CVE-2024-1698 – NotificationX WordPress Plugin SQL Injection Time‑Based Blind Unauthenticated Time‑Based Blind SQL Injection → Extract admin userna...
The FieldX MDM adb messaging topic passes unverified payloads directly into Runtime.exec(), allowing command/instruction injection.
OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. There are endpoints that allow code execution, whi...
nginx-rift-scanner Dependency-free Python 3 scanner for CVE-2026-42945 "NGINX Rift" — a CVSS v4.0 9.2 CRITICAL heap-based buffer overflow CWE-122 i...
DOMPurify re-clone bypass. Instead of relying on easily stripped source comments or version variables, this tool performs logic fingerprinting on m...
No description provided...
CrowCpp Crow through v1.3.1 HTTP is vulnerable to response header injection via unvalidated response header values.
RockRMS v16.13 and before v.17.7.0 is vulnerable to Cross Site Scripting (XSS) via Social Media links in user profile.
An OS command injection vulnerability in the app.py component of openlabs docker-wkhtmltopdf-aas up to commit 9f50579 allows attackers to execute a...
This is an advanced Python proof of concept for CVE-2026-23744 demonstrating command injection through a vulnerable MCP API endpoint, leading to re...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
