GitHub Feed
Explore the latest GitHub repositories gathered from our feed. Entries are grouped by day to help you track developments quickly.
Wed Jul 16, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| Blackash-CVE-2025-32432 | CVE-2025-32432 | Craft CMS Allows Remote Code Execution |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
|
Visit Repo |
| CVE-2025-47812 | Improper Neutralization of Null Byte or NUL Character in WingF | n/a |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-27210_NodeJS_Path_Traversal_Exploit | (PoC) CVE-2025-27210, a precise Path Traversal vulnerability a | n/a |
v3.0
HIGH
Score: 7.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
Visit Repo |
| cve-poc | n/a | n/a | Visit Repo | |
| CVE-2025-52689-PoC | Weak Session ID Check in the OmniAccess Stellar Web Management Interface |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2024-4577 | Exploit for php-cgi | Argument Injection in PHP-CGI |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| HML-CVE-2025-49113-Round-Cube | n/a |
v3.1
CRITICAL
Score: 9.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo | |
| cve-2025-48384-poc | Git allows arbitrary code execution through broken config quoting |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
|
Visit Repo |
Tue Jul 15, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-23167 | Working exploit for CVE-2025-23167 – HTTP request smuggling | n/a |
v3.0
MEDIUM
Score: 6.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
|
Visit Repo |
| CVE-2025-32463 | Privilege escalation to root using sudo chroot, NO NEED for gc | n/a |
v3.1
CRITICAL
Score: 9.3
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| phpMyAdmin-RCE-Exploit-Lab | Dimostrazione di una vulnerabilità RCE (Remote Code Execution | n/a | n/a | Visit Repo |
| CVE-2025-48384-submodule | Git allows arbitrary code execution through broken config quoting |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-27591 | CVE-2025-27591 | n/a | n/a | Visit Repo |
| Blackash-CVE-2025-53833 | CVE-2025-53833 | LaRecipe is vulnerable to Server-Side Template Injection attacks |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2016-0792 | CVE-2016-0792 Exploit By XBOW AI | n/a | n/a | Visit Repo |
| AutoVAPT-AI-Based-Vulnerability-Scanner-Pentest-Tool | AutoVAPT is an open-source GUI tool for automated Vulnerabilit | n/a | n/a | Visit Repo |
| CVE-2025-5349-Scanner | NetScaler ADC and NetScaler Gateway - Improper access control on the NetScaler Management Interface |
v4.0
HIGH
Score: 8.7
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
|
Visit Repo | |
| CVE-2025-32463 | CVE-2025-32463 漏洞概念验证 | n/a |
v3.1
CRITICAL
Score: 9.3
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-47981 | SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
|
Visit Repo | |
| CVE-2025-25257 | PoC for CVE-2025-25257, a critical unauthenticated SQL injecti | n/a | n/a | Visit Repo |
| CVE-2025-27591-Proof-Of-Concept | CVE-2025-27591 | n/a | n/a | Visit Repo |
| CVE-2025-XXXX-Sirv-Stored-XSS | Stored XSS in Sirv WordPress Plugin v7.5.5 – CVE-2025-XXXX | n/a | n/a | Visit Repo |
| Linux-Privilege-Escalation-CVE-2025-27591 | CVE-2025-27591 is a known privilege escalation vulnerability i | n/a | n/a | Visit Repo |
| CVE-2025-7340 | HT Contact Form Widget For Elementor Page Builder & Gutenberg | HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. <= 2.2.1 - Unauthenticated Arbitrary File Upload |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-5777 | CVE-2025-5777 (CitrixBleed 2) - [Citrix NetScaler ADC] [Citrix | NetScaler ADC and NetScaler Gateway - Insufficient input validation leading to memory overread |
v4.0
CRITICAL
Score: 9.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
|
Visit Repo |
| cve-2025-32463-lab | Educational Docker lab to simulate privilege escalation via CV | n/a |
v3.1
CRITICAL
Score: 9.3
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
Mon Jul 14, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| cve-2025-5755 | n/a | n/a | Visit Repo | |
| Thank-u-Next | CVE-2025-29927 PoC | Auth Bypass Exploit | Python Tool using h | n/a | n/a | Visit Repo |
| fortiweb_rce_toolkit | A powerful and modular PoC tool for CVE‑2025‑25257 in Fort | n/a | n/a | Visit Repo |
| CVE-2025-44137 | n/a | n/a | Visit Repo | |
| generate_cve_stats_debian_2024 | n/a | n/a | Visit Repo | |
| CVE-2025-44136 | n/a | n/a | Visit Repo | |
| Exploit-CVE-2025-1974-Lab | ingress-nginx admission controller RCE escalation |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-27415-PoC | Nuxt3 Acceptance of Extraneous Untrusted Data With Trusted Dat | Nuxt allows DOS via cache poisoning with payload rendering response |
v3.1
HIGH
Score: 7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
Visit Repo |
| CVE-2025-25257 | Explore the CVE-2025-25257 exploit for FortiWeb. This repo inc | n/a | n/a | Visit Repo |
| cve_2025_7620 | n/a | n/a | Visit Repo | |
| CVE-2025-7605 | code-projects AVL Rooms profile.php sql injection |
v4.0
MEDIUM
Score: 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
|
Visit Repo | |
| Wazuh-RCE | Wazuh 8.4 CVE-2025-24016 | n/a | n/a | Visit Repo |
| CVE-2025-48827 | This repository contains a proof-of-concept exploit for CVE-20 | n/a |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-7606 | n/a | n/a | Visit Repo | |
| CVE-2025-52488 | This exploit targets a vulnerability in DNN (formerly DotNetNu | n/a | n/a | Visit Repo |
| CVE-2025-49493 | This is a Python-based exploit for **CVE-2025-49493**, which a | n/a |
v3.1
MEDIUM
Score: 5.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
|
Visit Repo |
Sun Jul 13, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| HML-CVE-2025-49113 | n/a |
v3.1
CRITICAL
Score: 9.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo | |
| CVE_2020_35848 | CVE-2020-35848 impacts Cockpit-CMS v1.7 due to unsafe handling | n/a | n/a | Visit Repo |
| joomla-1.5-3.4.5-rce | Modified PoC exploit demonstrating remote code execution via o | n/a | n/a | Visit Repo |
| Path-Transversal-CVE-2025-31125- | Vite is a frontend tooling framework for javascript. Vite expo | Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query |
v3.1
MEDIUM
Score: 5.3
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
|
Visit Repo |
| TryHackMe-Room-Walkthrough-Billing | A detailed semi-professional walkthrough of TryHackMe's Billin | n/a | n/a | Visit Repo |
| overwrite | Proof-of-concept app to overwrite fonts on iOS using CVE-2022- | n/a | n/a | Visit Repo |
| Blackash-CVE-2025-22457 | CVE-2025-22457 | n/a |
v3.1
CRITICAL
Score: 9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-4593 | WP Register Profile With Shortcode <= 3.6.2 - Authenticated (Contributor+) Sensitive Information Exposure |
v3.1
MEDIUM
Score: 6.5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
Visit Repo |
GitHub Threat Intelligence at a Glance
Stay on top of cybersecurity developments and open-source research through daily GitHub updates.
Jump into a repository to explore code, documentation, or CVE-related insights.