unSafe.sh - 不安全

compfaculty/cve-2026-oracle
Create: 2026-02-10 15:40:34 +0000 UTC Push: 2026-02-10 15:40:35 +0000 UTC |

ninjazan420/CVE-2026-1529-PoC-keycloak-unauthorized-registration-via-improper-invitation-token-validation CVE-2026-1529 (PoC) is a critical vulnerability in Keycloak that allows unauthorized organization registration through improper invitation token validation. This exploit tool demonstrates the vulnerability by manipulating JWT tokens to register users in unauthorized organizations.
Create: 2026-02-10 14:31:22 +0000 UTC Push: 2026-02-10 14:31:23 +0000 UTC |

Ahmedf000/-CVE-2025-49132_Pterodactyl-_HTB-Season-10
Create: 2026-02-10 14:21:02 +0000 UTC Push: 2026-02-10 14:21:03 +0000 UTC |

atiilla/CVE-2025-55182 RCE on Next 16.0.6
Create: 2026-02-10 13:55:57 +0000 UTC Push: 2026-02-10 13:55:57 +0000 UTC |

mat1520/CVE-2025-49132---Pterodactyl-RCE-HTB-Season-10-
Create: 2026-02-10 12:33:47 +0000 UTC Push: 2026-02-10 12:33:48 +0000 UTC |

MaxMnMl/tpadmin-CVE-2026-2113-poc A Remote Code Execution vulnerability exists in H-ui.admin system's WebUploader preview component allowing unauthenticated attackers to upload arbitrary PHP files directly to the web server. This results in immediate Remote Code Execution with web server privileges.
Create: 2026-02-10 11:37:40 +0000 UTC Push: 2026-02-10 11:37:41 +0000 UTC |

bixiPRO/Drupalgeddon2-CVE-2018-7600
Create: 2026-02-10 11:09:58 +0000 UTC Push: 2026-02-10 11:09:59 +0000 UTC |

0xGunrunner/CVE-2025-34085 Exploit for CVE-2025-34085
Create: 2026-02-10 10:46:55 +0000 UTC Push: 2026-02-10 10:46:56 +0000 UTC |

mbanyamer/CVE-2026-25939-SCADA-FUXA-Unauthenticated-Remote-Arbitrary
Create: 2026-02-10 10:41:44 +0000 UTC Push: 2026-02-10 10:41:45 +0000 UTC |

mbanyamer/SCADA-FUXA-1.2.8-1.2.11-CVE-2026-25939
Create: 2026-02-10 10:38:18 +0000 UTC Push: 2026-02-10 10:38:19 +0000 UTC |

av4nth1ka/jinjava-cve-2026-25526-poc lab setup + exploits for CVE-2026-25526
Create: 2026-02-10 10:24:52 +0000 UTC Push: 2026-02-10 10:25:29 +0000 UTC |

symphony2colour/CVE-2025-6018-udisks-lpe-no-image Script-only privilege escalation chain using CVE-2025-6018 and UDisks2 (no filesystem image included).
Create: 2026-02-10 09:29:32 +0000 UTC Push: 2026-02-10 09:29:32 +0000 UTC |

symphony2colour/CVE-2025-6019-udisks-lpe-no-image Script-only privilege escalation chain using CVE-2025-6018 and UDisks2 (no filesystem image included).
Create: 2026-02-10 09:29:32 +0000 UTC Push: 2026-02-10 09:29:32 +0000 UTC |

mbanyamer/CVE-2026-25961-SumatraPDF-3.5.0---3.5.2-RCE SumatraPDF versions 3.5.0 to 3.5.2 disable TLS hostname verification during update checks # (using INTERNET_FLAG_IGNORE_CERT_CN_INVALID) and do not perform any signature or integrity # validation on the downloaded installer.
Create: 2026-02-10 08:36:32 +0000 UTC Push: 2026-02-10 08:36:33 +0000 UTC |

ChrisSub08/CVE-2026-29187_SqlInjectionVulnerabilityOpenEmr7.0.4 CVE-2026-29187: SQL Injection Vulnerability in OpenEMR <8.0.0.3
Create: 2026-02-10 07:08:38 +0000 UTC Push: 2026-03-26 08:38:44 +0000 UTC |

bananoname/CVE-2024-6386-WPML-SSTI
Create: 2026-02-10 06:32:20 +0000 UTC Push: 2026-02-10 06:32:33 +0000 UTC |

faysalferdous/CVE-2025-68645-Exploiting-Zimbra-Webmail-LFI-Vulnerability
Create: 2026-02-10 04:28:52 +0000 UTC Push: 2026-02-10 04:28:53 +0000 UTC |

harrymaguire1878/CVE-2020-0796
Create: 2026-02-10 03:00:54 +0000 UTC Push: 2026-02-10 03:00:55 +0000 UTC |

ibrahmsql/CVE-2026-25807-Exploit CVE-2026-25807 Unauthenticated Remote Code Execution via P2P Sharing in ZAI-Shell Exploit and PoC
Create: 2026-02-10 02:54:13 +0000 UTC Push: 2026-02-10 02:54:14 +0000 UTC |

NtGabrielGomes/CVE-2025-69516 tactical rmm SSTI exploit
Create: 2026-02-10 01:40:03 +0000 UTC Push: 2026-02-10 01:40:03 +0000 UTC |