE-2026-0740 Create: 2026-04-25 23:12:47 +0000 UTC Push: 2026-04-25 23:12:48 +0000 UTC |

TurkiOS/CVE-2026-41177-Squidex-CMS CVE-2026-41177, a Blind SSRF vulnerability in Squidex CMS (prior to v7.23.0). Includes root cause analysis, reproduction steps, and impact assessment regarding Local File Interaction (LFI). Create: 2026-04-25 20:50:18 +0000 UTC Push: 2026-04-25 20:50:18 +0000 UTC |

TurkiOS/cve-2026-32699-facturascripts-nick-bypass Broken Access Control in FacturaScripts EditUser controller allows authenticated users to rename any account (including admin) by modifying the unvalidated nick parameter via proxy interception. Patched but unpublished CVE. Create: 2026-04-25 20:15:16 +0000 UTC Push: 2026-04-25 20:15:16 +0000 UTC |

DONKEY0xSHOT/CVE-2017-11882-Blocker Create: 2026-04-25 19:21:21 +0000 UTC Push: 2026-04-25 19:21:21 +0000 UTC |

dinosn/CVE-2026-3844 CVE-2026-3844: Breeze Cache <= 2.4.4 Unauthenticated Arbitrary File Upload to RCE (CVSS 9.8) Create: 2026-04-25 17:35:16 +0000 UTC Push: 2026-04-25 17:35:17 +0000 UTC |

davidrxchester/CVE-2026-7720 POC for CVE-2026-7720 - Ollama tensor digest path traversal Create: 2026-04-25 17:16:27 +0000 UTC Push: 2026-04-25 17:16:27 +0000 UTC |

davidrxchester/CVE-2026-7020 POC for CVE-2026-7720 - Ollama tensor digest path traversal Create: 2026-04-25 17:16:27 +0000 UTC Push: 2026-04-25 17:26:16 +0000 UTC |

h3raklez/CVE-2026-39987 Marimo Pre-Auth RCE Create: 2026-04-25 16:50:34 +0000 UTC Push: 2026-04-25 16:50:34 +0000 UTC |

h3raklez/CVE-2023-32629 OverlayFS Local Privilege Escalation - Full write-up to full escalation Create: 2026-04-25 14:42:57 +0000 UTC Push: 2026-04-25 14:42:57 +0000 UTC |