CVE-2026-13036 — Use-After-Free in Blink WidgetBase::UpdateSurfaceAndScreenInfo A use-after-free vulnerability in Google Chrome's Blink rendering e...
Amaranth Project A multi-stage backdoor implantation attack chain is implemented using CVE-2025-8088 WinRAR path traversal vulnerability, ≤ 7.11. F...
offensive-craft 🛠️ A forge for offensive security research — exploit development, tooling, tradecraft, and proof-of-concept work across the red tea...
An access control deficiency vulnerability exists in ExpressUpdate Agent for Windows. If a malicious user gains access to the product, arbitrary co...
CVE-2026-35273-poc file clone the repo, cd into, run main.py file...
Use after free in Payments in Google Chrome on Android prior to 149.0.7827.201 allowed a local attacker to potentially exploit heap corruption via ...
A missing sanitisation vulnerability exists with user input in the stats-video.php script. The way URLs to this script were constructed did not fol...
A bypass to the admin‑only restriction of the XML‑RPC API in Revive Adserver 6.0.7. The API response for the ox.login method returned a session ID ...
A stored XSS vulnerabilities exists in the `maintenance-acl-check.php` and `maintenance-banners-check.php` tools of Revive Adserver 6.0.7. The issu...
Bypass to the fix for CVE-2026-34916. Variants of such vectors have been also reported by phucrio and offsetmd. The fix can be bypassed either by s...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
