skoveit/CVE-2026-34227 Create: 2026-03-27 13:51:07 +0000 UTC Push: 2026-03-27 13:51:07 +0000 UTC |

alonaki/InvenTree-Path-Traversal-CVE-2026-33531 This repository contains a professional write-up of a path traversal vulnerability discovered in InvenTree's report template engine. This vulnerability was patched in versions 1.2.6 and 1.3.0. Create: 2026-03-27 13:07:08 +0000 UTC Push: 2026-03-27 14:17:57 +0000 UTC |

UPinar/contrastapi Security intelligence API for AI agents and developers. CVE lookup, domain recon, IP reputation, tech fingerprinting, threat intel, code security. 20 tools. MCP server. Create: 2026-03-27 12:45:44 +0000 UTC Push: 2026-03-27 23:21:32 +0000 UTC |

O99099O/By-Poloss..-..CVE-2026-33868 Mastodon - Open Redirect Create: 2026-03-27 09:23:51 +0000 UTC Push: 2026-03-27 09:23:51 +0000 UTC |

vettrivel007/CVE-2024-26229 Windows LPE Create: 2026-03-27 08:29:40 +0000 UTC Push: 2026-03-27 08:29:40 +0000 UTC |

z4yd3/CVE-2026-33017-PoC CVE-2026-33017: Unauthenticated RCE in Langflow Create: 2026-03-27 07:15:07 +0000 UTC Push: 2026-03-27 07:15:08 +0000 UTC |

z4yd3/PoC-CVE-2026-33017 CVE-2026-33017: Unauthenticated RCE in Langflow Create: 2026-03-27 07:15:07 +0000 UTC Push: 2026-03-27 07:15:59 +0000 UTC |

b0b0haha/CVE-2026-29954 Create: 2026-03-27 06:11:47 +0000 UTC Push: 2026-03-27 06:11:48 +0000 UTC |

b0b0haha/CVE-2026-29955 The details for CVE-2026-29955 Create: 2026-03-27 06:02:37 +0000 UTC Push: 2026-03-27 06:03:26 +0000 UTC |

Nxploited/CVE-2026-3891 Pix for WooCommerce <= 1.5.0 - Unauthenticated Arbitrary File Upload Create: 2026-03-27 06:00:10 +0000 UTC Push: 2026-03-27 06:00:10 +0000 UTC |

briskets/CVE-2026-22557 PoC for CVE-2026-22557 - UniFi Path Traversal Create: 2026-03-27 05:07:41 +0000 UTC Push: 2026-03-27 05:08:45 +0000 UTC |

qalesyaSN/CVE-2025-39459 Real Estate 7 <= 3.5.2 - Unauthenticated Privilege Escalation Create: 2026-03-27 01:18:21 +0000 UTC Push: 2026-03-27 01:18:22 +0000 UTC |

qflksheep/CVE-2026-29909-MRCMS-vulnerability MRCMS V3.1.2 contains an unauthenticated directory enumeration vulnerability in the file management module. The `/admin/file/list.do` endpoint lacks authentication controls and proper input validation, allowing remote attackers to enumerate directory contents on the server without any credentials. Create: 2026-03-26 23:49:16 +0000 UTC Push: 2026-03-26 23:49:16 +0000 UTC |

SowatKheang/CVE_2026_2576_PoC Create: 2026-03-26 23:19:57 +0000 UTC Push: 2026-03-26 23:19:57 +0000 UTC |

Tharooon/CVE-2026-29971 An attacker can execute arbitrary JavaScript in the victim's browser, potentially leading to session hijacking or privilege escalation. Create: 2026-03-26 22:56:31 +0000 UTC Push: 2026-03-26 22:56:31 +0000 UTC |

tharunchidurala-cyber/CVE-2026-29971 An attacker can execute arbitrary JavaScript in the victim's browser, potentially leading to session hijacking or privilege escalation. Create: 2026-03-26 22:39:43 +0000 UTC Push: 2026-03-26 22:39:43 +0000 UTC |

tharunchidurala-cyber/BACkupCVE-2026-29971 An attacker can execute arbitrary JavaScript in the victim's browser, potentially leading to session hijacking or privilege escalation. Create: 2026-03-26 22:39:43 +0000 UTC Push: 2026-03-26 22:42:09 +0000 UTC |

Taxanehh/CVE-2025-34037 Python port of the Linksys tmUnblock.cgi RCE exploit Create: 2026-03-26 21:55:13 +0000 UTC Push: 2026-03-26 21:55:13 +0000 UTC |

mathitam/thingsboard-ssrf-cve-2025-34282 PoC exploit for CVE-2025-34282 - ThingsBoard SSRF via SVG Image Upload Create: 2026-03-26 21:41:22 +0000 UTC Push: 2026-03-26 21:41:23 +0000 UTC |

pgaSUS99/PoC-CVE-2025-52913 A Proof of Concept (PoC) for CVE-2025-52913, a path normalization vulnerability affecting Mitel MiCollab. Create: 2026-03-26 20:31:51 +0000 UTC Push: 2026-03-26 20:31:53 +0000 UTC |