GitHub Feed

Explore the latest GitHub repositories gathered from our feed. Entries are grouped by day to help you track developments quickly.

Wed May 07, 2025

Repository Description CVE Metrics Action
CVE-2025-29927 Next.js Auth Bypass PoC Edge Runtime Env Leak via Middleware B Authorization Bypass in Next.js Middleware
v3.1 CRITICAL Score: 9.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 		Visit Repo
VulnVault A curated collection of CVEs, tools ️, and scripts for vuln n/a n/a Visit Repo
CVE-2024-38475_SonicBoom_Apache_URL_Traversal_PoC Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path. n/a Visit Repo

Tue May 06, 2025

Repository Description CVE Metrics Action
Recon-exploit-tools Exploit , Hope there might be CVE's for this one in ExploitDB! n/a n/a Visit Repo
AirBorne-PoC poc for CVE-2025-24252 & CVE-2025-24132 n/a n/a Visit Repo
CVE-2025-45250 CVE-2025-45250 POC n/a n/a Visit Repo
vulnerable-next_js_cve-2025-29927 Authorization Bypass in Next.js Middleware
v3.1 CRITICAL Score: 9.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 		Visit Repo
sap_netweaver_cve-2025-31324- Research Purposes only Missing Authorization check in SAP NetWeaver (Visual Composer development server)
v3.1 CRITICAL Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 		Visit Repo
CVE-2025-34028-PoC-Commvault-RCE Proof-of-Concept (PoC) for CVE-2025-34028, a Remote Code Execu Commvault Command Center Innovation Release Unathenticated Path Traversal
v3.1 CRITICAL Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H 		Visit Repo
CVE-2021-23017 NGINX DNS Overflow Vulnerability Check - CVE-2021-23017 PoC n/a n/a Visit Repo
CVE-2025-24801 CVE-2025-24801 Exploit GLPI allows authenticated remote code execution
v3.1 HIGH Score: 8.6
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H 		Visit Repo
CVE-2025-46731 Craft CMS Contains a Potential Remote Code Execution Vulnerability via Twig SSTI
v4.0 HIGH Score: 7.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P 		Visit Repo
Commvault-CVE-2025-34028 Commvault Remote Code Execution (CVE-2025-34028) NSE Commvault Command Center Innovation Release Unathenticated Path Traversal
v3.1 CRITICAL Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H 		Visit Repo
CVE-2025-3604 Flynax Bridge <= 2.2.0 - Unauthenticated Privilege Escalation Flynax Bridge <= 2.2.0 - Unauthenticated Privilege Escalation via Account Takeover
v3.1 CRITICAL Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 		Visit Repo

Mon May 05, 2025

Repository Description CVE Metrics Action
CVE-2025-3248 Scanner and exploit for CVE-2025-3248 Langflow Unauth RCE
v3.1 CRITICAL Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 		Visit Repo
CVE-2025-29448 n/a n/a Visit Repo
advisory ️ A collection of in-depth vulnerability advisories and secu n/a n/a Visit Repo
CVE-2025-3776 Verification SMS with TargetSMS <= 1.5 - Unauthenticated Limited Remote Code Execution
v3.1 HIGH Score: 8.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L 		Visit Repo
CVE-2025-47256 Stack overflow in LibXMP n/a n/a Visit Repo
CVE-202428187 Command Injection n/a n/a Visit Repo
CVE-2025-28062 proof of concept n/a n/a Visit Repo
CVE-2025-24893-EXP Remote code execution as guest via SolrSearchMacros request in xwiki
v3.1 CRITICAL Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 		Visit Repo
analyze-Exploit-CVE-2023-22518-Confluence n/a
v3.0 CRITICAL Score: 10
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 		Visit Repo
CVE-2024-21546 This Python exploit script targets a vulnerable Laravel Filema n/a
v4.0 CRITICAL Score: 9.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P 		Visit Repo
CVE-2025-3969-Exploit CVE-2025-3969: Exploit PoC (OS CMD injection, Web Shell, Inter codeprojects News Publishing Site Dashboard Edit Category Page edit-category.php unrestricted upload
v4.0 MEDIUM Score: 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N 		Visit Repo

Sun May 04, 2025

Repository Description CVE Metrics Action
SOC335-CVE-2024-49138-Exploitation-Detected Windows Common Log File System Driver Elevation of Privilege Vulnerability
v3.1 HIGH Score: 7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 		Visit Repo
CVE-2021-1931-BBRY-KEY2 proof of concept CVE-2021-1931 exploit for the blackberry key2 n/a
v3.1 MEDIUM Score: 6.7
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 		Visit Repo
cve-2024-36401-poc A poc for cve-2024-36401 for applications using GeoTools for W Remote Code Execution (RCE) vulnerability in evaluating property name expressions in Geoserver
v3.1 CRITICAL Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 		Visit Repo
CVE-2025-Analysis n/a n/a Visit Repo

Sat May 03, 2025

Repository Description CVE Metrics Action
cve-2025-1323 WP-Recall Plugin SQL Injection WP-Recall – Registration, Profile, Commerce & More <= 16.26.10 - Unauthenticated SQL Injection
v3.1 HIGH Score: 7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 		Visit Repo
fastify-cve-2025-47240 PoC and write-up for CVE-2025-47240 — RCE in @fastify/view v n/a n/a Visit Repo
UNISA_CVE-2025-26529 This repository contains a comprehensive Proof-of-Concept (PoC Stored XSS risk in admin live log
v3.1 HIGH Score: 8.3
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H 		Visit Repo
CVE-2025-47226 This CVE - PoC about information on the CVEs I found. n/a
v3.1 MEDIUM Score: 5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N 		Visit Repo
CVE-2025-32375 This repository includes everything needed to run a PoC exploi Insecure Deserialization leads to RCE in BentoML's runner server
v3.1 CRITICAL Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 		Visit Repo
CVE-2025-29927_scanner Authorization Bypass in Next.js Middleware
v3.1 CRITICAL Score: 9.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 		Visit Repo
CVE-2025-32433 A critical flaw has been discovered in Erlang/OTP's SSH server Erlang/OTP SSH Vulnerable to Pre-Authentication RCE
v3.1 CRITICAL Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 		Visit Repo
wpstorecart-exploit Simple PoC of wpstorecart before 2.5.30 plugin exploit (CVE-20 n/a n/a Visit Repo
CVE-2025-24054 NTLM Hash Disclosure Spoofing Vulnerability
v3.1 MEDIUM Score: 6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 		Visit Repo
CVE-2025-3928 Commvault Web Server unspecified vulnerability
v4.0 HIGH Score: 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N 		Visit Repo
Zero-Day-Vulnerability-Exploitation-Detection-Tool An AI-powered tool to predict and prevent zero-day attacks on n/a n/a Visit Repo
Anydesk-Exploit-CVE-2025-12654-RCE-Builder Exploit development targets vulnerabilities using tools like e n/a n/a Visit Repo
redteam-walkthroughs A practical cybersecurity portfolio showcasing real-world CVE n/a n/a Visit Repo
Office-Exploit-Cve2025-Xml-Doc-Docx-Rce-Builder-Fud Exploit development targets vulnerabilities like CVE-2025-4422 n/a n/a Visit Repo
Analysis-of-TomcatKiller---CVE-2025-31650-Exploit-Tool Apache Tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame n/a Visit Repo
CVE-2024-31317-PoC-Deployer n/a n/a Visit Repo
Phantom-Registy-Exploit-Cve2025-20682-Runtime-Fud-Lnk Exploit development involves tools like exploitation framework n/a n/a Visit Repo
CVE-2025-1304 WordPress NewsBlogger Theme <= 0.2.5.1 is vulnerable to Arbit NewsBlogger <= 0.2.5.1 - Authenticated (Subscriber+) Arbitrary File Upload
v3.1 HIGH Score: 8.8
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 		Visit Repo
CMD-Exploit-CVE-2024-RCE-AboRady-FUD-25765-Injection Exploit development uses tools like exploitation frameworks an n/a n/a Visit Repo
CVE-2024-23113 This python scripts searches a client list to see if their For n/a
v3.1 CRITICAL Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:U/RC:C 		Visit Repo
CVE-2020-13151-POC-Aerospike-Server-Host-Command-Execution-RCE- n/a n/a Visit Repo

GitHub Threat Intelligence at a Glance

Stay on top of cybersecurity developments and open-source research through daily GitHub updates.

Jump into a repository to explore code, documentation, or CVE-related insights.