unSafe.sh - 不安全

CarlosEduardoPM/CVE-2026-4480 smb spooler to RCE
Create: 2026-06-08 16:56:28 +0000 UTC Push: 2026-06-08 16:56:28 +0000 UTC |

Mr-Whiskerss/SSH-Terrapin-Prefix-Truncation-Weakness-CVE-2023-48795-Checker
Create: 2026-06-08 16:36:18 +0000 UTC Push: 2026-06-08 16:36:19 +0000 UTC |

K3ysTr0K3R/CVE-2026-24061
Create: 2026-06-08 15:02:51 +0000 UTC Push: 2026-06-08 15:02:52 +0000 UTC |

renzi25031469/CVE-2026-49975-HTTP-2-Bomb Disclosed on June 3, 2026, the "HTTP/2 Bomb" is an unauthenticated remote DoS that combines an HPACK compression bomb with a Slowloris-style hold to exhaust server memory. It affects default HTTP/2 configurations of **nginx, Apache httpd, Microsoft IIS, Envoy, and Cloudflare Pingora**.
Create: 2026-06-08 14:44:32 +0000 UTC Push: 2026-06-08 14:44:33 +0000 UTC |

0xBlackash/CVE-2026-50751 CVE-2026-50751
Create: 2026-06-08 14:35:04 +0000 UTC Push: 2026-06-08 14:35:13 +0000 UTC |

rootdirective-sec/CVE-2026-7465-Lab
Create: 2026-06-08 14:29:19 +0000 UTC Push: 2026-06-08 14:29:20 +0000 UTC |

WadesWeaponShed/CVE-2026-50751-Mitigation-Scripts
Create: 2026-06-08 13:26:38 +0000 UTC Push: 2026-06-08 13:26:41 +0000 UTC |

thesw0rd/CVE-2026-27886-PoC-Account-Takeover Account takeover full PoC for CVE-2026-27886 in Strapi CMS
Create: 2026-06-08 12:55:27 +0000 UTC Push: 2026-06-08 12:56:15 +0000 UTC |

ChanderManiPandey2022/YellowKey-BitLocker-Bypass-CVE-2026-45585-Detect-Fix-Automatically-via-Microsoft-Intune YellowKey | BitLocker Bypass CVE-2026-45585 | Detect & Fix Automatically via Microsoft Intune
Create: 2026-06-08 12:42:23 +0000 UTC Push: 2026-06-08 12:42:23 +0000 UTC |

REGGYRAIDER/CVE-2023-21716 CVE-2023-21716 - Microsoft Word RTF fonttbl Heap Corruption RCE exploit with reverse shell payload
Create: 2026-06-08 11:37:09 +0000 UTC Push: 2026-06-08 11:37:10 +0000 UTC |

0xBlackash/CVE-2026-11499 CVE-2026-11499
Create: 2026-06-08 10:54:48 +0000 UTC Push: 2026-06-08 10:54:49 +0000 UTC |

willygailo/WG-CVE-2026-1555-Linux
Create: 2026-06-08 10:34:14 +0000 UTC Push: 2026-06-08 10:34:19 +0000 UTC |

hawkeye-bd/CVE-2025-43537 Cybersecurity Researcher | Apple Security Credit (CVE-2025-43537) | Vulnerability Research & Responsible Disclosure
Create: 2026-06-08 10:26:38 +0000 UTC Push: 2026-06-08 10:26:39 +0000 UTC |

YuvrajSHAD/FreePBX-CVE-2025-57819 Unauthenticated SQL Injection to Remote Code Execution in FreePBX — CVE-2025-57819
Create: 2026-06-08 10:22:14 +0000 UTC Push: 2026-06-08 10:22:45 +0000 UTC |

sp624/CVE-2024-33421 Stored XSS in Computer Laboratory Management System - v1.0
Create: 2026-06-08 09:40:46 +0000 UTC Push: 2026-06-08 09:40:47 +0000 UTC |

sp624/CVE-2024-31509 SQL Injection in computer-laboratory-management-system-using-php-and-mysql - LMS - PHP v1.0
Create: 2026-06-08 09:19:05 +0000 UTC Push: 2026-06-08 09:29:13 +0000 UTC |

chuzouX/CVE-2025-32433-Exploit-edited Based on the original version:https://github.com/vulhub/vulhub/blob/master/erlang/CVE-2025-32433/exploit.py Replace Unicode checkmark with ASCII character for Windows compatibility
Create: 2026-06-08 09:11:36 +0000 UTC Push: 2026-06-08 09:11:37 +0000 UTC |

HeisenbergH4X/CVE-2008-1930 CVE-2008-1930 is a critical improper authentication vulnerability affecting the core cookie integrity mechanism in WordPress version 2.5. It allows remote attackers to bypass security controls, forge authentication cookies, and gain unauthorized administrator privileges on an affected website.
Create: 2026-06-08 09:09:05 +0000 UTC Push: 2026-06-08 09:09:06 +0000 UTC |

SOME-1HING/CVE-2018-16763 Python tool for analyzing CVE-2018-16763 in FUEL CMS with cleaner response parsing and interactive vulnerability checking.
Create: 2026-06-08 05:29:13 +0000 UTC Push: 2026-06-08 05:29:14 +0000 UTC |

dickfu/ESAPI-SQLinjection-CVE-2025-5878-Exploit 针对ESAPI 的ESAPI.encoder().encodeForSQL()方法，OracleCodec对象的sql 时间盲注利用
Create: 2026-06-08 05:26:59 +0000 UTC Push: 2026-06-08 05:26:59 +0000 UTC |