Publicly Disclosed
PoC Exploits

A vulnerability has been identified in JeecgBoot 3.9.1 involving an unknown function in the LoginController, specifically related to the mLogin Endpoint. This flaw enables an attacker to bypass authorization mechanisms, allowing for unauthorized access. The vulnerability can be exploited remotely...

Joomla J2 JOBS version 1.3.0 is susceptible to an authenticated SQL injection vulnerability that enables authenticated users to alter database queries. This can be achieved through the manipulation of the 'sortby' parameter in POST requests directed at the administrator index. By injecting malici...

The Joomla J2 JOBS 1.3.0 has a vulnerability that permits authenticated attackers to perform SQL injection through the 'sortby' parameter. By sending crafted POST requests with manipulated 'sortby' values to the administrator index, these attackers can execute unauthorized SQL commands, potential...

Powie's WHOIS Domain Check version 0.9.31 suffers from a persistent cross-site scripting vulnerability, allowing authenticated attackers to inject arbitrary JavaScript into the plugin's settings. By exploiting unsanitized input fields on the pwhois_settings.php configuration page, attackers can s...

The IObit Uninstaller 9.5.0.15 contains a vulnerability due to its unquoted service path in the IObitUnSvr service. This flaw allows local attackers to exploit the system by placing a malicious executable named 'IObit.exe' in the default installation directory. By restarting the service, attacker...

Kuicms Php EE 2.0 features a vulnerability that allows attackers to exploit a persistent cross-site scripting flaw. This vulnerability enables unauthenticated users to inject malicious scripts into the system by crafting specific content submitted through the bbs reply endpoint. When a POST reque...

The Huawei HG630 V2 router is susceptible to an authentication bypass flaw that permits unauthenticated attackers to gain administrative control without proper credentials. This is achieved by accessing the device's /api/system/deviceinfo endpoint, which reveals the device's serial number. Malici...

Atomic Alarm Clock 6.3 has a stack overflow vulnerability that could be exploited by local attackers. By supplying a specially crafted string in the Time Zones Clock configuration's display name textbox, attackers can manipulate the buffer and trigger a structured exception handling overwrite. Th...

The directory traversal vulnerability in Joomla com_fabrik 3.9.11 enables unauthenticated attackers to perform file enumeration. By exploiting the 'onAjax_files' method and manipulating the folder parameter in GET requests, attackers can gain access to system files located outside the designated ...

The com_hdwplayer 4.2 component for Joomla is susceptible to an SQL injection flaw located in the search.php file. This vulnerability permits unauthenticated attackers to carry out arbitrary SQL queries through the hdwplayersearch parameter by crafting malicious POST requests. Exploitation of thi...

Easy2Pilot 7 is susceptible to a cross-site request forgery vulnerability that enables attackers to trick authenticated administrators into inadvertently creating new user accounts. By crafting malicious pages with tailored HTML forms that submit POST requests to the admin.php?action=add_user end...

The WOOF Products Filter for WooCommerce version 1.2.3 is vulnerable to a persistent cross-site scripting (XSS) flaw. This security issue allows authenticated users to insert malicious scripts into specific text fields, such as 'Text for block toggle' and 'Custom front css styles'. Once saved, th...

The Ultimate Member Plugin version 2.1.3 for WordPress suffers from a local file inclusion vulnerability due to improper validation of the 'pack' parameter in class-admin-upgrade.php. Authenticated attackers can exploit this flaw by sending specially crafted POST requests that manipulate the pack...

The Ecommerce Systempay 1.0 system contains a vulnerability related to its cryptographic implementation. This weakness allows attackers to exploit the 16-character production secret key used for generating payment signatures. By capturing POST requests directed toward the payment endpoint, attack...

A vulnerability exists in CMS Made Simple version 2.2.8, where the News module can be exploited through a specially crafted URL, allowing an unauthenticated attacker to perform blind time-based SQL injection utilizing the m1_idlist parameter. This can potentially expose sensitive information and ...

Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier face a significant risk due to an Improper Input Validation flaw. This vulnerability allows attackers to bypass security features, potentially leading to session takeover without requiring any us...

A vulnerability related to symlink handling has been identified in certain Apple products, which poses a risk of modification to protected system files when a specially crafted backup file is restored. This issue has been addressed in the latest versions of iOS, iPadOS, visionOS, and tvOS, includ...

On May 11, 2026, an attacker exploited multiple vulnerabilities to inject malicious versions of 84 packages across 42 TanStack npm packages. The malicious versions were published using legitimate GitHub Actions, taking advantage of a misconfiguration in pull_request_target workflows and a known c...

A remote code execution vulnerability in Microsoft Outlook allows an attacker to run arbitrary code on a user's system. This can occur when the vulnerable version processes specially crafted email messages, which can result in unauthorized access or control over the affected system. Attackers can...

A memory leak flaw exists in the io_uring functionality of the Linux kernel. The vulnerability arises in the process of user registration of a buffer ring via the IORING_REGISTER_PBUF_RING method, which, upon mmapping and subsequent freeing of the buffer, fails to properly release allocated memor...

On May 11, 2026, an attacker exploited multiple vulnerabilities to inject malicious versions of 84 packages across 42 TanStack npm packages. The malicious versions were published using legitimate GitHub Actions, taking advantage of a misconfiguration in pull_request_target workflows and a known c...

An integer overflow vulnerability exists in the network packet parsing code of PgBouncer versions prior to 1.25.2, which allows a bypass of boundary checks. This flaw can enable an unauthenticated remote attacker to send a malformed SCRAM authentication packet, potentially causing the PgBouncer s...

The pac4j-jwt library's JwtAuthenticator prior to versions 4.5.9, 5.7.9, and 6.3.3 is susceptible to an authentication bypass that could allow remote adversaries to create forged authentication tokens. By leveraging the server's RSA public key, attackers are able to craft a JWE-wrapped PlainJWT w...

The affected versions of cPanel and WHM contain a serious authentication bypass flaw in the login flow. This vulnerability enables unauthenticated remote attackers to bypass authentication mechanisms, allowing them to gain unauthorized access to the control panel. Users of the specified versions ...

On May 11, 2026, an attacker exploited multiple vulnerabilities to inject malicious versions of 84 packages across 42 TanStack npm packages. The malicious versions were published using legitimate GitHub Actions, taking advantage of a misconfiguration in pull_request_target workflows and a known c...

The XIGNCODE3 kernel driver, developed by Wellbia, contains a vulnerability that allows any user process access to the IRP_MJ_REITS command interface. This can result in unauthorized elevation of privileges, as it permits a process to issue requests for PROCESS_ALL_ACCESS. This weakness poses a s...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

An improper input insertion vulnerability within the AiCloud feature of specific ASUS router models has been identified. This flaw can potentially allow an attacker to execute arbitrary commands on the affected devices, which poses a significant security risk. Users of ASUS routers are encouraged...

EspoCRM, an open source customer relationship management application, is vulnerable to a stored HTML injection. This vulnerability affects versions 9.3.3 and earlier, allowing authenticated users with standard privileges to inject malicious HTML code into system-generated email notifications. The...

The Multiparty library, versions 4.2.3 and below, is susceptible to a denial of service attack caused by uncaught exceptions. This vulnerability arises when a multipart/form-data request is sent with a field name that collides with inherited Object.prototype properties, such as __proto__, constru...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the omec-project amf software affecting versions up to 2.1.1. This issue resides in the NGAP Message Handler component, where improper handling of inputs can lead to memory corruption. Attackers may exploit this flaw remotely, potentially compromising the in...

A command injection vulnerability exists in the D-Link DIR-816 router due to improper handling of the 'ip_address' parameter in the portForward function. This flaw allows remote attackers to execute arbitrary commands on the device, potentially leading to unauthorized access and control. With the...

A vulnerability has been identified in Apache Tomcat that arises from missing encryption mechanisms for sensitive data, which could lead to data exposure. This issue was introduced as a result of the fix for another vulnerability, allowing the EncryptInterceptor to be bypassed. Users running vers...

A double free vulnerability has been identified in Apache HTTP Server that may lead to remote code execution, particularly concerning the HTTP/2 protocol. This issue affects version 2.4.66, and it is crucial for users to upgrade to version 2.4.67 to mitigate any potential security risks associate...

A security vulnerability has been identified in the D-Link DIR-816 router, particularly within the function sub_445E7C located in /goform/singlePortForward. This vulnerability allows an attacker to manipulate the 'ip_address' argument, leading to remote command injection attacks. Due to its publi...

A command injection vulnerability has been discovered in the D-Link DIR-816 router, specifically within the sub_445E7C function of the /goform/formDMZ.cgi file. This weakness allows an attacker to manipulate commands remotely, making it possible to execute arbitrary code. The exploit has been pub...

A vulnerability has been identified in inkeep agents version 0.58.14, specifically within the createDevContext function of the runAuth.ts file in the runAuth Middleware component. This flaw allows an attacker to perform an authentication bypass via an alternate channel, potentially exposing sensi...

A security vulnerability exists in jishenghua's jshERP prior to version 3.6. This vulnerability affects the getUserByWeixinCode function within the UserService.java component of the updatePlatformConfigByKey endpoint. An attacker can manipulate the weixinUrl argument, enabling the execution of a ...

A weakness has been identified in aiwaves-cn agents, specifically within the 'recall_relevant_memories_to_working_memory' function of the 'stray_cat.py' file in the 'cheshire_cat_core' component. This vulnerability can lead to significant resource exhaustion if exploited, allowing attackers to co...

A security flaw in VectifyAI PageIndex has been identified within the PDF Table of Contents Handler, specifically in the toc_transformer function of page_index.py. This vulnerability allows an attacker to exploit the software remotely, triggering an infinite loop that disrupts normal operations. ...

Bitwarden Server versions prior to v2026.4.1 contain a critical flaw that allows authenticated users with SCIM management privileges to bypass the re-authentication requirement when accessing or rotating an organization's SCIM API key. This vulnerability enables unauthorized retrieval of sensitiv...

A vulnerability in Bitwarden Server versions prior to v2026.4.0 allows a provider service user to exploit a missing authorization mechanism. This flaw enables the user to add an arbitrary organization to their provider through a specific API endpoint, effectively taking over the target organizati...

A vulnerability in Bitwarden Server prior to v2026.4.1 allows any authenticated user to exploit a missing authorization check. By sending an empty `collections` array in a request to `POST /ciphers/import-organization`, attackers can bypass the server-side permission validation. This flaw enables...

A vulnerability has been identified in OpenClaw's Bluebubbles Webhook component, specifically in the handleBlueBubblesWebhookRequest function located in monitor.ts. This flaw can allow unauthorized access due to improper authentication mechanisms. Remote attackers may exploit this vulnerability, ...

A security flaw has been identified in the Open5GS framework, affecting versions up to 2.7.7. The vulnerability resides in the function yuarel_parse within the NRF component's library /lib/sbi/conv.c. Attackers can exploit this weakness by manipulating the hnrf-uri argument, potentially leading t...

The Contact Form by Supsystic plugin for WordPress is susceptible to a Server-Side Template Injection (SSTI) vulnerability that may lead to Remote Code Execution (RCE). This exposure affects all versions up to and including 1.7.36. The flaw arises from the plugin's integration of the Twig `Twig_L...

A vulnerability exists in the Linux kernel that concerns the handling of shared skb fragments during the decryption process in ESP-in-UDP packets. When pages are attached from a pipe directly to an skb using MSG_SPLICE_PAGES, the kernel marked these SKBs with SKBFL_SHARED_FRAG, which plays a cruc...

A vulnerability has been discovered in Open5GS versions up to 2.7.7, specifically within the ogs_nnrf_nfm_handle_nf_profile function in the NRF component's lib/sbi/nnrf-handler.c file. This issue allows for a remote attacker to cause a denial of service, potentially disrupting service availabilit...