GitHub Feed

Explore the latest GitHub repositories gathered from our feed. Entries are grouped by day to help you track developments quickly.

Sun May 25, 2025

Repository	Description	CVE	Metrics	Action
PoC-crash-CVE-2020-13398-	CVE-2020-13398 PoC	n/a	n/a	Visit Repo
CVE-2025-4664	CVE-2025-4664 – Remote Code Execution via Chrome Loader Refe	n/a	n/a	Visit Repo
CVE-2024-0204	CVE-2024-0204 was discovered in January 2024 and affects all G	Authentication Bypass in GoAnywhere MFT	v3.1 CRITICAL Score: 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	Visit Repo
When-Servers-Overshare-Information-disclosure-in-error-messages	Exploited verbose error messages to leak Apache Struts version	n/a	n/a	Visit Repo
iDevice_ZH	CVE-2025-24203漏洞	n/a	n/a	Visit Repo
BadParcel	CVE-2023-20963 PoC (Android WorkSource parcel/unparcel logic m	n/a	n/a	Visit Repo
-Pymatgen-2024.1---Remote-Code-Execution-RCE-	Pymatgen 2024.1 - Remote Code Execution (RCE) CVE: 2024-2334	n/a	n/a	Visit Repo
CVE-2025-48708	CVE-2025-48708 Ghostscript PDF lack of argument sanitization l	n/a	v3.1 MEDIUM Score: 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N	Visit Repo
CVE-2025-0868		Remote Code Execution in DocsGPT	v4.0 CRITICAL Score: 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N	Visit Repo
CVE-2025-36535	CVE-2025-36535 – AutomationDirect MB-Gateway Unauthenticated	n/a	n/a	Visit Repo
Apache-Tomcat---Remote-Code-Execution-via-Session-Deserialization-CVE-2025-24813-	Apache Tomcat - Remote Code Execution via Session Deserializat	Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT	n/a	Visit Repo

Sat May 24, 2025

Repository	Description	CVE	Metrics	Action
CVE-2024-42009-PoC	CVE-2024-42009 Proof of Concept	n/a	n/a	Visit Repo
CVE-2025-25014		n/a	n/a	Visit Repo
CVE-2025-2294		Kubio AI Page Builder <= 2.5.1 - Unauthenticated Local File Inclusion	v3.1 CRITICAL Score: 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	Visit Repo
vulnerability-intelligence-mcp-server	<p align="center"> <img src="logo.png" alt="Vibe tester Logo"	n/a	n/a	Visit Repo

Fri May 23, 2025

Repository	Description	CVE	Metrics	Action
CVE-2025-31161	️ CVE-2025-31161 - CrushFTP User Creation Authentication Byp	n/a	v3.1 CRITICAL Score: 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	Visit Repo
CVE-2025-30400		Microsoft DWM Core Library Elevation of Privilege Vulnerability	v3.1 HIGH Score: 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C	Visit Repo
CVE-2025-5058	eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthentic	n/a	n/a	Visit Repo
CVE-2025-47181		Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability	v3.1 HIGH Score: 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	Visit Repo
CVE-2024-12583		Dynamics 365 Integration <= 1.3.23 - Authenticated (Contributor+) Remote Code Execution and Arbitrary File Read via Twig Server-Side Template Injection	v3.1 CRITICAL Score: 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H	Visit Repo
cve-2025-0133		PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Gateway and Portal	v4.0 MEDIUM Score: 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:D/RE:M/U:Amber	Visit Repo
CVE-2025-4918	CVE-2025-4918 – Out-of-Bounds Memory Corruption in Mozilla F	n/a	n/a	Visit Repo
CVE-2025-46801	CVE-2025-46801 – Pgpool-II Authentication Bypass PoC	n/a	n/a	Visit Repo
CVE-2025-4123	CVE-2025-4123	n/a	v3.1 HIGH Score: 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L	Visit Repo
CVE-2025-46822	Unauthenticated Arbitrary File Read via Absolute Path	Unauthenticated Arbitrary File Read via Absolute Path	v4.0 HIGH Score: 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P	Visit Repo
-CVE-2025-46822-	Unauthenticated Arbitrary File Read via Absolute Path descrip	Unauthenticated Arbitrary File Read via Absolute Path	v4.0 HIGH Score: 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P	Visit Repo
CosmicRakp	CVE-2013-4786 Go exploitation tool	n/a	n/a	Visit Repo
NextJS-CVE-2025-29927-Docker-Lab		Authorization Bypass in Next.js Middleware	v3.1 CRITICAL Score: 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N	Visit Repo
CVE-2024-3661VPN		DHCP routing options can manipulate interface-based VPN traffic	v3.1 HIGH Score: 7.6 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L	Visit Repo
CVE-2025-4611-PoC	PoC for CVE-2025-4611	Slim SEO <= 4.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via slim_seo_breadcrumbs Shortcode	v3.1 MEDIUM Score: 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N	Visit Repo
CVE-2025-46801	CVE-2025-46801 – Pgpool-II Authentication Bypass PoC	n/a	n/a	Visit Repo
CVE-2025-44998	TinyFileManger XSS Vulnerability	n/a	n/a	Visit Repo
nhi-zero-trust-bypass	Demonstrates a real-world zero-trust bypass by exploiting BIND	n/a	n/a	Visit Repo

Thu May 22, 2025

Repository	Description	CVE	Metrics	Action
CVE-2025-4123	Script to exploit Grafana CVE-2025-4123: XSS and Full-Read SSR	n/a	v3.1 HIGH Score: 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L	Visit Repo
CVE-2024-9463-Proof-of-Concept	Proof of Concept for CVE-2024-9463	Expedition: Unauthenticated OS Command Injection Vulnerability Leads to Firewall Credential Disclosure	v4.0 CRITICAL Score: 9.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber	Visit Repo
CVE-2024-21762_FortiNet_PoC	Proof-of-concept scanner targeting CVE-2024-21762 in FortiOS S	n/a	v3.1 CRITICAL Score: 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:W/RC:C	Visit Repo
CVE-2025-24799		GLPI allows unauthenticated SQL injection through the inventory endpoint	v3.1 HIGH Score: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	Visit Repo
CVE-POC		n/a	n/a	Visit Repo
CVE-2025-4322	Motors <= 5.6.67 - Unauthenticated Privilege Escalation via Pa	n/a	n/a	Visit Repo
o3_finds_cve-2025-37899	Artefacts for blog post on finding CVE-2025-37899 with o3	n/a	n/a	Visit Repo
go-get-RCE	This is the exploit of CVE-2018-6574: go get RCE	n/a	n/a	Visit Repo
CVE-2025-44108-SXSS		n/a	n/a	Visit Repo
CVE-2025-4322		n/a	n/a	Visit Repo

Wed May 21, 2025

Repository	Description	CVE	Metrics	Action
Anydesk-Exploit-CVE-2025-12654-RCE-Builder	Exploit development targets vulnerabilities using tools like e	n/a	n/a	Visit Repo
vsftpd-backdoor-exploit	Hands-on exploitation of the VSFTPD 2.3.4 backdoor vulnerabili	n/a	n/a	Visit Repo
CVE-2024-12583-		Dynamics 365 Integration <= 1.3.23 - Authenticated (Contributor+) Remote Code Execution and Arbitrary File Read via Twig Server-Side Template Injection	v3.1 CRITICAL Score: 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H	Visit Repo
SHELL-POC-CVE-2022-46169		Unauthenticated Command Injection	v3.1 CRITICAL Score: 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	Visit Repo
CVE-2025-4918		n/a	n/a	Visit Repo
CVE-2025-46801	CVE-2025-46801 – Pgpool-II Authentication Bypass PoC	n/a	n/a	Visit Repo
bw-dump	A proof-of-concept for (CVE-2023-38840) that extracts plaintex	n/a	n/a	Visit Repo

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

GitHub Threat Intelligence at a Glance

Stay on top of cybersecurity developments and open-source research through daily GitHub updates.

Jump into a repository to explore code, documentation, or CVE-related insights.