Recent Advisories

Severity ID Title Vendor Product Date Type
NONE 667272A9-7DD4-

Exploit for CVE-2026-20896_667272A9-7DD4-552B-89DA-705D608EC301

Código de la Prueba de Concepto CVE-2026-20896 Este script automatiza la explotación del fallo de lógica en la validación de rutas de la API de Git...

N/A N/A GITHUBEXPLOIT
CRITICAL 10 89F45BC2-5B61-

Exploit for Improper Control of Dynamically-Managed Code Resources in Kidocode Crawl4Ai_89F45BC2-5B61-56B8-AD6F-B97F1F503F94

CVE-2026-53753 — Crawl4AI AST Sandbox Escape → Pre-Auth RCE CVSS 10.0 CRITICAL | CWE-94 / CWE-913 | No auth required JWT disabled by default Crawl4...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.2 615063E2-4C59-

Exploit for Integer Overflow to Buffer Overflow in Libssh2_615063E2-4C59-5B03-97A2-8075CD4C7246

Reporte de Seguridad: CVE-2026-55200 📝 Descripción General El CVE-2026-55200 es una vulnerabilidad crítica de desbordamiento de memoria basada en ...

N/A N/A GITHUBEXPLOIT
HIGH 7.7 IMPERVABLOG:390...

Code Injection in Perforce Helix Core (CVE-2026-6902)_IMPERVABLOG:3902B857BFAE6E32EDDCC0AF92A3ADFF

## Executive Summary In this article, we disclose our latest findings we made on Perforce protocol P4 (Helix Core) between command line client and...

N/A N/A IMPERVABLOG
MEDIUM 6.1 0D0EF1BD-14A5-

CVE2PoC_0D0EF1BD-14A5-50C1-A1F5-B5ADB34C49F4

CVE2PoC - Zimbra defensive CVE tracking This tool helps Zimbra operators track CVEs, public PoCs, CISA KEV, EPSS, weaponized modules, and whether a...

N/A N/A GITHUBEXPLOIT
NONE 9BFE7385-86D8-

bugspray_9BFE7385-86D8-5DA3-A472-E0D5C0C7460C

🔴 Bugspray Multi-vector web application vulnerability scanner SQLi · XSS · SSTI · NoSQLi · SSRF · LFI · CMDi · Path Traversal · Open Redirect text...

N/A N/A GITHUBEXPLOIT
NONE 30830C09-DEA1-

penetration-testing-labs-htu_30830C09-DEA1-5389-9616-12490B2D9736

Penetration Testing Labs – HTU Hands-on penetration testing project covering exploit development, Active Directory attacks, web application securit...

N/A N/A GITHUBEXPLOIT
MEDIUM 5.3 CVE-2026-54712

OpenTelemetry Javaagent RMI context propagation allows resource exhaustion_CVE-2026-54712

OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. In versions prior to 2.27.0,...

open-telemetry opentelemetry-java-instrumentation < 2.27.0 CVE
MEDIUM 6.5 CVE-2026-54704

OpenTelemetry Java Instrumentation: JDBC Auto-Instrumentation Logging Clear-Text Passwords_CVE-2026-54704

OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. In versions prior to 2.28.0,...

open-telemetry opentelemetry-java-instrumentation < 2.28.0 CVE
HIGH 7.3 CVE-2026-54263

Wagtail: Reflected XSS in dynamic image URL generator view_CVE-2026-54263

Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, reflected cross-site scripting (X...

wagtail wagtail < 7.0.8 CVE