githubexploit - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	2A8C8CE0-592F-	Exploit for Missing Authentication for Critical Function in Splunk_2A8C8CE0-592F-566A-AD1D-9DB21DEE0C60 CVE-2026-20253 - Splunk Enterprise Pre-Auth RCE PoC ⚠️ ADVERTENCIA: Este script es solo para fines educativos y de prueba en entornos autorizados. ...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
CRITICAL 10	B351E803-26D7-	Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft_B351E803-26D7-5CFC-8727-D423591F86F5 SMBGhost Scanner — CVE-2020-0796 SMBv3 vulnerability scanner SMBGhost. Detects vulnerable Windows hosts by sending a malformed SMBv3 negotiation pa...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
CRITICAL 9.4	ED8AC01D-C112-	Exploit for SQL Injection in Ghost_ED8AC01D-C112-5F2F-86B2-002DDA813E82 CVE-2026-26980 — Ghost CMS Content API Blind SQL Injection Affected: Ghost 3.24.0 – 6.19.0 Fixed in: Ghost 6.19.1 Auth required: None — Content API...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
NONE	F6F142F3-3C4F-	pocsmith_F6F142F3-3C4F-57A3-A265-A7DF88A31A6B pocsmith pocsmith generates modular Python proof-of-concept templates from alias flags or YAML profiles. Install From GitHub with pipx: bash pipx i...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
NONE	B6A66232-7621-	Sql-injection-scanner_B6A66232-7621-5872-A51D-EDDA3F824073 Sql-injection-scanner Developing a security scanning tool that can quickly, reliably, and automatically detect SQL Injection vulnerabilities in web...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
MEDIUM 5.4	0D5ACD84-8796-	Exploit for Cross-site Scripting in Docmost_0D5ACD84-8796-5644-A05C-46FADC4B35D4 CVE-2026-34212 Docmost accepted a javascript: URL inside an attachment node, preserved it through storage and rendering, and turned it back into a ...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
MEDIUM 5.4	0A738D4C-E642-	Exploit for Authorization Bypass Through User-Controlled Key in Docmost_0A738D4C-E642-58D3-988B-4E964946EC66 CVE-2026-34213 A low-privileged Docmost user could supply a victim attachmentId to the generic upload endpoint and overwrite another page's stored ...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
HIGH 7.6	E61DF141-B3A8-	Exploit for CVE-2026-34207_E61DF141-B3A8-537B-8845-233051D12F82 CVE-2026-34207 The SSRF filter checked hostname text, but the actual destination was decided later by DNS. That gap let attacker-controlled Webhook...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
HIGH 8.3	22CFEBF4-738A-	Exploit for Missing Authorization in Plane_22CFEBF4-738A-52AD-B1A9-E066D3D33C80 CVE-2026-46558 Plane’s V2 asset subsystem trusted workspace slugs and asset UUIDs without enforcing the right membership checks, which let one auth...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
NONE	2DE71726-382B-	web-security-auditor_2DE71726-382B-5653-8780-93100257F741 Web Security Auditor Auditor automático de seguridad web desarrollado en Python. Esta herramienta está diseñada para ayudar a administradores y des...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT