Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 9.3 CVE-2026-12818

DVP-12SE Exposure of Sensitive Information Vulnerability_CVE-2026-12818

Delta Electronics DVP12SE PLCs are susceptible to a resource allocation vulnerability without limits or throttling (CWE-770) within their Modbus TC...

deltaww DVP-12SE * CVE
CRITICAL 9.9 B98A8361-599D-

Exploit for OS Command Injection in Olivetin_B98A8361-599D-5E2B-A55A-3FCFBEC697F8

CVE-2026-27626 — OliveTin OS Command Injection PoC Summary | | | |---|---| | CVE ID | CVE-2026-27626 | | Component | OliveTin | | Vulnerability Cla...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.9 54FD57FA-4F05-

Exploit for Prototype Pollution in N8N_54FD57FA-4F05-5BF3-A823-C8F345BE77D5

CVE-2026-44789 — n8n HTTP Request Node Pagination Prototype Pollution → RCE An authenticated n8n in the n8n server process through the HTTP Request...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.8 0E8262F5-24FF-

Exploit for Injection in Arjunsharda Searchor_0E8262F5-24FF-5B7F-A10A-2834068BE447

No description provided...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.8 2FA22502-8DE9-

Exploit for CVE-2026-56782_2FA22502-8DE9-5029-A733-3794A93C93F9

CVE-2026-56782 — Gorse Unauthenticated Database Dump / Restore Auth Bypass Gorse /api/dump and /api/restore are gated by an admin check that fails ...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.1 CVE-2026-37637

CVE-2026-37637_CVE-2026-37637

An issue in Alexantr filemanager v.1.0 allows a remote attacker to execute arbitrary code via the filemanager.php component

Alexantr Alexantr filemanager 1.0 CVE
CRITICAL 10 745E87EB-2F7B-

Exploit for Improper Control of Dynamically-Managed Code Resources in Kidocode Crawl4Ai_745E87EB-2F7B-5DE3-8689-0B856028F54D

CVE-2026-53753 — Crawl4AI Unauthenticated Remote Code Execution AST Sandbox Escape Pre-authentication RCE in Crawl4AI expression evaluator safeeval...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.8 964E7791-B2DF-

Exploit for Authentication Bypass by Primary Weakness in Crushftp_964E7791-B2DF-59B8-81F3-BEFC914A712D

CrushFTP 10.8.0 — CVE-2025-31161 Vulnerable Build Pre-built CrushFTP 10.8.0 binary for authorized penetration testing of CVE-2025-31161. !CAUTION T...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.8 983CAFED-3C66-

Exploit for Authentication Bypass by Primary Weakness in Crushftp_983CAFED-3C66-576E-BB1A-B397A3A030D6

Ansible Role: CrushFTP CVE-2025-31161 Ludus An Ansible Role that deploys a vulnerable CrushFTP 10.8.0 instance on Windows for authorized penetratio...

N/A N/A GITHUBEXPLOIT
CRITICAL 10 65F73DD7-40DF-

Exploit for Improper Access Control in Widgetfactorylimited Jce_65F73DD7-40DF-5117-8110-BB18FDB3BD7C

CVE-2026-48907 – Joomla JCE Unauthenticated Remote Code Execution RCE Severity: Critical CVSS 9.8 / CVSS v4 10.0 CVE: CVE-2026-48907 CWE: CWE-284 –...

N/A N/A GITHUBEXPLOIT