unSafe.sh - 不安全

covepseng/cve-2026-43515-poc Exploitability PoC for CVE-2026-43515 (Apache Tomcat constraint bypass).
Create: 2026-06-19 11:08:22 +0000 UTC Push: 2026-06-19 11:08:23 +0000 UTC |

Diznev/CVE-2026-48611-EXPLOIT CVE-2026-48611- authentication bypass in phpBB
Create: 2026-06-19 10:28:58 +0000 UTC Push: 2026-06-19 10:28:59 +0000 UTC |

gagaltotal/CVE-2026-10523-Ivanti-sentry CVE-2026-10523 - Ivanti Sentry
Create: 2026-06-19 10:28:47 +0000 UTC Push: 2026-06-19 10:28:48 +0000 UTC |

izxci/CVE_2026_7515 CVE-2026-7515: BetterDocs Pro <= 3.8.0 - Unauthenticated Local File Inclusion TO RCE EXPLOİT
Create: 2026-06-19 08:10:28 +0000 UTC Push: 2026-06-19 08:10:29 +0000 UTC |

ptd200110/CVE-2024-27198-SOC-Lab
Create: 2026-06-19 05:53:59 +0000 UTC Push: 2026-06-19 05:54:01 +0000 UTC |

xxconi/CVE-2026-4782
Create: 2026-06-19 03:20:05 +0000 UTC Push: 2026-06-19 03:20:06 +0000 UTC |

0xk4rth1/CVE-2025-2304 A critical mass assignment vulnerability in Camaleon CMS (< 2.9.1) allows authenticated low-privileged users to elevate their privileges to administrator. The flaw exists in the `updated_ajax`
Create: 2026-06-19 02:34:40 +0000 UTC Push: 2026-06-19 02:35:12 +0000 UTC |

HORKimhab/CVE-2026-42055 CVE-2026-42055 - Draft
Create: 2026-06-19 01:05:02 +0000 UTC Push: 2026-06-19 01:05:06 +0000 UTC |

HORKimhab/CVE-2026-42530 CVE-2026-42530 - Draft
Create: 2026-06-19 01:04:03 +0000 UTC Push: 2026-06-19 01:04:06 +0000 UTC |

yendpoint/CVE-2026-42208-LAB A local lab for studying, reproducing, and verifying the patch for CVE-2026-42208: an unauthenticated SQL injection in LiteLLM's API key authentication path.
Create: 2026-06-18 23:40:32 +0000 UTC Push: 2026-06-18 23:40:33 +0000 UTC |

ozcanpng/CVE-2025-57819-FreePBX-RCE2Root
Create: 2026-06-18 22:34:29 +0000 UTC Push: 2026-06-18 22:34:31 +0000 UTC |

g0thamRabb1t/joomla-jce-cve-2026-48907-detection Defensive lab validation and SOC detection guidance for CVE-2026-48907 in Joomla JCE <= 2.9.99.4, including Apache/Joomla/auditd telemetry, webshell artifacts, Sigma rules, MITRE ATT&CK mapping and mitigation recommendations.
Create: 2026-06-18 22:12:15 +0000 UTC Push: 2026-06-18 22:12:16 +0000 UTC |

error-inside/CVE-2026-39808 Fortinet FortiSandbox 4.4.0-4.4.8 - OS Command Injection via tracer-behavior Endpoint
Create: 2026-06-18 20:32:26 +0000 UTC Push: 2026-06-18 20:32:27 +0000 UTC |

error-inside/CVE-2026-10520 Root-Level RCE via OS Command Injection in Ivanti Sentry
Create: 2026-06-18 20:20:55 +0000 UTC Push: 2026-06-18 20:20:56 +0000 UTC |

error-inside/CVE-2026-47670 Authenticated Remote Code Execution via loadReader functionName code injection in DbGate
Create: 2026-06-18 20:12:54 +0000 UTC Push: 2026-06-18 20:12:55 +0000 UTC |

vqec/CVE-2021-4034
Create: 2026-06-18 19:33:04 +0000 UTC Push: 2026-06-18 19:33:17 +0000 UTC |

Polosss/By-Poloss..-..CVE-2026-7515-PoC Unauthenticated Local File Inclusion
Create: 2026-06-18 19:02:31 +0000 UTC Push: 2026-06-18 19:02:32 +0000 UTC |

itsthalisman/cve-2026-3359-exp A PoC/exploit written in python for the vulnerability CVE-2026-3359 situated within Form Maker by 10Web.
Create: 2026-06-18 17:51:58 +0000 UTC Push: 2026-06-18 17:51:59 +0000 UTC |

0xBlackash/CVE-2026-40369 CVE-2026-40369
Create: 2026-06-18 16:16:17 +0000 UTC Push: 2026-06-18 16:16:18 +0000 UTC |

fevar54/CVE-2026-54420-LiteSpeed-Symlink-Exploit A vulnerability in LiteSpeed cPanel Plugin before 2.4.8 and WHM Plugin before 5.3.2.0 mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS.
Create: 2026-06-18 15:18:55 +0000 UTC Push: 2026-06-18 15:18:56 +0000 UTC |