unSafe.sh - 不安全

Resellnom/litespeed-cpanel-cve-2026-54420-fix
Create: 2026-06-16 07:14:20 +0000 UTC Push: 2026-06-16 07:14:21 +0000 UTC |

HORKimhab/CVE-2026-20262 CVE-2026-20262 - Draft
Create: 2026-06-16 06:24:11 +0000 UTC Push: 2026-06-16 06:24:14 +0000 UTC |

HORKimhab/CVE-2026-54420 CVE-2026-54420 - Draft
Create: 2026-06-16 06:09:03 +0000 UTC Push: 2026-06-16 06:09:07 +0000 UTC |

Saku0512/CVE-2026-54686-poc
Create: 2026-06-16 04:41:10 +0000 UTC Push: 2026-06-16 05:30:43 +0000 UTC |

deepwoodssec/CVE-2026-36522 CVE-2026-36522: unauthenticated NaN injection via MAVLink PARAM_SET in ArduPilot ArduPlane (CWE-1287, DoS/integrity)
Create: 2026-06-16 01:43:24 +0000 UTC Push: 2026-06-16 01:43:25 +0000 UTC |

SentinelXofficial/CVE-2025-55182 PoC exploit for CVE-2025-55182 (React2Shell) — Pre-auth RCE in React Server Components | CVSS 10.0
Create: 2026-06-16 01:38:24 +0000 UTC Push: 2026-06-16 01:38:25 +0000 UTC |

iltosec/CVE-2026-54596 CVE-2026-54596 - Authenticated SQL Injection via recurring_invoice_frequency Parameter Enables Full Database Exfiltration
Create: 2026-06-15 22:09:02 +0000 UTC Push: 2026-06-15 22:09:03 +0000 UTC |

iltosec/CVE-2026-54597 CVE-2026-54597 — ITFlow Time-Based Blind SQL Injection
Create: 2026-06-15 21:57:56 +0000 UTC Push: 2026-06-15 21:57:57 +0000 UTC |

tar-xz/CVE-2026-53519-PoC PoC exploit for CVE-2026-53519.
Create: 2026-06-15 19:06:37 +0000 UTC Push: 2026-06-15 19:06:38 +0000 UTC |

dhmosfunk/CVE-2026-49160---HTTP.sys-PoC HTTP.sys Denial of Service Vulnerability
Create: 2026-06-15 18:30:18 +0000 UTC Push: 2026-06-15 18:30:18 +0000 UTC |

dhmosfunk/CVE-2026-49160-HTTP.sys HTTP.sys Denial of Service Vulnerability
Create: 2026-06-15 18:30:18 +0000 UTC Push: 2026-06-15 18:30:18 +0000 UTC |

ElianGonzi00/CVE-2025-2783
Create: 2026-06-15 18:01:34 +0000 UTC Push: 2026-06-15 18:01:34 +0000 UTC |

tihomirocrew/cve-2026-3437
Create: 2026-06-15 16:05:55 +0000 UTC Push: 2026-06-15 16:05:56 +0000 UTC |

hacbs-release-tests/collectors-no-cve-20696a65
Create: 2026-06-15 15:27:01 +0000 UTC Push: 2026-06-15 15:27:05 +0000 UTC |

DylanZahedi/CVE-2026-9277
Create: 2026-06-15 13:37:09 +0000 UTC Push: 2026-06-15 13:37:10 +0000 UTC |

ikarolaborda/CVE-2026-40176
Create: 2026-06-15 10:35:51 +0000 UTC Push: 2026-06-15 10:35:52 +0000 UTC |

jfs-jfs/CVE-2026-37073 Incorrect access control in /vfm-admin/ajax/sendfiles.php in Veno File Manager Project 4.4.9 allows an unauthenticated attacker to send emails from the configured SMPT server on the application via making a POST request to the endpoint with needed parameters and header.
Create: 2026-06-15 10:09:45 +0000 UTC Push: 2026-06-15 10:10:32 +0000 UTC |

jfs-jfs/CVE-2026-37072 Veno File Manager Project Veno File Manager Project 4.4.9 is vulnerable to Incorrect Access Control in admin-head-updates.php
Create: 2026-06-15 10:07:25 +0000 UTC Push: 2026-06-15 10:09:00 +0000 UTC |

jfs-jfs/CVE-2026-37071 Arbitrary File Rename Leading to Privilege Escalation in Actions::renameFile() function in Veno File Manager Project 4.4.9 allows an authenticated attacker with 'reanme' permission to take over the super administrator account via a specially crafted POST request.
Create: 2026-06-15 10:00:56 +0000 UTC Push: 2026-06-15 10:05:31 +0000 UTC |

jfs-jfs/CVE-2026-37070 Incorrect access control in /vfm-admin/ajax/streamvid.php in Veno File Manager Project in 4.4.9 allows an authenticated attacker to read any uploaded files by other users as long as it knows the path and filename via a specially crafted GET request to the affected endpoint.
Create: 2026-06-15 09:55:32 +0000 UTC Push: 2026-06-15 09:59:18 +0000 UTC |