unSafe.sh - 不安全

minanagehsalalma/cve-2026-34473-unauthenticated-dos-zte-routers Technical breakdown of CVE-2026-34473, an unauthenticated denial of service affecting 17+ ZTE router models.
Create: 2026-05-16 14:57:50 +0000 UTC Push: 2026-05-16 15:34:15 +0000 UTC |

0xBlackash/CVE-2026-44578 CVE-2026-44578
Create: 2026-05-16 14:41:12 +0000 UTC Push: 2026-05-16 14:41:13 +0000 UTC |

VampXDH/CVE-2026-46333 CVE-2026-46333 ssh-key-sign-pwn
Create: 2026-05-16 13:45:44 +0000 UTC Push: 2026-05-16 13:45:45 +0000 UTC |

CharBay/Linux-CVE-2026-31431_Public 这个库保存了linux最新远程连接漏洞的可执行文件
Create: 2026-05-16 13:43:53 +0000 UTC Push: 2026-05-16 13:57:12 +0000 UTC |

Insaida/cve-2024-0519-rca-research CVE-2024-0519 root cause analysis — V8 TOCTOU race in GetOwnFastDataPropertyFromHeap
Create: 2026-05-16 12:43:21 +0000 UTC Push: 2026-05-16 12:43:22 +0000 UTC |

1475210817/Axis1.4-CVE-2019-0227 Apache Axis1.4 远程命令执行漏洞利用工具 - 支持随机化服务名和Webshell文件名
Create: 2026-05-16 12:37:34 +0000 UTC Push: 2026-05-16 12:38:25 +0000 UTC |

xShadow-Here/CVE-2026-4882 User Registration Advanced Fields <= 1.6.20 - Unauthenticated Arbitrary File Upload
Create: 2026-05-16 12:18:24 +0000 UTC Push: 2026-05-16 12:18:24 +0000 UTC |

whattheslime/CVE-2026-8181 Exploit for the CVE-2026-8181 - Burst Statistics WordPress Plugin Authentication Bypass
Create: 2026-05-16 11:06:03 +0000 UTC Push: 2026-05-16 11:06:03 +0000 UTC |

dinosn/CVE-2026-44578 CVE-2026-44578: Next.js WebSocket Upgrade SSRF — pre-auth credential theft via localhost:80. Lab + exploit + audit.
Create: 2026-05-16 10:15:20 +0000 UTC Push: 2026-05-16 10:15:23 +0000 UTC |

murrez/CVE-2026-6433 PoC for CVE-2026-6433: WordPress FlipperCode Custom CSS, JS & PHP (≤2.0.7) — unauthenticated SQLi to RCE. Python 3 stdlib; single target or bulk multi-threaded scanning. Authorized testing & research only.
Create: 2026-05-16 09:29:58 +0000 UTC Push: 2026-05-16 09:30:30 +0000 UTC |

sibersan/apache_audit_cve-2026-23918 Python toolkit to audit Apache HTTP Server against CVE-2026-23918 (HTTP/2 double-free RCE) and 4 related CVEs. Passive scanner with ALPN verification + read-only local auditor. No exploits.
Create: 2026-05-16 09:18:34 +0000 UTC Push: 2026-05-16 09:18:35 +0000 UTC |

sibersan/web-server-audit_CVE-2026-42945 Trigger-aware web server CVE audit for nginx and Apache. Goes beyond version matching by checking whether the vulnerable code path is actually reachable in your configuration. Classifies findings as Active / Latent / Unverified. Single-file Python 3.5+, no dependencies.
Create: 2026-05-16 09:06:53 +0000 UTC Push: 2026-05-16 09:06:54 +0000 UTC |

dinosn/cve-2026-42945-nginx32-lab CVE-2026-42945 nginx 32-bit exploit lab
Create: 2026-05-16 09:01:39 +0000 UTC Push: 2026-05-16 09:02:07 +0000 UTC |

vtrmK/CVE-2026-36436-Public-Reference-Pack
Create: 2026-05-16 03:47:25 +0000 UTC Push: 2026-05-16 03:47:26 +0000 UTC |

HORKimhab/CVE-2026-45091 CVE-2026-45091
Create: 2026-05-16 03:05:32 +0000 UTC Push: 2026-05-16 03:05:35 +0000 UTC |

Jenderal92/CVE-2026-8181
Create: 2026-05-16 02:50:28 +0000 UTC Push: 2026-05-16 02:50:46 +0000 UTC |

HORKimhab/CVE-2026-6857 CVE-2026-6857
Create: 2026-05-16 02:48:45 +0000 UTC Push: 2026-05-16 02:48:48 +0000 UTC |

CryptReaper12/CVE-2026-45672
Create: 2026-05-16 02:36:45 +0000 UTC Push: 2026-05-16 02:36:45 +0000 UTC |

ByteWraith1/CVE-2026-41096
Create: 2026-05-16 02:30:24 +0000 UTC Push: 2026-05-16 02:30:25 +0000 UTC |

deaprojects/CVE-2025-70849 CVE-2025-70849: Stored XSS in Podinfo
Create: 2026-05-16 02:19:08 +0000 UTC Push: 2026-05-16 02:19:09 +0000 UTC |