momo安全漏洞库

多模块数据检索平台

登录 注册
Intelligence Digest

威胁情报

统一威胁情报视图,聚合漏洞监控、网安开源项目与官方源情报

共聚合 4731 条情报 漏洞监控 2952 / 网安开源项目 1545 / 威胁情报 234

漏洞监控

来自 GitHub Issues、仓库检索和关键词命中的 CVE / RCE / POC 动态。

2952总量

网安开源项目

优先展示中文安全团队维护的开源项目,兼顾工具落地场景和最近更新时间。

1545总量

威胁情报

来自 360、奇安信、斗象等官方站点的公开情报聚合。

234总量
AC8999/CVE-2026-29053
GitHub Repos/search AC8999/CVE-2026-29053 发布时间 2026-04-21 入库 2026-04-22 07:53
(RCE) vulnerability discovered in Ghost CMS (specifically affecting versions 0.7.2 through 6.19.0) | language: CSS
Gailtep/JAVA-dhxdasvrjp-GRA
GitHub 开源项目 Gailtep/JAVA-dhxdasvrjp-GRA 更新 2026-04-08 入库 2026-04-09 15:25
基于SpringBoot+Vue的实验报告系统 基于SpringBoot+Vue的java大学生校园线上招聘系统 基于SpringBoot+Vue的校外兼职教师考勤管理系统 基于SpringBoot+Vue的java基于云平台的信息安全攻防实训平台 基于SpringBoot+Vue的基于SpringBoot Vue的家具商城系统设计与实现 基于SpringBoot+Vue的校友录管理系统 基于SpringBoot+Vue的学生报名管理系...
Application Control Bypass for Data Exfiltration, (Tue, Mar 31st)
SANS Internet Storm Center 信息 发布时间 2026-03-31 入库 2026-03-31 16:17
In case of a cyber incident, most organizations fear more of data loss (via exfiltration) than regular data encryption because they have a good backup policy in place. If exfiltration happened, it means a total loss of c...
ynsmroztas/FortiSandbox-RCE-Exploit-CVE-2026-39808
GitHub Repos/search ynsmroztas/FortiSandbox-RCE-Exploit-CVE-2026-39808 发布时间 2026-04-21 入库 2026-04-22 06:28
FortiSandbox RCE Scanner — CVE-2026-39808 | language: Python
JiatongLin666/CTFLearningNotes
GitHub 开源项目 JiatongLin666/CTFLearningNotes 更新 2026-04-08 入库 2026-04-09 15:25
作为信息安全专业的学生,我开始尝试学习CTF(信息攻防比赛),尤其是其中的pwn方向。本仓库会存储一些例题、一些脚本,脚本上有我认真撰写的注释作为学习笔记。 | language: Python | stars: 1 | forks: 0 | updated 2026-04-08T15:23:04Z | pushed 2026-04-08T15:23:00Z
ISC Stormcast For Tuesday, March 31st, 2026 https://isc.sans.edu/podcastdetail/9872, (Tue, Mar 31st)
SANS Internet Storm Center 信息 发布时间 2026-03-31 入库 2026-03-31 13:17
PegasusMetaSec/Pegasus-CVE-2026-2754-Framework
GitHub Repos/search PegasusMetaSec/Pegasus-CVE-2026-2754-Framework- 发布时间 2026-04-21 入库 2026-04-22 03:09
34312038/JAVA-mufmdpqlde-34312038
GitHub 开源项目 34312038/JAVA-mufmdpqlde-34312038 更新 2026-04-08 入库 2026-04-09 15:25
基于SpringBoot+Vue的实验报告系统 基于SpringBoot+Vue的java大学生校园线上招聘系统 基于SpringBoot+Vue的校外兼职教师考勤管理系统 基于SpringBoot+Vue的java基于云平台的信息安全攻防实训平台 基于SpringBoot+Vue的基于SpringBoot Vue的家具商城系统设计与实现 基于SpringBoot+Vue的校友录管理系统 基于SpringBoot+Vue的学生报名管理系...
TeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Compromise, TeamPCP Runs Dual Ransomware Operations, and AstraZeneca Data Released, (Mon, Mar 30th)
SANS Internet Storm Center 信息 发布时间 2026-03-31 入库 2026-03-31 13:17
This is the fourth update to the TeamPCP supply chain campaign threat intelligence report,&#;x26;#;xc2;&#;x26;#;xa0;"When the Security Scanner Became the Weapon"&#;x26;#;xc2;&#;x26;#;xa0;(v3.0, March 25, 2026). Update 00...
ZeroPathAI/spinnaker-poc
GitHub Repos/search 低危 ZeroPathAI/spinnaker-poc 发布时间 2026-04-21 入库 2026-04-22 00:42
POCs for CVE-2026-32604 and CVE-2026-32613 which allow post-auth RCE and credential theft in Spinnaker | language: Python
hjnnjh/awesome-generative-recommendation
GitHub 开源项目 hjnnjh/awesome-generative-recommendation 更新 2026-04-07 入库 2026-04-08 06:23
A curated collection of papers on generative recommendation systems, covering semantic IDs, end-to-end generative retrieval, LLM-based recommendation, and industrial deployments. | stars: 0 | forks: 0 | updated 2026-04-0...
DShield (Cowrie) Honeypot Stats and When Sessions Disconnect, (Mon, Mar 30th)
SANS Internet Storm Center 信息 发布时间 2026-03-30 入库 2026-03-31 13:17
A lot of the information seen on DShield honeypots [1] is repeated bot traffic, especially when looking at the Cowrie [2] telnet and SSH sessions. However, how long a session lasts, how many commands are run per session ...
0xrixet/Craftcms-PoC-CVE-2026-31266
GitHub Repos/search 0xrixet/Craftcms-PoC-CVE-2026-31266 发布时间 2026-04-21 入库 2026-04-22 00:20
Security research on Craft CMS authentication mechanism | topics: craft-cms, cve-2026-31266, missing-authorization-check, poc, security
owl234/ARL_GO
GitHub 开源项目 owl234/ARL_GO 更新 2026-04-07 入库 2026-04-08 17:36
src资产管理漏洞扫描平台,子域名爆破,端口扫描,站点发现,目录扫描,爬虫,漏洞扫描 | language: Python | stars: 0 | forks: 0 | updated 2026-04-07T17:02:23Z | pushed 2026-04-07T17:01:37Z
每日安全动态推送(26/3/30)
腾讯玄武实验室 中危 发布时间 2026-03-30 入库 2026-03-31 13:17
Claude Chrome 扩展零点击 XSS 提示注入;TeamPCP 针对 LiteLLM 的供应链攻击事件;利用量纲分析识别 DeFi 逻辑漏洞
kaleth4/CVE-2026-33824
GitHub Repos/search kaleth4/CVE-2026-33824 发布时间 2026-04-21 入库 2026-04-21 23:32
lanyu66656/PanguSecurity
GitHub 开源项目 lanyu66656/PanguSecurity 更新 2026-04-07 入库 2026-04-15 14:06
盘古安全工具集 - 端口扫描器 + 渗透辅助工具 | stars: 0 | forks: 0 | updated 2026-04-07T15:24:29Z | pushed 2026-04-07T15:22:40Z
A Vulnerability in F5 Products Could Allow for Remote Code Execution
CIS Advisories 中危 发布时间 2026-03-30 入库 2026-03-31 13:17
<p>A vulnerability has been discovered in F5 Products that could allow for remote code execution. F5 BIG IP APM is an access policy management solution designed to enforce secure access to applications, APIs, and sensiti...
kaleth4/CVE-2026-20180
GitHub Repos/search kaleth4/CVE-2026-20180 发布时间 2026-04-21 入库 2026-04-21 23:25
dean2021/attack-framework
GitHub 开源项目 dean2021/attack-framework 更新 2026-04-07 入库 2026-04-11 05:25
面向 [MITRE ATT&CK](https://attack.mitre.org) 的结构化知识库与实践指南,涵盖威胁情报、检测分析、对手模拟(红队)与安全评估工程四条主线,并包含中文术语与分层(初/中/高成熟度)操作建议。 | stars: 0 | forks: 0 | updated 2026-04-07T11:20:43Z | pushed 2026-04-07T11:20:39Z
Multiple Vulnerabilities in NetScaler ADC and NetScaler Gateway Could Allow for Memory Overread
CIS Advisories 信息 发布时间 2026-03-30 入库 2026-03-31 13:17
<p>Multiple Vulnerabilities have been discovered in NetScaler ADC and NetScaler Gateway, the most severe of which could allow for memory overread.</p><p><br></p><ul><li>NetScaler ADC is a networking product that function...
0xBlackash/CVE-2026-25049
GitHub Repos/search 0xBlackash/CVE-2026-25049 发布时间 2026-04-21 入库 2026-04-21 20:58
CVE-2026-25049
GDUT-ADSec/ADCTF2024
GitHub 开源项目 GDUT-ADSec/ADCTF2024 更新 2026-04-07 入库 2026-04-09 15:25
广东工业大学 A&D 攻防工作室 ADCTF2025 题目源码 | language: Python | stars: 1 | forks: 0 | updated 2026-04-07T10:11:03Z | pushed 2026-04-07T08:36:12Z
ISC Stormcast For Monday, March 30th, 2026 https://isc.sans.edu/podcastdetail/9870, (Mon, Mar 30th)
SANS Internet Storm Center 信息 发布时间 2026-03-30 入库 2026-03-31 13:17
ASP.NET Core Elevation of Privilege Vulnerability
Microsoft MSRC CVE-2026-40372 发布时间 2026-04-21 入库 2026-04-22 03:25
Chengguixuan/vuln_scanner
GitHub 开源项目 Chengguixuan/vuln_scanner 更新 2026-04-07 入库 2026-04-07 21:09
Web漏洞扫描器 - 支持SQL注入、XSS、信息泄露检测 | language: Python | stars: 1 | forks: 0 | updated 2026-04-17T03:11:26Z | pushed 2026-04-07T09:32:31Z
TeamPCP Supply Chain Campaign: Update 003 - Operational Tempo Shift as Campaign Enters Monetization Phase With No New Compromises in 48 Hours, (Sat, Mar 28th)
SANS Internet Storm Center 信息 发布时间 2026-03-28 入库 2026-03-31 13:17
This is the third update to the TeamPCP supply chain campaign threat intelligence report, "When the Security Scanner Became the Weapon" (v3.0, March 25, 2026). Update 002 covered developments through March 27, including ...
wa6n3r/CVE-2026-35616
GitHub Repos/search wa6n3r/CVE-2026-35616 发布时间 2026-04-20 入库 2026-04-21 02:09
language: Python
SKY-lv/security-testing-agent
GitHub 开源项目 SKY-lv/security-testing-agent 更新 2026-04-07 入库 2026-04-07 14:38
安全测试Agent - 漏洞扫描/渗透测试/代码审计 | stars: 0 | forks: 0 | updated 2026-04-08T00:08:09Z | pushed 2026-04-08T00:08:04Z
每周勒索威胁摘要
奇安信病毒响应中心 信息 发布时间 2026-03-27 入库 2026-03-31 13:17
1. Qilin勒索团伙公布了新的受害者 2. Payload勒索团伙公布新的受害公司 3. Akira勒索团伙公布新的受害公司