Login
Linux CVEs, more than you ever wanted to know
(kroah.com) by voxadam | view | 54 comments
FFmpeg Calls Google's AI Bug Reports "CVE Slop"
(itsfoss.com) by speckx | view | 0 comments
React2Shell (CVE-2025-55182/CVE-2025-66478)
(react2shell.com) by orkj | view | 3 comments
CVE-2025-55182: pre-auth remote code execution in React Server Components
(nvd.nist.gov) by janandonly | view | 0 comments
Red Hat Introduces Project Hummingbird focused on Cloud-Native Dev & "Zero-CVE"
(redhat.com) by boilerupnc | view | 1 comments
CVE-2025-50165: Critical Flaw in Windows Graphics Component
(zscaler.com) by galenelias | view | 0 comments
Runc container breakouts: CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881
(openwall.com) by eyberg | view | 0 comments
Original PoCs for React2Shell CVE-2025-55182
(github.com) by dbushell | view | 0 comments
High fidelity check for Next.js/RSC RCE (CVE-2025-55182 and CVE-2025-66478)
(slcyber.io) by infosecau | view | 0 comments
PoC for React RCE CVE-2025-55182
(github.com) by croemer | view | 1 comments
RunC vulnerabilities CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881
(seclists.org) by moebrowne | view | 0 comments
Discord won't fix the invisibility bypass CVE, so I made a PoC
(greasyfork.org) by xmrcat | view | 0 comments
New Vulnerability in n8n – CVE-2026-21858
(schneier.com) by 882542F3884314B | view | 0 comments
Ni8mare – Unauthenticated Remote Code Execution in N8n (CVE-2026-21858)
(cyera.com) by tamnd | view | 0 comments
POC for CVE-2025-55182 (react4shell)
(gist.github.com) by jimmyl02 | view | 0 comments
November CVEs Fell 25% YoY, Driven by Slowdowns at Major CNAs
(socket.dev) by feross | view | 0 comments
Some thoughts around Django SQL Injection CVE-2025-64459
(shivasurya.me) by shivasurya | view | 0 comments
ICS Advisory Project and EmberOT's ICS CVE Research: 2024-2025
(emberot.com) by TheWiggles | view | 0 comments
A Race Within a Race: Exploiting CVE-2025-38617 in Linux Packet Sockets
(blog.calif.io) by WalterSobchak | view | 0 comments
Free Exploit Development CTFs and Walkthroughs Based on Real CVEs
(zeropath.com) by NonStopOyster | view | 1 comments
Show HN: Live Vulnerability Intelligence Dashboard (Trending CVEs)
(leakycreds.com) by saynsec | view | 0 comments
TPM-Sniffing LUKS Keys on an Embedded Linux Device [CVE-2026-0714]
(cyloq.se) by Tiberium | view | 0 comments
Two RCEs in Unitree Go2 Robots (CVE-2026-27509 and CVE-2026-27510)
(boschko.ca) by Boschko | view | 0 comments
CVE-2026-2006 – PostgreSQL Out-of-cycle release
(wiki.postgresql.org) by krembo | view | 0 comments
Show HN: Live iOS 26.3 exploit detection (CVE-2026-20700) – Multi-region C2
(github.com) by JackCity | view | 0 comments
GLPI Agent: The "No-CVE" That Still Bought Us Domain Compromise Two Years Later
(labs.itresit.es) by Yippee-Ki-Yay | view | 0 comments
Terminal.shop – Unlimited Coffee: independent discovery of a 9.1 severity CVE
(blog.nortonweb.org) by OliverWich | view | 0 comments
CVE-2025-67736 FreePBX Authenticated SQL Injection Leads to RCE
(theyhack.me) by WeaklingOra | view | 0 comments
Behavioral NPM malware detection without CVEs
(westbayberry.com) by ComCat | view | 1 comments
Linux CVE Assignment Process
(kroah.com) by fanf2 | view | 0 comments
Bitwarden ignored serious CVEs reported 4 years ago
(reddit.com) by cromka | view | 1 comments
Zero-day CSS: CVE-2026-2441 exists in the wild
(chromereleases.googleblog.com) by idoxer | view | 0 comments
Every OpenClaw Security Incident, CVE, and Exploit in 2026
by dhayabaran | view | 0 comments
Linux CVE Assignment Process
(kroah.com) by LorenDB | view | 0 comments
An AI CVE scanner that adjusts CVSS scores based on actual code usage
(github.com) by izzymaroder | view | 0 comments
Disocver tech stacks for software developers
(techstack.sh) by harrypotterwish | view | 0 comments
NVD – CVE-2026-2070
(nvd.nist.gov) by janandonly | view | 0 comments
The hunt for zero-CVE container images
(thenewstack.io) by CrankyBear | view | 0 comments
CVE-2026-1529 – keycloak: unauthorized organization registration via improper I
(cvefeed.io) by todsacerdoti | view | 0 comments
Show HN: AI ships your code but can't fix the CVEs it creates
(emphere.com) by akapp | view | 0 comments
Show HN: CalcVerse – 500 calculators and tools, 100% client-side/private
(calc-verse.com) by zmam | view | 0 comments
Breaking Down CVE-2026-25049: How TypeScript Types Failed N8n's Security
(hetmehta.com) by rantingdemon | view | 0 comments
The Masked Namespace Vulnerability in Temporal CVE-2025-14986
(depthfirst.com) by bmit | view | 0 comments
CVE-2026-22039: How Kyverno's AuthZ Bypass Breaks Kubernetes Namespace Isolation
(minimus.io) by dimastopel | view | 0 comments
Nginx vulnerability CVE-2026-1642
(my.f5.com) by ericdiao | view | 0 comments
Incident CVE-2024-Yikes
(nesbitt.io) by robin_reala | view | 0 comments
Vulnerability Cve-2026-21509
(db.gcve.eu) by bensensen | view | 0 comments
Title: Just patched CVE-2026-21509? Here's why you're still exposed
(farathappsec.substack.com) by farathshba | view | 1 comments
Show HN: SBOMHub – Open-source SBoM dashboard with CVE tracking
(github.com) by y1uda | view | 0 comments
CVE-2026-23993: JWT authentication bypass in HarbourJwt via "unknown alg"
(pentesterlab.com) by lovedhacker | view | 0 comments