Exploit-DB.com RSS Feed

[local] Linux Kernel - Local Privilege Escalation

Wed, 27 May 2026 00:00:00 +0000

Linux Kernel - Local Privilege Escalation

[webapps] Casdoor 3.54.1 - Arbitrary File Write via Path Traversal

Wed, 27 May 2026 00:00:00 +0000

Casdoor 3.54.1 - Arbitrary File Write via Path Traversal

[webapps] EspoCRM 9.3.3 - SSRF

Wed, 27 May 2026 00:00:00 +0000

EspoCRM 9.3.3 - SSRF

[webapps] scramble - Remote Code Execution

Wed, 27 May 2026 00:00:00 +0000

scramble - Remote Code Execution

[hardware] MeiG Smart FORGE_SLT711 - OS Command Injection

Wed, 27 May 2026 00:00:00 +0000

MeiG Smart FORGE_SLT711 - OS Command Injection

[local] Realtek rtl819x - Local Privilege

Wed, 27 May 2026 00:00:00 +0000

Realtek rtl819x - Local Privilege

[webapps] OpenCATS 0.9.7.4 - SQL Injection

Wed, 27 May 2026 00:00:00 +0000

OpenCATS 0.9.7.4 - SQL Injection

[webapps] Grav CMS 2.0.0-beta.2 - Remote Code Execution

Tue, 26 May 2026 00:00:00 +0000

Grav CMS 2.0.0-beta.2 - Remote Code Execution

[webapps] Apache HTTP Server 2.4.66 - 'mod_http2' Double-Free Denial of Service

Tue, 26 May 2026 00:00:00 +0000

Apache HTTP Server 2.4.66 - 'mod_http2' Double-Free Denial of Service

[hardware] D-Link DSL2600U - 'rom-0' Admin Password Disclosure

Tue, 26 May 2026 00:00:00 +0000

D-Link DSL2600U - 'rom-0' Admin Password Disclosure

[webapps] Wordpress Temporary Login Plugin 1.0.0 - 'temp-login-token' Authentication Bypass to Account Takeover

Tue, 26 May 2026 00:00:00 +0000

Wordpress Temporary Login Plugin 1.0.0 - 'temp-login-token' Authentication Bypass to Account Takeover

[webapps] cPanel - CRLF Injection

Tue, 26 May 2026 00:00:00 +0000

cPanel - CRLF Injection

[local] Linux Kernel 6.8 - Local Privilege Escalation

Tue, 26 May 2026 00:00:00 +0000

Linux Kernel 6.8 - Local Privilege Escalation

[webapps] Cockpit 359 - RCE

Thu, 21 May 2026 00:00:00 +0000

Cockpit 359 - RCE

[webapps] BookStack 25.12.1 - Denial of Service

Thu, 21 May 2026 00:00:00 +0000

BookStack 25.12.1 - Denial of Service

[local] Lenovo LegionSpace 1.7.11.2 - 'DAService' Unquoted Service Path

Thu, 21 May 2026 00:00:00 +0000

Lenovo LegionSpace 1.7.11.2 - 'DAService' Unquoted Service Path

[webapps] solaredge - (CSRF-OOB-Injection)

Thu, 21 May 2026 00:00:00 +0000

solaredge - (CSRF-OOB-Injection)

[webapps] FUXA 1.2.9 - RCE

Thu, 21 May 2026 00:00:00 +0000

FUXA 1.2.9 - RCE

[local] Windows Snipping Tool - NTLMv2 Hash Hijack

Fri, 15 May 2026 00:00:00 +0000

Windows Snipping Tool - NTLMv2 Hash Hijack

[local] Remote Sunrise Helper for Windows 2026.14 - Unauthenticated File/Directory Listing

Fri, 15 May 2026 00:00:00 +0000

Remote Sunrise Helper for Windows 2026.14 - Unauthenticated File/Directory Listing

[local] Remote Sunrise Helper for Windows 2026.14 - Remote Code Execution

Fri, 15 May 2026 00:00:00 +0000

Remote Sunrise Helper for Windows 2026.14 - Remote Code Execution

[webapps] WordPress Plugin Supsystic Contact Form 1.7.36 - SSTI

Thu, 14 May 2026 00:00:00 +0000

WordPress Plugin Supsystic Contact Form 1.7.36 - SSTI

[webapps] Apache HertzBeat 1.8.0 - Remote Code Execution

Thu, 14 May 2026 00:00:00 +0000

Apache HertzBeat 1.8.0 - Remote Code Execution

[webapps] ePati Antikor NGFW 2.0.1301 - Authentication Bypass

Thu, 14 May 2026 00:00:00 +0000

ePati Antikor NGFW 2.0.1301 - Authentication Bypass

[webapps] PJPROJECT 2.16 - Heap Bufferoverflow

Thu, 14 May 2026 00:00:00 +0000

PJPROJECT 2.16 - Heap Bufferoverflow

[webapps] Ninja Forms Uploads - Unauthenticated PHP File Upload

Wed, 13 May 2026 00:00:00 +0000

Ninja Forms Uploads - Unauthenticated PHP File Upload

[webapps] glances 4.5.2 - command injection

Wed, 13 May 2026 00:00:00 +0000

glances 4.5.2 - command injection

[webapps] coreruleset 4.21.0 - Firewall Bypass

Wed, 13 May 2026 00:00:00 +0000

coreruleset 4.21.0 - Firewall Bypass

[webapps] Flowise < 3.0.5 - Missing Authentication for Critical Function

Wed, 13 May 2026 00:00:00 +0000

Flowise < 3.0.5 - Missing Authentication for Critical Function

[remote] telnetd 2.7 - Buffer Overflow

Thu, 07 May 2026 00:00:00 +0000

telnetd 2.7 - Buffer Overflow

[webapps] Ghost CMS 6.19.0 - SQLi

Thu, 07 May 2026 00:00:00 +0000

Ghost CMS 6.19.0 - SQLi

[webapps] LuaJIT 2.1.1774638290 - Arbitrary Code Execution

Thu, 07 May 2026 00:00:00 +0000

LuaJIT 2.1.1774638290 - Arbitrary Code Execution

[webapps] Bludit CMS 3.18.4 - RCE

Thu, 07 May 2026 00:00:00 +0000

Bludit CMS 3.18.4 - RCE

[local] NocoBase 2.0.27 - VM Sandbox Escape

Thu, 07 May 2026 00:00:00 +0000

NocoBase 2.0.27 - VM Sandbox Escape

[webapps] ThingsBoard IoT Platform 4.2.0 - Server-Side Request Forgery (SSRF)

Thu, 07 May 2026 00:00:00 +0000

ThingsBoard IoT Platform 4.2.0 - Server-Side Request Forgery (SSRF)

[local] Linux Kernel proc_readdir_de() 6.18-rc5 - Local Privilege Escalation

Mon, 04 May 2026 00:00:00 +0000

Linux Kernel proc_readdir_de() 6.18-rc5 - Local Privilege Escalation

[local] Linux nf_tables 6.19.3 - Local Privilege Escalation

Mon, 04 May 2026 00:00:00 +0000

Linux nf_tables 6.19.3 - Local Privilege Escalation

[hardware] Linksys E1200 2.0.04 - Authenticated Stack Buffer Overflow (RCE)

Mon, 04 May 2026 00:00:00 +0000

Linksys E1200 2.0.04 - Authenticated Stack Buffer Overflow (RCE)

[webapps] MindsDB 25.9.1.1 - Path Traversal

Mon, 04 May 2026 00:00:00 +0000

MindsDB 25.9.1.1 - Path Traversal

[local] Windows 11 24H2 - Local Privilege Escalation

Mon, 04 May 2026 00:00:00 +0000

Windows 11 24H2 - Local Privilege Escalation

[webapps] Traccar GPS Tracking System 6.11.1 - Cross-Site WebSocket Hijacking (CSWSH)

Mon, 04 May 2026 00:00:00 +0000

Traccar GPS Tracking System 6.11.1 - Cross-Site WebSocket Hijacking (CSWSH)

[webapps] FUXA 1.2.8 - Authentication Bypass + RCE Exploit