ibrahmsql/CVE-2026-25807-Exploit CVE-2026-25807 Unauthenticated Remote Code Execution via P2P Sharing in ZAI-Shell Exploit and PoC Create: 2026-02-10 02:54:13 +0000 UTC Push: 2026-02-10 02:54:14 +0000 UTC |

NtGabrielGomes/CVE-2025-69516 tactical rmm SSTI exploit Create: 2026-02-10 01:40:03 +0000 UTC Push: 2026-02-10 01:40:03 +0000 UTC |

George0Papasotiriou/CVE-2025-61882-Oracle-BI-Publisher-RCE Create: 2026-02-10 00:33:30 +0000 UTC Push: 2026-02-10 00:34:21 +0000 UTC |

George0Papasotiriou/CVE-2025-59470-PostgreSQL-Command-Injection Create: 2026-02-10 00:32:02 +0000 UTC Push: 2026-02-10 00:32:54 +0000 UTC |

George0Papasotiriou/CVE-2025-8110-Gogs-Remote-Code-Execution Create: 2026-02-10 00:30:07 +0000 UTC Push: 2026-02-10 00:30:08 +0000 UTC |

George0Papasotiriou/CVE-2025-14174-Chrome-Zero-Day Create: 2026-02-10 00:26:50 +0000 UTC Push: 2026-02-10 00:26:51 +0000 UTC |

George0Papasotiriou/CVE-2025-15556-Notepad-WinGUp-Updater-RCE Create: 2026-02-10 00:23:48 +0000 UTC Push: 2026-02-10 00:23:48 +0000 UTC |

George0Papasotiriou/CVE-2025-55182-React2Shell-CVSS-10.0- Create: 2026-02-10 00:19:11 +0000 UTC Push: 2026-02-10 00:19:11 +0000 UTC |

George0Papasotiriou/CVE-2026-21962-Oracle-HTTP-Server-WebLogic-Proxy-Plug-in-Critical- Oracle Fusion Middleware Oracle HTTP Server / WebLogic Server Proxy Plug-in has an easily exploitable, unauthenticated, network-reachable flaw allowing compromise over HTTP. Affected supported versions include 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0. Create: 2026-02-09 23:43:42 +0000 UTC Push: 2026-02-09 23:44:45 +0000 UTC |

George0Papasotiriou/CVE-2026-22187-Bio-Formats-unsafe-Java-deserialization-via-.bfmemo Bio-Formats ≤ 8.3.0 performs unsafe Java deserialization of attacker-controlled .bfmemo cache files during image processing; crafted .bfmemo can trigger deserialization of untrusted data (DoS/logic manipulation; potentially RCE if gadget chains exist). Create: 2026-02-09 23:39:31 +0000 UTC Push: 2026-02-09 23:40:21 +0000 UTC |

George0Papasotiriou/CVE-2026-20404-MediaTek-modem-remote-DoS-rogue-base-station-scenario- A MediaTek modem input validation issue can cause a system crash (remote DoS) when a UE connects to a rogue base station controlled by an attacker with no user interaction required. Create: 2026-02-09 23:32:38 +0000 UTC Push: 2026-02-09 23:32:39 +0000 UTC |

MichaelVenturella/CVE-2025-6018-6019-PoC A Proof of Concept for chaining **CVE-2025-6018** (PAM/Polkit Active Session Bypass) and **CVE-2025-6019** (libblockdev SUID Mount Flaw) to achieve Local Privilege Escalation (LPE) on vulnerable Linux systems. Create: 2026-02-09 19:17:23 +0000 UTC Push: 2026-02-09 19:19:40 +0000 UTC |

zeroxjf/CVE-2026-20687-AppleJPEGDriver-UAF CVE-2026-20687: AppleJPEGDriver startDecoder Timeout UAF — iOS/macOS kernel vulnerability leading to deferred panic (A19 Pro, iOS 26.3 RC) Create: 2026-02-09 18:21:45 +0000 UTC Push: 2026-04-06 20:18:20 +0000 UTC |

ISabbiI/PoC---Implementation-Plan---Grafana-CVE-2024-9264-SQL-Injection- Create: 2026-02-09 14:30:09 +0000 UTC Push: 2026-02-09 14:30:23 +0000 UTC |

ISabbiI/PoC---CVE-2023-26482-RCE-LAB-Nextcloud Create: 2026-02-09 14:30:09 +0000 UTC Push: 2026-02-10 09:00:50 +0000 UTC |

0rionCollector/Exploit-Chain-CVE-2025-6018-6019 Exploit Chain of CVE-2025-6018 to CVE-2025-6019 Create: 2026-02-09 13:44:36 +0000 UTC Push: 2026-02-09 13:44:36 +0000 UTC |

mverschu/CVE-2017-7921 HikVision Auth Bypass CVE, tool is able to extract credentials, and take snapshots based on magic cookie or supplied credentials. Create: 2026-02-09 13:17:27 +0000 UTC Push: 2026-02-09 13:17:50 +0000 UTC |

cwjchoi01/CVE-2025-66676 CVE-2025-66676 Create: 2026-02-09 12:42:22 +0000 UTC Push: 2026-02-16 02:47:18 +0000 UTC |

mysara2022/CVE-2025-8671-vulnerability-POC- CVE-2025-8671 vulnerability POC Create: 2026-02-09 11:39:51 +0000 UTC Push: 2026-02-09 11:39:52 +0000 UTC |

ssophiz/CVE-2023-34632 Reflected XSS in 1000projects Book Management System 1.0 Create: 2026-02-09 11:28:34 +0000 UTC Push: 2026-02-09 11:28:34 +0000 UTC |