Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.8 CVE-2026-54074

@tinacms/cli: Remote Code Execution via Forestry migration — unsanitised __TINA_INTERNAL__ marker in user-controlled YAML labels_CVE-2026-54074

Tina is a headless content management system. @tinacms/cli versions prior to 2.4.3 contain a Remote Code Execution vulnerability in the Forestry-to...

tinacms tinacms < 2.4.3 CVE
MEDIUM 5.3 CVE-2026-14340

An incorrect authorization vulnerability in GitHub Enterprise Server allows issue creation in unrelated public repositories_CVE-2026-14340

An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed a user-to-server token scoped to a GitHub App inst...

GitHub Enterprise Server 3.16.0 CVE
CRITICAL 10 9300A862-8FDF-

Exploit for SQL Injection in Sangoma Freepbx_9300A862-8FDF-5FB3-B6EB-72DB0241BA85

CVE-2025-57819 Exploit Metadata - Severity: Critical 9.8 - Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - Type: Unauthenticated SQL Injecti...

N/A N/A GITHUBEXPLOIT
NONE 3C05B801-8687-

unified-bb-suite_3C05B801-8687-5076-995A-55DFAC5DBCAC

Unified BB Suite — Combined Workflow Two workflows merged into one · 33 tools · 30 Python scripts · 3 enhanced core tools Zero CGO · Termux-native ...

N/A N/A GITHUBEXPLOIT
NONE 68A3F776-A338-

CVE-PoC-Hub_68A3F776-A338-5DB3-A31D-A85B46D3DF8A

🔬 CVE-PoC-Hub — Curated Proof-of-Concept Exploits Working, verified PoC scripts for recent CVEs. Tested in lab environments. For security research...

N/A N/A GITHUBEXPLOIT
NONE 1BA014E3-69D1-

praetor_1BA014E3-69D1-53E6-A62B-087B7D42FCE7

PRAETOR Policy-governed Reconnaissance, Exploitation And Testing ORchestrator An LLM-driven autonomous penetration-testing orchestrator that you ca...

N/A N/A GITHUBEXPLOIT
NONE D0A0DF53-AA3B-

linux-privesc_D0A0DF53-AA3B-5A5C-B03B-5D3F30790643

🐧 Linux Privilege Escalation Toolkit Automated enumeration + exploit suggestion + 50+ privesc techniques. For pentesters, CTF players, and red tea...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.8 MSF:EXPLOIT-MULTI-

Flowise CSV Agent Prompt Injection RCE_MSF:EXPLOIT-MULTI-HTTP-FLOWISE_AUTH_RCE_CVE_2026_41264-

This vulnerability allows remote attackers to execute arbitrary code on affected installations of FlowiseAI Flowise. Authentication is not required...

N/A N/A METASPLOIT
NONE C2EADCC2-26FF-

ExploitKnowdledgebase_C2EADCC2-26FF-59B2-81B3-CF91E86DA229

poc2detect Defense-first pipeline that discovers GitHub proof-of-concept repositories, statically ingests their source, asks a configurable remote ...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.4 F59E18E1-8D28-

Exploit for OS Command Injection in Devcode Openstamanager_F59E18E1-8D28-5DFC-B6C7-B647B9B2BC1E

CVE-2025-69212 - OpenSTAManager OS Command Injection PoC Usage Install dependencies: bash pip install -r requirements.txt Run a single command and ...

N/A N/A GITHUBEXPLOIT