GitHub Feed
Explore the latest GitHub repositories gathered from our feed. Entries are grouped by day to help you track developments quickly.
Thu Sep 11, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| decrypted | Decrypt FairPlay-protected iOS apps on macOS (SIP-enabled) us | n/a | n/a | Visit Repo |
| CVE-2025-48384-Scanner | CVE-2025-48384 Scanner | Git allows arbitrary code execution through broken config quoting |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2022-22077 | CVE-2022-22077 is a high-severity vulnerability (CVSS score 7. | n/a |
v3.1
HIGH
Score: 8.4
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-32463_PoC | n/a |
v3.1
CRITICAL
Score: 9.3
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo | |
| cve-poc-authlib-algnone | n/a | n/a | Visit Repo | |
| POC-CVE-2025-24813-Apache-Tomcat-Remote-Code-Execution | Este repositorio contiene un exploit automatizado desarrollado | Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT | n/a | Visit Repo |
| cve-poc | n/a | n/a | Visit Repo | |
| CVE-2025-49388 | Miraculous Core (kamleshyadav) ≤ 2.0.7 — Unauthenticated P | n/a | n/a | Visit Repo |
| CVE-2025-42957 | Code Injection vulnerability in SAP S/4HANA (Private Cloud or On-Premise) |
v3.1
CRITICAL
Score: 9.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-43300 | CVE-2025-43300: iOS/macOS DNG Image Processing Memory Corrupti | n/a | n/a | Visit Repo |
| CVE-2024-28397 | This repository contains a python exploit code for CVE-2024-28 | n/a | n/a | Visit Repo |
| poc-champ | CLI web-scrapping tool to search repositories with POC (Proof | n/a | n/a | Visit Repo |
Fri Aug 29, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-49113 | Python Script for CVE-2025-49113. Roundcube Webmail before 1.5 | n/a |
v3.1
CRITICAL
Score: 9.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| UpSkope | Custom IPC Client and Proof of Concept exploit for CVE-2025-03 | n/a | n/a | Visit Repo |
| CVE-2025-55579 | CVE-2025-55579 | n/a | n/a | Visit Repo |
| CVE-2025-55580 | CVE-2025-55580 | n/a | n/a | Visit Repo |
| CVE-2025-57819-ioc-check | This is repository contains a script to check for current IOCs | FreePBX Affected by Authentication Bypass Leading to SQL Injection and RCE |
v4.0
CRITICAL
Score: 10
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
|
Visit Repo |
| CVE-2025-48384 | Git allows arbitrary code execution through broken config quoting |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-55763 | Heap overflow PoC for CivetWeb CVE-2025-55763 | n/a | n/a | Visit Repo |
| CVE-2025-57819 | Detection for CVE-2025-57819 | FreePBX Affected by Authentication Bypass Leading to SQL Injection and RCE |
v4.0
CRITICAL
Score: 10
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
|
Visit Repo |
| CVE-2025-55188 | Proof-of-Concept of CVE-2025-55188: 7-Zip Arbitrary File Write | n/a | n/a | Visit Repo |
| CVE-2025-52100 | CVE-2025-52100 | n/a | n/a | Visit Repo |
| CVE-2025-34040Exp | 致远OA存在文件上传导致RCE(CVE-2025-34040) | Zhiyuan OA System Path Traversal File Upload |
v4.0
CRITICAL
Score: 10
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
|
Visit Repo |
| CVE_POC | n/a | n/a | Visit Repo | |
| CVE-2025-54309 | CrushFTP AS2 Authentication Bypass | n/a |
v3.1
CRITICAL
Score: 9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| wishlist-poc | Wishlist Member Arbitrary File Read via Directory Travesal <= | n/a | n/a | Visit Repo |
| CVE-2025-48384-poc | PoC for CVE-2025-48384 | Git allows arbitrary code execution through broken config quoting |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
|
Visit Repo |
| oo | Bad Spin: Android Binder Privilege Escalation Exploit (CVE-202 | n/a | n/a | Visit Repo |
| Black-Box-Pen-testing-DVWA | Black-box penetration test on Damn Vulnerable Web Application | n/a | n/a | Visit Repo |
| CVE-2025-48384-submodule | Git allows arbitrary code execution through broken config quoting |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-5419 | Analyze CVE-2025-5419 to understand its impact and mitigate r | n/a | n/a | Visit Repo |
Thu Aug 28, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-48384-PoC | Built to call on CVE-2025-48384-PoC-Part2 for RCE | Git allows arbitrary code execution through broken config quoting |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2024-12877-Exploit | GiveWP – Donation Plugin and Fundraising Platform <= 3.19.2 - Unauthenticated PHP Object Injection |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-47987_PoC | Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability |
v3.1
HIGH
Score: 7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
|
Visit Repo | |
| CVE-2025-48384-PoC-Part2 | RCE hook | Git allows arbitrary code execution through broken config quoting |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
|
Visit Repo |
| NodeSearch | is a Python command-line tool that allows you to search for vu | n/a | n/a | Visit Repo |
| CVE-2025-7955 | RingCentral Communications 1.5 - 1.6.8 - Missing Server‑Side | RingCentral Communications 1.5 - 1.6.8 - Missing Server‑Side Verification to Authentication Bypass via ringcentral_admin_login_2fa_verify Function |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-32433 | Erlang/OTP SSH Vulnerable to Pre-Authentication RCE |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo | |
| balckstone-product-cve-po | This video demonstrates a security vulnerability discovered in | n/a | n/a | Visit Repo |
| CVE-2025-31200 | IOS audio buffer overflow CVE-2025-31200 POC | n/a | n/a | Visit Repo |
| msf_exploit_finder_tool | Python tool to find CVE exploits and generate vulnerability re | n/a | n/a | Visit Repo |
| CVE-2025-29927 | PoC | NextJS Middleware 15.2.2 - Authorization Bypass | Authorization Bypass in Next.js Middleware |
v3.1
CRITICAL
Score: 9.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
Visit Repo |
| CVE-2025-7775-PoC | Proof of concept written in Python targeting memory overflow v | Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service |
v4.0
CRITICAL
Score: 9.2
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
|
Visit Repo |
| CVE-2024-28397-js2py-Sandbox-Escape | n/a | n/a | Visit Repo | |
| CVE-2025-7775-PoC | Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service |
v4.0
CRITICAL
Score: 9.2
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
|
Visit Repo | |
| VMware-vmauthd-VNC-and-SOAP-Endpoint-PoC-Framework-with-Vulnerability-Detection | Developed a script to scan ports 902, 912, and 5900 for expose | n/a | n/a | Visit Repo |
| exposed-win-zero-days | A research-focused archive of publicly disclosed Windows zero- | n/a | n/a | Visit Repo |
| AI-Driven-Vulnerability-Triage | This project will create a tool that ranks endpoint vulnerabil | n/a | n/a | Visit Repo |
Wed Aug 27, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-34159 | A critical Remote Code Execution (RCE) vulnerability exists in | n/a | n/a | Visit Repo |
| CVE-2025-32463 | n/a |
v3.1
CRITICAL
Score: 9.3
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
GitHub Threat Intelligence at a Glance
Stay on top of cybersecurity developments and open-source research through daily GitHub updates.
Jump into a repository to explore code, documentation, or CVE-related insights.