2026-07-12 01:27:57 UTC
live · 0 feeds · 0 degraded
sort: KEVCRITNEW
auto · no filters · all actual
▲ CRITICAL · KEV · 0DAY · last 7d 0 pinned
▶ EXPLOITS & POCs 9
3m ago ▶ EXP
🛠 Demonstrate remote code execution in Windows Notepad via markdown links exploiting unsecured URL protocols. HIGH POC
Demonstrate remote code execution in Windows Notepad via markdown links exploiting unsecured URL protocols.
github ·#CVE-2026-20841#Windows
4m ago ▶ EXP
🛠 Demonstrate remote code execution in Windows Notepad versions below 11.2510 using the CVE-2026-20841 proof of concept. HIGH POC
Demonstrate remote code execution in Windows Notepad versions below 11.2510 using the CVE-2026-20841 proof of concept.
github ·#CVE-2026-20841#Windows
18m ago ▶ EXP
🔍 Identify and understand the local privilege escalation vulnerability (CVE-2025-68921) in Nahimic audio software, impacting many gaming laptops. HIGH POC
Identify and understand the local privilege escalation vulnerability (CVE-2025-68921) in Nahimic audio software, impacting many gaming laptops.
github ·#CVE-2025-68921
32m ago ▶ EXP
Azure IoT Hub where exposure of an owner-level Shared Access Key enables unauthenticated remote code execution (RCE) against connected IoT devices. Proof-Of-Concept HIGH POC
Azure IoT Hub where exposure of an owner-level Shared Access Key enables unauthenticated remote code execution (RCE) against connected IoT devices.
github ·#CVE-2026-13768
2h ago ▶ EXP
Exploit CVE-2026-31431 on Linux using a Rust implementation to achieve local privilege escalation via an arbitrary page cache write primitive. HIGH POC
Exploit CVE-2026-31431 on Linux using a Rust implementation to achieve local privilege escalation via an arbitrary page cache write primitive.
github ·#CVE-2026-31431#Linux
4d ago ▶ EXP
[webapps] Krayin CRM v2.2.x - Authenticated Remote Code Execution HIGH
Exploit authenticated remote code execution in Krayin CRM v2.2.x.
exploit-db
1m ago ▶ EXP
Demonstrate a proof-of-concept exploit for CVE-2026-2441, a high-risk Chrome use-after-free vulnerability in the Blink CSS engine. POC
Demonstrate a proof-of-concept exploit for CVE-2026-2441, a high-risk Chrome use-after-free vulnerability in the Blink CSS engine.
github ·#CVE-2026-2441#Chrome
13m ago ▶ EXP
🚨 Exploit CVE-2026-24061, a critical remote authentication bypass in GNU inetutils-telnetd, for instant root shell access without authentication. POC
Exploit CVE-2026-24061, a critical remote authentication bypass in GNU inetutils-telnetd, for instant root shell access without authentication.
github ·#CVE-2026-24061
23m ago ▶ EXP
🛠 Exploit the CVE-2025-14847 vulnerability in MongoDB to disclose sensitive heap memory using a Python script that analyzes responses for new leaked data. POC
Exploit the CVE-2025-14847 vulnerability in MongoDB to disclose sensitive heap memory using a Python script that analyzes responses for new leaked data.
github ·#CVE-2025-14847#MongoDB#Python
◊ LABS & RESEARCH 9
12d ago ◇ LAB
Enterprise Tech In, Shell Out (Progress Kemp LoadMaster Uninitialized Heap to Pre-Auth RCE CVE-2026-8037) CRIT
Red teamers can find a list of Progress Kemp LoadMaster vulnerabilities to exploit.
watchTowr ·#CVE-2026-8037
1d ago ◇ LAB
CVE-2026-47291: Remote Code Execution in the Windows HTTP.sys HIGH
Exploiting the Windows HTTP.sys vulnerability can be used to gain unauthorized access or disrupt services.
ZDI ·#CVE-2026-47291#Windows
2d ago ◇ LAB
WolfSSL, GeoVision, VTK vulnerabilities HIGH
Vulnerabilities in WolfSSL, GeoVision, and VTK could be exploited for remote code execution.
Cisco Talos
4m ago ◇ LAB
reaction: A daemon that scans program outputs for repeated patterns, and takes action
A tool for detecting repeated patterns in program outputs could be used to evade detection by generating varied outputs.
Lobsters
2h ago ◇ LAB
VAR is ruining football 🫠
Understanding how VAR affects football can inform social engineering tactics to manipulate perceptions.
@campuscodi.risky.biz
9h ago ◇ LAB
Filing: Google urged the European Commission not to target DNS resolvers, VPNs, or IPs to fight piracy, calling the measures ineffective and easily circumvented (Ernesto Van der Sar/TorrentFreak) Main Link | Techmeme Permalink
Knowledge of ineffective anti-piracy measures can be used to evade detection by exploiting known vulnerabilities.
@techmeme.com
12h ago ◇ LAB
Shot/chaser
A shot/chaser tactic can be used to distract or disrupt an opponent's plans.
@shuadc.bsky.social
1d ago ◇ LAB
An update on the scraper situation
Understanding the scraper situation can inform tactics to evade detection or manipulate online data.
Lobsters
1d ago ◇ LAB
jpillora/chisel v1.11.8
Exploit a vulnerability in jpillora/chisel v1.11.8.
releases ·#chisel
☣ MALWARE 4
☣ RANSOM 5
★ NEWS 7
◈ PULSE & WATCH 24h
-24h-12hnow
#Fortinet 0
#Ivanti 0
#Citrix 1
#Chrome 1
#Kubernetes 0
#VMware 0
#OpenSSL 0
#Linux-Kernel 0