Exploit PoC

Apache Tomcat RCE Details and Exploit Code Now Public Apache Tomcat RCE CVE-2026-34486

Apache Tomcat RCE CVE-2026-34486

Apache Tomcat RCE Details and Exploit Code Now Public

Do Son May 12, 2026

A newly disclosed vulnerability was found in Apache Tomcat (CVE-2026-34486, CVSS 7.5). With the details of the...

Critical Full Exploit Disclosed: Public PoC and Technical Details Released for Critical ProFTPD SQL Injection ProFTPD SQL Injection CVE-2026-42167 Exploit

ProFTPD SQL Injection CVE-2026-42167 Exploit

Critical Full Exploit Disclosed: Public PoC and Technical Details Released for Critical ProFTPD SQL Injection

Do Son April 29, 2026

Analysts from ZeroPath Research have uncovered a critical SQL injection vulnerability within the mod_sql extension of ProFTPD,...

Critical Critical Flaw in Livewire Exposes Laravel Apps to Stealthy RCE, PoC Releases CVE-2025-54068, Livewire RCE

CVE-2025-54068, Livewire RCE

Critical Critical Flaw in Livewire Exposes Laravel Apps to Stealthy RCE, PoC Releases

Do Son December 26, 2025

Developers relying on Livewire, a cornerstone framework for building dynamic interfaces in Laravel, are facing a severe...

Windows DWM Flaw Lets Local Users Paint Their Way to SYSTEM Privileges, PoC Publishes

HTTP.sys RCE vulnerability, Windows HTTP stack exploit, CVE-2026-47291 Netlogon RCE vulnerability Exploited in the wild Secure Boot certificate renewal 2026, Windows 11 UEFI update Community-First AI Infrastructure, Microsoft self-funding energy mandate aka.ms/aoh online portal CVE-2025-55681, Windows DWM Elevation Windows Administrator Protection, CVE-2025-60718 Microsoft AI Compute, IREN Infrastructure Microsoft Japan PPA, Renewable Energy Microsoft AI Investment, Cloud Expansion Microsoft Azure, Startup Credits Infinite Workday, AI in Work Microsoft Russia, Bankruptcy AI code generation, Microsoft AI Microsoft Layoffs, Restructuring

Windows DWM Flaw Lets Local Users Paint Their Way to SYSTEM Privileges, PoC Publishes

Do Son December 23, 2025

A newly discovered vulnerability in the heart of the Windows visual experience has been patched by Microsoft,...

🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

CVE-2026-20230CVSS 8.6
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified...
CVE-2026-4020CVSS 7.5
The Gravity SMTP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and...
CVE-2026-10735
Multiple plugins by ShapedPlugin contain a backdoor in various versions. This makes it possible for unauthenticated attackers to...
CVE-2026-20262CVSS 6.5
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated,...
CVE-2026-54420CVSS 8.5
LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a...
CVE-2026-53435CVSS 8.8
In Jenkins 2.567 and earlier, LTS 2.555.2 and earlier, it is possible for attackers to have Jenkins deserialize...
CVE-2026-10795CVSS 8.1
The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to Authentication Bypass in all versions...
CVE-2026-11645
Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker...
CVE-2026-50751CVSS 9.3
A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows...
CVE-2026-20245CVSS 7.8
A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, local...