GitHub Feed
Explore the latest GitHub repositories gathered from our feed. Entries are grouped by day to help you track developments quickly.
Thu Jun 19, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-26199 | Public Disclosure | n/a | n/a | Visit Repo |
| CVE-2015-1578-PoC | This is a proof-of-concept exploit for CVE-2015-1578, a buffer | n/a | n/a | Visit Repo |
| CVE-2025-6019 | n/a | n/a | Visit Repo |
Wed Jun 18, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2023-6401 | CVE-2023-6401 is a DLL hijacking vulnerability that allows att | NotePad++ dbghelp.exe uncontrolled search path |
v3.1
MEDIUM
Score: 5.3
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
|
Visit Repo |
| CVE-2025-44203 | CVE-2025-44203 - HotelDruid 3.0.0/3.0.7 - Sensitive Informatio | n/a | n/a | Visit Repo |
| CVE-2025-33053-WebDAV-RCE-PoC-and-C2-Concept | Proof-of-Concept for CVE-2025-33053 Exploiting WebDAV with .u | Web Distributed Authoring and Versioning (WEBDAV) Remote Code Execution Vulnerability |
v3.1
HIGH
Score: 8.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
|
Visit Repo |
| CVE-2025-3248 | Exploit for Langflow AI Remote Code Execution (Unauthenticated | Langflow Unauth RCE |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-26198 | Public Disclosure | n/a | n/a | Visit Repo |
| roundcube-cve-2025-49113 | n/a |
v3.1
CRITICAL
Score: 9.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-1094 | PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-33053-Checker-PoC | CVE-2025-33053 Checker and PoC | Web Distributed Authoring and Versioning (WEBDAV) Remote Code Execution Vulnerability |
v3.1
HIGH
Score: 8.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
|
Visit Repo |
| CVE-2025-0133 | Palo Alto - Global Protect - Reflected XSS | PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Gateway and Portal |
v4.0
MEDIUM
Score: 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:D/RE:M/U:Amber
|
Visit Repo |
| RCE-CVE-2025-32710 | Windows Remote Desktop Services Vulnerability Allows Remote Co | Windows Remote Desktop Services Remote Code Execution Vulnerability |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
|
Visit Repo |
| CVE-2025-3248 | Langflow Unauth RCE |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
Tue Jun 17, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| Pool-Overflow-CVE-2021-31956 | Kernel Pool Overflow Exploit targeting CVE-2021-31956 | Windows NTFS Elevation of Privilege Vulnerability |
v3.1
HIGH
Score: 7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
|
Visit Repo |
| Roundcube_CVE-2025-49113 | Explicação + Lab no THM | n/a |
v3.1
CRITICAL
Score: 9.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| -CVE-2025-0133-GlobalProtect-XSS | CVE-2025-0133 GlobalProtect XSS | PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Gateway and Portal |
v4.0
MEDIUM
Score: 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:D/RE:M/U:Amber
|
Visit Repo |
| CVE-2025-6220 | Ultimate Addons for Contact Form 7 <= 3.5.12 - Authenticated ( | Ultimate Addons for Contact Form 7 <= 3.5.12 - Authenticated (Administrator+) Arbitrary File Upload via 'save_options' |
v3.1
HIGH
Score: 7.2
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-43200 | n/a | n/a | Visit Repo | |
| Blackash-CVE-2025-49113 | CVE-2025-49113 | n/a |
v3.1
CRITICAL
Score: 9.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-48466 | Modbus Packet Injection on Advantech WISE 4060LAN / IoT Gatewa | n/a | n/a | Visit Repo |
| CVE-2025-46171 | n/a | n/a | Visit Repo | |
| offensive-security-lab-1 | A hands-on vulnerability assessment and exploitation of a Wind | n/a | n/a | Visit Repo |
| CVE-2025-2135 | n/a | n/a | Visit Repo | |
| CVE-2025-4123grafana | Escaner para encontrar vulnerabilidad CVE-2025-4123 grafana | n/a |
v3.1
HIGH
Score: 7.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
|
Visit Repo |
| CVE-2025-3248-Langflow-RCE | CVE-2025-3248 Langflow RCE Exploit | Langflow Unauth RCE |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-2783 | This project is a research-oriented and educational simulation | n/a | n/a | Visit Repo |
| -CVE-Proof-of-Concept-Airtel-Android-App-Insecure-Local-Storage-of-Sensitive-Data | n/a | n/a | Visit Repo | |
| CVE-2025-5964- | C PoC language for emulating path traversal vulnerability (CVE | Path traversal in M-Files API |
v4.0
HIGH
Score: 8.4
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:N/RE:M/U:Green
|
Visit Repo |
| cve-2024-23113 | n/a |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:U/RC:C
|
Visit Repo |
Mon Jun 16, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-5287 | Unauthenticated SQL Injection exploit for WordPress Likes and | n/a | n/a | Visit Repo |
| WriteUp-Roundcube_CVE-2025-49113 | Explicação+ WriteUp do Lab Tryhackme | n/a |
v3.1
CRITICAL
Score: 9.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-49125-Authentication-Bypass | Authentication Bypass via Alternate Path Vulnerability (CWE-28 | n/a | n/a | Visit Repo |
| CVE_2025_6169 | The WIMP website co-construction management platform from HAMA | HAMASTAR Technology WIMP website co-construction management platform - SQL Injection |
v4.0
CRITICAL
Score: 9.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
|
Visit Repo |
| CVE-2025-20124_and_CVE-2025-20125 | A vulnerability in an API of Cisco ISE could allow an authenti | Cisco Identity Services Engine Java Deserialization Vulnerability |
v3.1
CRITICAL
Score: 9.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H
|
Visit Repo |
| CVE-2016-3088 | A Python-based Exploit Script for CVE-2016-3088 | n/a | n/a | Visit Repo |
| CVE_POC | CVE POC | n/a | n/a | Visit Repo |
Sun Jun 15, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-2783-SandboxEscape | This project is a research-oriented and educational simulation | n/a | n/a | Visit Repo |
| CVE-2019-14811-in-pdf-exploit | This exploit targets CVE-2019-14811 in GS environments where P | n/a |
v3.0
HIGH
Score: 7.3
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
|
Visit Repo |
| CVE-2023-1698 | CVE-2023-1698 exploit with golang | WAGO: WBM Command Injection in multiple products |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-49113 | Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows | n/a |
v3.1
CRITICAL
Score: 9.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE_2025_32433_exploit | Erlang/OTP is a set of libraries for the Erlang programming la | Erlang/OTP SSH Vulnerable to Pre-Authentication RCE |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-32433-Erlang-OTP-SSH-Pre-Auth-RCE-exploit | Erlang/OTP is a set of libraries for the Erlang programming la | Erlang/OTP SSH Vulnerable to Pre-Authentication RCE |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| DocViewerExploitApp | This is an Exploit App I made when solving the DocumentViewer | n/a | n/a | Visit Repo |
| poc-cve-2025-29927 | Authorization Bypass in Next.js Middleware |
v3.1
CRITICAL
Score: 9.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
Visit Repo | |
| CVE-2025-33073 | # CVE-2025-33073PoC Exploit for the NTLM reflection SMB flaw. | Windows SMB Client Elevation of Privilege Vulnerability |
v3.1
HIGH
Score: 8.8
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
|
Visit Repo |
| CVE_2025_6083 | In ExtremeCloud Universal ZTNA, a syntax error in the 'searchK | ExtremeCloud Universal ZTNA Improper Authorization |
v4.0
MEDIUM
Score: 5.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:L/VI:N/VA:N/SC:H/SI:H/SA:H/S:N
|
Visit Repo |
| CVE-2025-49619 | This script exploits CVE-2025-49619 in Skyvern to execute a re | n/a |
v3.1
HIGH
Score: 8.5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
|
Visit Repo |
| CVE-2025-31161 | CrushFTP 11.3.1 - Authentication Bypass | n/a |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2024-0204 | Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass | Authentication Bypass in GoAnywhere MFT |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
GitHub Threat Intelligence at a Glance
Stay on top of cybersecurity developments and open-source research through daily GitHub updates.
Jump into a repository to explore code, documentation, or CVE-related insights.