unSafe.sh - 不安全

O99099O/CVE-2026-8206-Poc-
Create: 2026-06-01 19:32:28 +0000 UTC Push: 2026-06-01 19:32:39 +0000 UTC |

tematemaru/CVE-2026-31431-simple-test
Create: 2026-06-01 18:53:44 +0000 UTC Push: 2026-06-01 18:53:44 +0000 UTC |

victoriaalicex/CVE-2025-40536-Analysis CVE analysis of CVE-2025-40536, SolarWinds Web Help Desk security control bypass (CVSS 8.1). Covers vulnerability mechanics, attack chain with companion RCE CVEs, Storm-2603 threat actor attribution, MITRE ATT&CK mapping, and detection/remediation guidance for DoD and government environments.
Create: 2026-06-01 18:38:24 +0000 UTC Push: 2026-06-01 18:42:08 +0000 UTC |

jabir-dev/CVE-2026-ThreemaWeb-TURNCredentialLeak Threema Web hardcoded TURN server credentials in client-side code. CWE-798. Server abuse, traffic interception, DoS.
Create: 2026-06-01 16:21:00 +0000 UTC Push: 2026-06-01 16:21:06 +0000 UTC |

jabir-dev/CVE-2026-ThreemaWeb-PrototypePollution Threema Web Prototype Pollution via unsafe URI query parameter parsing. CWE-1321. 10/10 tests passed. Security bypass, config corruption.
Create: 2026-06-01 16:20:41 +0000 UTC Push: 2026-06-01 16:20:45 +0000 UTC |

jabir-dev/CVE-2026-BetterSQLCipher-RCE better-sqlcipher (Threema) loadExtension() RCE. Full system compromise via arbitrary native code loading. Confirmed on v12.10.0 (latest). CWE-427. CVSS 9.8.
Create: 2026-06-01 15:58:25 +0000 UTC Push: 2026-06-01 15:58:29 +0000 UTC |

jabir-dev/CVE-2026-BetterSQLCipher-PragmaInjection better-sqlcipher (Threema) PRAGMA injection. Encryption key theft, cipher config extraction, data exfiltration. CWE-20.
Create: 2026-06-01 15:36:38 +0000 UTC Push: 2026-06-01 15:36:42 +0000 UTC |

EvtDanya/CVE-2026-27886 Strapi. Leaking sensitive data via relational filtering due to lack of query sanitization
Create: 2026-06-01 13:07:23 +0000 UTC Push: 2026-06-01 13:07:24 +0000 UTC |

JTMH37/ICT279-CVE-2025-24813 ICT279 Vulnerability Detection and Mitigation Project using CVE-2025-24813 in an Internet Banking Environment
Create: 2026-06-01 12:09:00 +0000 UTC Push: 2026-06-01 12:09:01 +0000 UTC |

JTMH37/Apache-Tomcat-CVE-2025-24813-Lab ICT279 Vulnerability Detection and Mitigation Project using CVE-2025-24813 in an Internet Banking Environment
Create: 2026-06-01 12:09:00 +0000 UTC Push: 2026-06-01 12:20:22 +0000 UTC |

bolubey/CVE-2026-0257 PAN-OS: GlobalProtect Authentication Bypass
Create: 2026-06-01 12:02:27 +0000 UTC Push: 2026-06-01 12:03:06 +0000 UTC |

Yamauchi-Kaito/CVE-2024-53141
Create: 2026-06-01 11:50:35 +0000 UTC Push: 2026-06-01 11:50:35 +0000 UTC |

lucastran05/CVE-2026-29000
Create: 2026-06-01 10:42:44 +0000 UTC Push: 2026-06-01 10:42:54 +0000 UTC |

p3Nt3st3r-sTAr/CVE-2026-8732-POC
Create: 2026-06-01 09:06:17 +0000 UTC Push: 2026-06-01 09:06:41 +0000 UTC |

HORKimhab/CVE-2026-8732 CVE-2026-8732 - Draft (WordPress)
Create: 2026-06-01 08:56:26 +0000 UTC Push: 2026-06-01 08:56:30 +0000 UTC |

daniel30padd/CVE-2026-45659
Create: 2026-06-01 07:43:11 +0000 UTC Push: 2026-06-01 07:43:14 +0000 UTC |

HORKimhab/CVE-2026-9560 CVE-2026-9560 - Draft
Create: 2026-06-01 06:14:54 +0000 UTC Push: 2026-06-01 06:14:58 +0000 UTC |

Mr-Robot-LP/CVE-2026-0257 Exploits the CVE-2026-0257 vulnerability by forging a GlobalProtect authentication override cookie using the TLS server's public key.
Create: 2026-06-01 05:57:00 +0000 UTC Push: 2026-06-01 05:57:00 +0000 UTC |

CYFARE/CVE-2026-8376-Perl-Heap-Buffer-Overflow-PoC-Exploit CVE-2026-8376 Perl Heap Buffer Overflow PoC Exploit
Create: 2026-06-01 05:40:13 +0000 UTC Push: 2026-06-01 05:40:14 +0000 UTC |

JasonGardner-code/CVE-2026-0073_BYPASS_CURRENT_PATCH
Create: 2026-06-01 05:28:02 +0000 UTC Push: 2026-06-01 05:28:03 +0000 UTC |