ozcanpng/CVE-2025-57819-FreePBX-RCE2Root Create: 2026-06-18 22:34:29 +0000 UTC Push: 2026-06-18 22:34:31 +0000 UTC |

g0thamRabb1t/joomla-jce-cve-2026-48907-detection Defensive lab validation and SOC detection guidance for CVE-2026-48907 in Joomla JCE <= 2.9.99.4, including Apache/Joomla/auditd telemetry, webshell artifacts, Sigma rules, MITRE ATT&CK mapping and mitigation recommendations. Create: 2026-06-18 22:12:15 +0000 UTC Push: 2026-06-18 22:12:16 +0000 UTC |

error-inside/CVE-2026-39808 Fortinet FortiSandbox 4.4.0-4.4.8 - OS Command Injection via tracer-behavior Endpoint Create: 2026-06-18 20:32:26 +0000 UTC Push: 2026-06-18 20:32:27 +0000 UTC |

error-inside/CVE-2026-10520 Root-Level RCE via OS Command Injection in Ivanti Sentry Create: 2026-06-18 20:20:55 +0000 UTC Push: 2026-06-18 20:20:56 +0000 UTC |

error-inside/CVE-2026-47670 Authenticated Remote Code Execution via loadReader functionName code injection in DbGate Create: 2026-06-18 20:12:54 +0000 UTC Push: 2026-06-18 20:12:55 +0000 UTC |

vqec/CVE-2021-4034 Create: 2026-06-18 19:33:04 +0000 UTC Push: 2026-06-18 19:33:17 +0000 UTC |

Polosss/By-Poloss..-..CVE-2026-7515-PoC Unauthenticated Local File Inclusion Create: 2026-06-18 19:02:31 +0000 UTC Push: 2026-06-18 19:02:32 +0000 UTC |

itsthalisman/cve-2026-3359-exp A PoC/exploit written in python for the vulnerability CVE-2026-3359 situated within Form Maker by 10Web. Create: 2026-06-18 17:51:58 +0000 UTC Push: 2026-06-18 17:51:59 +0000 UTC |

0xBlackash/CVE-2026-40369 CVE-2026-40369 Create: 2026-06-18 16:16:17 +0000 UTC Push: 2026-06-18 16:16:18 +0000 UTC |

fevar54/CVE-2026-54420-LiteSpeed-Symlink-Exploit A vulnerability in LiteSpeed cPanel Plugin before 2.4.8 and WHM Plugin before 5.3.2.0 mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS. Create: 2026-06-18 15:18:55 +0000 UTC Push: 2026-06-18 15:18:56 +0000 UTC |

0xCyberstan/CVE-2026-46215-POC Create: 2026-06-18 14:39:11 +0000 UTC Push: 2026-06-18 14:39:12 +0000 UTC |

BenedictEjepu/CVE-2024-24945-NGINX-RIFT---TryHackMe-Lab-Walkthrough This lab demonstrates the exploitation of CVE-2024-24945, a heap corruption vulnerability affecting NGINX. The objective was to understand how memory corruption can lead to Remote Code Execution (RCE) and gain practical experience in exploitation, detection, and mitigation techniques. Create: 2026-06-18 14:12:08 +0000 UTC Push: 2026-06-18 14:12:09 +0000 UTC |

hacbs-release-tests/collectors-no-cve-3b20fe8b Create: 2026-06-18 13:52:20 +0000 UTC Push: 2026-06-18 13:53:00 +0000 UTC |

0xc03307b/CVE-2026-49975 HTTP2-Bomb Create: 2026-06-18 13:17:37 +0000 UTC Push: 2026-06-18 06:00:02 +0000 UTC |

0xBlackash/CVE-2026-50656 CVE-2026-50656 Create: 2026-06-18 13:16:36 +0000 UTC Push: 2026-06-18 13:16:37 +0000 UTC |

InertFluid/cve-2026-54316-lab Reproduction lab for CVE-2026-54316 (Claude Code WebFetch huggingface.co bare-hostname permission bypass / exfiltration) Create: 2026-06-18 11:36:59 +0000 UTC Push: 2026-06-18 11:37:02 +0000 UTC |

UmbraDeorum/cutenews-2.0-CVEs-2026-Disclosure Cutenews (https://github.com/CuteNews/cutenews-2.0) Multiple CVEs 2026 Disclosure Repository Create: 2026-06-18 10:49:22 +0000 UTC Push: 2026-06-18 12:09:50 +0000 UTC |

minq0x1412/CVE-2023-21987-v-CVE-2023-21991 Create: 2026-06-18 10:37:38 +0000 UTC Push: 2026-06-18 10:37:46 +0000 UTC |

minq0x1412/CVE-2023-21987-and-CVE-2023-21991 Create: 2026-06-18 10:37:38 +0000 UTC Push: 2026-06-18 10:37:46 +0000 UTC |

Yucaerin/CVE-2025-6254 CVE-2025-6254 — Doctreat Core <= 1.6.8 — Unauthenticated Privilege Escalation Create: 2026-06-18 10:28:16 +0000 UTC Push: 2026-06-18 10:28:17 +0000 UTC |