whattheslime/CVE-2026-8181 Exploit for the CVE-2026-8181 - Burst Statistics WordPress Plugin Authentication Bypass Create: 2026-05-16 11:06:03 +0000 UTC Push: 2026-05-16 11:06:03 +0000 UTC |

dinosn/CVE-2026-44578 CVE-2026-44578: Next.js WebSocket Upgrade SSRF — pre-auth credential theft via localhost:80. Lab + exploit + audit. Create: 2026-05-16 10:15:20 +0000 UTC Push: 2026-05-16 10:15:23 +0000 UTC |

murrez/CVE-2026-6433 PoC for CVE-2026-6433: WordPress FlipperCode Custom CSS, JS & PHP (≤2.0.7) — unauthenticated SQLi to RCE. Python 3 stdlib; single target or bulk multi-threaded scanning. Authorized testing & research only. Create: 2026-05-16 09:29:58 +0000 UTC Push: 2026-05-16 09:30:30 +0000 UTC |

sibersan/apache_audit_cve-2026-23918 Python toolkit to audit Apache HTTP Server against CVE-2026-23918 (HTTP/2 double-free RCE) and 4 related CVEs. Passive scanner with ALPN verification + read-only local auditor. No exploits. Create: 2026-05-16 09:18:34 +0000 UTC Push: 2026-05-16 09:18:35 +0000 UTC |

sibersan/web-server-audit_CVE-2026-42945 Trigger-aware web server CVE audit for nginx and Apache. Goes beyond version matching by checking whether the vulnerable code path is actually reachable in your configuration. Classifies findings as Active / Latent / Unverified. Single-file Python 3.5+, no dependencies. Create: 2026-05-16 09:06:53 +0000 UTC Push: 2026-05-16 09:06:54 +0000 UTC |

dinosn/cve-2026-42945-nginx32-lab CVE-2026-42945 nginx 32-bit exploit lab Create: 2026-05-16 09:01:39 +0000 UTC Push: 2026-05-16 09:02:07 +0000 UTC |

vtrmK/CVE-2026-36436-Public-Reference-Pack Create: 2026-05-16 03:47:25 +0000 UTC Push: 2026-05-16 03:47:26 +0000 UTC |

HORKimhab/CVE-2026-45091 CVE-2026-45091 Create: 2026-05-16 03:05:32 +0000 UTC Push: 2026-05-16 03:05:35 +0000 UTC |

Jenderal92/CVE-2026-8181 Create: 2026-05-16 02:50:28 +0000 UTC Push: 2026-05-16 02:50:46 +0000 UTC |

HORKimhab/CVE-2026-6857 CVE-2026-6857 Create: 2026-05-16 02:48:45 +0000 UTC Push: 2026-05-16 02:48:48 +0000 UTC |

CryptReaper12/CVE-2026-45672 Create: 2026-05-16 02:36:45 +0000 UTC Push: 2026-05-16 02:36:45 +0000 UTC |

ByteWraith1/CVE-2026-41096 Create: 2026-05-16 02:30:24 +0000 UTC Push: 2026-05-16 02:30:25 +0000 UTC |

deaprojects/CVE-2025-70849 CVE-2025-70849: Stored XSS in Podinfo Create: 2026-05-16 02:19:08 +0000 UTC Push: 2026-05-16 02:19:09 +0000 UTC |

0xdeadroot/CVE-2026-39987-marimo-rce Create: 2026-05-16 01:08:02 +0000 UTC Push: 2026-05-16 01:08:03 +0000 UTC |

whosfault/cve-2026-31431 copy fail Create: 2026-05-15 21:22:18 +0000 UTC Push: 2026-05-15 21:22:18 +0000 UTC |

ByteForgeFr/CVE-2011-2523 VsFTPd 2.3.4 Backdoor Command Execution Create: 2026-05-15 19:47:26 +0000 UTC Push: 2026-05-15 19:47:27 +0000 UTC |

ByteForgeFr/CVE-2011-2523a VsFTPd 2.3.4 Backdoor Command Execution Create: 2026-05-15 19:47:26 +0000 UTC Push: 2026-05-15 19:57:45 +0000 UTC |

skraft9/CVE-2026-0532 PoC & Root Cause Analysis of CVE-2026-0532 Create: 2026-05-15 19:09:10 +0000 UTC Push: 2026-05-15 19:09:11 +0000 UTC |

TeddyEngel/CVE-2021-21425 Create: 2026-05-15 17:42:09 +0000 UTC Push: 2026-05-15 17:42:09 +0000 UTC |

Medaz-Sploit/CVE-2025-9074-Docker-Desktop-API-Escape-PoC Create: 2026-05-15 17:38:28 +0000 UTC Push: 2026-05-15 17:38:29 +0000 UTC |