GitHub Feed
Explore the latest GitHub repositories gathered from our feed. Entries are grouped by day to help you track developments quickly.
Thu Aug 28, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-29927 | PoC | NextJS Middleware 15.2.2 - Authorization Bypass | Authorization Bypass in Next.js Middleware |
v3.1
CRITICAL
Score: 9.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
Visit Repo |
| CVE-2025-7775-PoC | Proof of concept written in Python targeting memory overflow v | Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service |
v4.0
CRITICAL
Score: 9.2
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
|
Visit Repo |
| CVE-2024-28397-js2py-Sandbox-Escape | n/a | n/a | Visit Repo | |
| CVE-2025-7775-PoC | Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service |
v4.0
CRITICAL
Score: 9.2
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
|
Visit Repo | |
| VMware-vmauthd-VNC-and-SOAP-Endpoint-PoC-Framework-with-Vulnerability-Detection | Developed a script to scan ports 902, 912, and 5900 for expose | n/a | n/a | Visit Repo |
| exposed-win-zero-days | A research-focused archive of publicly disclosed Windows zero- | n/a | n/a | Visit Repo |
| AI-Driven-Vulnerability-Triage | This project will create a tool that ranks endpoint vulnerabil | n/a | n/a | Visit Repo |
Wed Aug 27, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-34159 | A critical Remote Code Execution (RCE) vulnerability exists in | n/a | n/a | Visit Repo |
| CVE-2025-32463 | n/a |
v3.1
CRITICAL
Score: 9.3
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo | |
| WinRAR-Exploit-Tool---Rust-Edition | A high-performance, memory-safe implementation of the WinRAR C | n/a | n/a | Visit Repo |
| CVE-2025-34161 | Authenticated low-privileged RCE in Coolify via unsanitized sh | Coolify Git Repository Field Command Injection in Project Deployment Workflow |
v4.0
CRITICAL
Score: 9.4
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
|
Visit Repo |
| Penetration-Testing-and-Vulnerability-Assessment-of-a-Simulated-Corporate-Network | Performed a full-scope penetration test on a simulated corpora | n/a | n/a | Visit Repo |
| CVE-2025-8088 | n/a | n/a | Visit Repo | |
| CVE-2025-8088 | n/a | n/a | Visit Repo | |
| CVE-2025-32433-Detection | Erlang/OTP SSH Vulnerable to Pre-Authentication RCE |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2024-5083 | Nexus Repository 2 SXSS POC | Nexus Repository 2 - Stored XSS |
v4.0
MEDIUM
Score: 5.1
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
|
Visit Repo |
| CVE-2007-2447 | A Rust implementation of the CVE-2007-2447 exploit targeting S | n/a | n/a | Visit Repo |
| CVE-2018-19323 | An exploitation framework for CVE-2018-19323 - GIGABYTE GDrv p | n/a | n/a | Visit Repo |
| CVE-2025-6934 | Opal Estate Pro <= 1.7.5 - Unauthenticated Privilege Escalation via 'on_regiser_user' |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo | |
| langdroid-CVE-2025-46724 | n/a | n/a | Visit Repo | |
| HAProxy-CVE-2023-45539-PoC | HAProxy-CVE-2023-45539-PoC | n/a | n/a | Visit Repo |
| best-CVE-2025-8088 | Winrar CVE exploitation before 7.13 using multiple ADS streams | n/a | n/a | Visit Repo |
| watchTowr-vs-CrushFTP-Authentication-Bypass-CVE-2025-54309 | n/a |
v3.1
CRITICAL
Score: 9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-32463_chwoot | POC for CVE-2025-32463 sudo_chwoot | n/a |
v3.1
CRITICAL
Score: 9.3
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| totallynotsuspicious | sub for CVE-2025-48384 | n/a | n/a | Visit Repo |
| CVE-2025-38676 | Stack buffer overflow during cmdline parsing | n/a | n/a | Visit Repo |
| CVE-2025-48384 | test | Git allows arbitrary code execution through broken config quoting |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
|
Visit Repo |
Tue Aug 26, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-8088-WinRAR-Zero-Day-Path-Traversal | An engaging walkthrough on uncovering, patching, and securing | n/a | n/a | Visit Repo |
| -CVE-2025-8088 | POWERSHEL script to check if your device is affected or no | n/a | n/a | Visit Repo |
| xwiki_solrsearch-rce-exploit | Unauth RCE PoC for XWiki SolrSearch (CVE-2025-24893). Command | n/a | n/a | Visit Repo |
| Blackash-CVE-2025-57773 | Blackash-CVE-2025-57773 | n/a | n/a | Visit Repo |
| CVE-2025-24893_HackTheBox-Editor-Writeup | A critical remote code execution (RCE) vulnerability (CVE‑20 | Remote code execution as guest via SolrSearchMacros request in xwiki |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2017 | Proof-of-Concept exploits for CVE-2017-11882 | n/a | n/a | Visit Repo |
| BlueDucky | BlueDucky exploits a Bluetooth vulnerability, specifically CVE | n/a | n/a | Visit Repo |
| CVE-2025-34030-PoC | PoC for CVE-2025-34030 sar2html 'plot' parameter RCE | n/a | n/a | Visit Repo |
| CVE-2025-8088-WinRAR-Startup-PoC | n/a | n/a | Visit Repo | |
| CVE-2024-0762 | UEFIcanhazbufferoverflow | Potential buffer overflow when handling UEFI variables |
v3.1
HIGH
Score: 7.5
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
Mon Aug 25, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-48384 | PoC | Git allows arbitrary code execution through broken config quoting |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
|
Visit Repo |
| PoC-CVE-2017-5638 | Apache Struts2 CVE-2017-5638 (Safe Educational Demo) | n/a | n/a | Visit Repo |
| arkham-hunt | Document ethical hacking findings, CVEs, writeups, and proof-o | n/a | n/a | Visit Repo |
| ctf-cve-2024-4577 | Argument Injection in PHP-CGI |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo | |
| Odoo_PDFjs_CVE-2024-4367.pdf | Odoo ≤17 is vulnerable to CVE-2024-4367, allowing arbitrary | n/a | n/a | Visit Repo |
| CVE-Exploit-Research-Development-ITSOLERA | A research regarding the exisiting CVE exploit : CVE-2021-3156 | n/a | n/a | Visit Repo |
| CVE-2025-9074 | Docker Desktop allows unauthenticated access to Docker Engine API from containers |
v4.0
CRITICAL
Score: 9.3
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
|
Visit Repo | |
| cve-2025-38001 | net_sched: hfsc: Address reentrant enqueue adding class to eltree twice | n/a | Visit Repo | |
| CVE-2025-5419 | n/a | n/a | Visit Repo | |
| cve-exploits-github | n/a | n/a | Visit Repo | |
| CVE_2024_28397---js2py-RCE | n/a | n/a | Visit Repo | |
| POC-for-CVE-2024-32019 | ndsudo: local privilege escalation via untrusted search path |
v3.1
HIGH
Score: 8.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo | |
| Exploiting-vsFTPd-2.3.4-Backdoor-Vulnerability-Ethical-Hacking-Lab-with-Metasploitable-2-Metasploit | his project demonstrates the exploitation of the vsFTPd 2.3.4 | n/a | n/a | Visit Repo |
GitHub Threat Intelligence at a Glance
Stay on top of cybersecurity developments and open-source research through daily GitHub updates.
Jump into a repository to explore code, documentation, or CVE-related insights.