unSafe.sh - 不安全

B1tBit/CVE-2026-32201-exploit A spoofing vulnerability exists in Microsoft SharePoint Server due to improper input validation. An unauthenticated attacker can send a specially crafted HTTP request to inject malicious JavaScript (reflected XSS), which executes in the security context of the SharePoint site.
Create: 2026-04-22 21:29:40 +0000 UTC Push: 2026-04-22 21:29:40 +0000 UTC |

osmancanvural/CVE-2026-6849
Create: 2026-04-22 19:19:17 +0000 UTC Push: 2026-04-22 19:19:17 +0000 UTC |

enfilade-labs/CVE-2026-20687-AppleJPEGDriver-UAF CVE-2026-20687: AppleJPEGDriver startDecoder Timeout UAF — iOS/macOS kernel vulnerability leading to deferred panic (A19 Pro, iOS 26.3 RC)
Create: 2026-04-22 17:36:17 +0000 UTC Push: 2026-04-22 17:36:19 +0000 UTC |

enfilade-labs/CVE-2026-20637-AppleSEPKeyStore-UAF CVE-2026-20637: AppleSEPKeyStore Use-After-Free — iOS/macOS kernel vulnerability (patched in 26.4)
Create: 2026-04-22 17:36:14 +0000 UTC Push: 2026-04-22 17:36:16 +0000 UTC |

krraze/CVE-2026-41575
Create: 2026-04-22 17:09:53 +0000 UTC Push: 2026-04-22 17:09:54 +0000 UTC |

jpselva/CVE-2023-4863
Create: 2026-04-22 15:32:23 +0000 UTC Push: 2026-04-22 15:32:23 +0000 UTC |

CVEs-Labs/CVE-2026-21876
Create: 2026-04-22 13:48:44 +0000 UTC Push: 2026-04-22 13:48:45 +0000 UTC |

CVEs-Labs/CVE-2026-21877 Lab environment and research for CVE-2026-21877
Create: 2026-04-22 13:26:34 +0000 UTC Push: 2026-04-22 13:26:35 +0000 UTC |

CEAarab/CVE-2026-26026-PoC
Create: 2026-04-22 13:21:45 +0000 UTC Push: 2026-04-22 13:21:45 +0000 UTC |

kaleth4/CVE-2026-33826
Create: 2026-04-22 12:35:05 +0000 UTC Push: 2026-04-22 12:35:05 +0000 UTC |

kaleth4/CVE-2026-33825
Create: 2026-04-22 12:29:39 +0000 UTC Push: 2026-04-22 12:30:08 +0000 UTC |

kaleth4/CVE-2026-33827
Create: 2026-04-22 12:13:33 +0000 UTC Push: 2026-04-22 12:13:33 +0000 UTC |

viglia/cve-2019-15107 CVE-2019-15107 Webmin RCE (unauthenticated) exploit
Create: 2026-04-22 10:13:41 +0000 UTC Push: 2026-04-22 10:13:41 +0000 UTC |

wired0ut/CVE-2019-2215 Full exploit for the Android vulnerability Bad Binder.
Create: 2026-04-22 08:10:27 +0000 UTC Push: 2026-04-22 08:10:27 +0000 UTC |

1402307692/CVE-2026-Mastodon-Streaming-Token-Leakage Mastodon Streaming Server Security Vulnerability PoC - CVE-2026-Mastodon-Streaming-Token-Leakage
Create: 2026-04-22 07:34:44 +0000 UTC Push: 2026-04-22 07:34:44 +0000 UTC |

1402307692/CVE-2026-Mastodon-Streaming-Metrics-Unauthorized Mastodon Streaming Server Security Vulnerability PoC - CVE-2026-Mastodon-Streaming-Metrics-Unauthorized
Create: 2026-04-22 07:34:41 +0000 UTC Push: 2026-04-22 07:34:42 +0000 UTC |

1402307692/CVE-2026-Mastodon-Streaming-CRLF-Injection Mastodon Streaming Server Security Vulnerability PoC - CVE-2026-Mastodon-Streaming-CRLF-Injection
Create: 2026-04-22 07:34:39 +0000 UTC Push: 2026-04-22 07:34:40 +0000 UTC |

JoakimBulow/CVE-2026-34308 CVE-2026-34308 - MySQL - DoS
Create: 2026-04-22 07:20:32 +0000 UTC Push: 2026-04-30 12:44:13 +0000 UTC |

NU1L0/CVE-2024-46636-SQLi-MODAPS SQL Injection vulnerability in NASA EOSDIS MODAPS due to improper input validation in the `category` parameter. This flaw allows attackers to manipulate backend SQL queries, potentially leading to unauthorized data access and database compromise.
Create: 2026-04-22 07:05:35 +0000 UTC Push: 2026-04-22 07:05:35 +0000 UTC |

EQSTLab/CVE-2026-33937
Create: 2026-04-22 05:09:10 +0000 UTC Push: 2026-04-22 05:09:10 +0000 UTC |