momo安全漏洞库

blaxkmiradev/CVE-2026-21847-Hardcoded-AES-Encryption-Key-in-DPDC-Customer-Portal

GitHub Repos/search blaxkmiradev/CVE-2026-21847-Hardcoded-AES-Encryption-Key-in-DPDC-Customer-Portal 发布时间 2026-04-25 入库 2026-04-25 19:42

language: Python

MAOGE555/shuidi

GitHub 开源项目 MAOGE555/shuidi 更新 2026-04-21 入库 2026-04-23 02:49

每周高级威胁情报解读(2026.04.10~04.16)

奇安信威胁情报中心信息发布时间 2026-04-17 入库 2026-04-17 14:57

APT37 通过 Facebook 发起的有针对性入侵活动；APT35组织在“史诗之怒”冲突前对目标进行系统性网络侦察；Storm-2755 针对加拿大雇员进行“Payroll pirate”攻击；在 npm 上追踪 OtterCookie 信息窃取活动；研究人员成功获取Kimsuky三阶段完整攻击载荷源码

sivaadityacoder/CVE-2026-22038

GitHub Repos/search sivaadityacoder/CVE-2026-22038 发布时间 2026-04-25 入库 2026-04-25 13:18

SmallGreyHUI/wukedunxing

GitHub 开源项目 SmallGreyHUI/wukedunxing 更新 2026-04-21 入库 2026-04-23 02:49

ISC Stormcast For Friday, April 17th, 2026 https://isc.sans.edu/podcastdetail/9896, (Fri, Apr 17th)

SANS Internet Storm Center 信息发布时间 2026-04-17 入库 2026-04-17 10:01

dinosn/pack2theroot-lab

GitHub Repos/search dinosn/pack2theroot-lab 发布时间 2026-04-25 入库 2026-04-25 11:32

CTF-style Docker lab for CVE-2026-41651 (Pack2TheRoot): PackageKit permissive-polkit local privilege escalation | language: Shell

XuanMuSec/rpc_endpoint_map

GitHub 开源项目 XuanMuSec/rpc_endpoint_map 更新 2026-04-21 入库 2026-04-23 02:49

Lumma Stealer infection with Sectop RAT (ArechClient2), (Fri, Apr 17th)

SANS Internet Storm Center 信息发布时间 2026-04-17 入库 2026-04-17 08:42

Introduction

Chromium: CVE-2026-6921 Race in GPU

Microsoft MSRC CVE-2026-6921 发布时间 2026-04-24 入库 2026-04-25 09:46

<p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for mo...

Fan-SecLab/Fan-SecLab.github.io

GitHub 开源项目 Fan-SecLab/Fan-SecLab.github.io 更新 2026-04-21 入库 2026-04-23 02:49

[Guest Diary] Compromised DVRs and Finding Them in the Wild, (Thu, Apr 16th)

SANS Internet Storm Center 信息发布时间 2026-04-16 入库 2026-04-16 08:28

&#;x26;#;x5b;This is a Guest Diary by Alec Jaffe, an ISC intern as part of the SANS.edu Bachelor&#;x26;#;39;s Degree in Applied Cybersecurity (BACS) program &#;x26;#;x5b;1].

Chromium: CVE-2026-6919 Use after free in DevTools

Microsoft MSRC CVE-2026-6919 发布时间 2026-04-24 入库 2026-04-25 09:46

<p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for mo...

kk12-30/Scan-X

GitHub 开源项目 kk12-30/Scan-X 更新 2026-04-21 入库 2026-04-23 02:49

无条件接管Nginx！Nginx-UI漏洞链发现在野利用

微步在线研究响应中心高危发布时间 2026-04-16 入库 2026-04-16 21:42

立即查看详情 →

Hann1bl3L3ct3r/FUXAPWN

GitHub Repos/search Hann1bl3L3ct3r/FUXAPWN 发布时间 2026-04-24 入库 2026-04-25 05:32

POC exploit for CVE-2026-25895 FUXA Unauthenticated Path Traversal -> Arbitrary File Write -> RCE | language: Python

Bu7terf1y/Bu-SubdomainX

GitHub 开源项目 Bu7terf1y/Bu-SubdomainX 更新 2026-04-21 入库 2026-04-23 02:49

CVE-2026-33032 深度分析：nginx-ui MCP端点认证绕过导致 Nginx 服务器完全接管

奇安信威胁情报中心中危 CVE-2026-33032 发布时间 2026-04-16 入库 2026-04-16 14:50

nginx-ui 项目（一个开源的基于 Web 的 Nginx 管理界面）被披露存在严重安全漏洞 CVE-2026-33032（CVSS 9.8），该漏洞已被野外积极利用。Pluto Security 安全研究人员将此漏洞命名为 MCPwn。

0xBlackash/CVE-2026-21962

GitHub Repos/search 0xBlackash/CVE-2026-21962 发布时间 2026-04-24 入库 2026-04-24 23:48

CVE-2026-21962 | language: Python

CN-big-cabbage/skill-promptfoo

GitHub 开源项目 CN-big-cabbage/skill-promptfoo 更新 2026-04-21 入库 2026-04-23 03:20

LLM 提示词测试、模型评估与红队安全扫描框架，通过声明式 YAML 配置驱动自动化评估流水线，支持 CI/CD 集成，被 OpenAI 和 Anthropic 内部使用 | stars: 0 | forks: 0 | updated 2026-04-21T09:05:10Z | pushed 2026-04-21T09:05:05Z

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution

CIS Advisories 中危发布时间 2026-04-16 入库 2026-04-18 10:53

<p>Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for ar...

Astaruf/CVE-2026-41653

GitHub Repos/search Astaruf/CVE-2026-41653 发布时间 2026-04-24 入库 2026-04-24 21:37

CVE-2026-41653 - BentoPDF <= 2.8.1 - Stored XSS → File Exfiltration

12211725-star/hospital-vuln-scanner-mcp-v1.1.0

GitHub 开源项目 12211725-star/hospital-vuln-scanner-mcp-v1.1.0 更新 2026-04-21 入库 2026-04-21 17:10

ISC Stormcast For Thursday, April 16th, 2026 https://isc.sans.edu/podcastdetail/9894, (Thu, Apr 16th)

SANS Internet Storm Center 信息发布时间 2026-04-16 入库 2026-04-16 10:27

baph00met/CVE-2026-41651

GitHub Repos/search baph00met/CVE-2026-41651 发布时间 2026-04-24 入库 2026-04-24 18:43

CVE-2026-41651 — PackageKit TOCTOU LPE | language: Python

huxiaoqiao/workspace-ips-maker

GitHub 开源项目 huxiaoqiao/workspace-ips-maker 更新 2026-04-21 入库 2026-04-21 14:05

stars: 0 | forks: 0 | updated 2026-04-21T04:58:40Z | pushed 2026-04-21T04:58:36Z

每日安全动态推送(26/4/15)

腾讯玄武实验室中危发布时间 2026-04-15 入库 2026-04-15 21:27

Codex 利用 World-Writable Novatek 驱动实现三星智能电视 Root；Strix AI 发现 etcd 严重认证绕过漏洞；特洛伊化的 CPU-Z 与 HWMonitor 通过 DLL 侧加载分发 STX RAT

tausifzaman/CVE-2026-3844

GitHub Repos/search 高危 tausifzaman/CVE-2026-3844 发布时间 2026-04-24 入库 2026-04-24 18:28

PoC exploit for CVE-2026-3844, a critical unauthenticated file upload vulnerability in the WordPress Breeze plugin leading to RCE. | topics: automation, cve, cve-2026-3844, exploit, hacking-script, hacking-tool, poc | la...

ZQ-Rookie-Hacker/myExploitServer

GitHub 开源项目 ZQ-Rookie-Hacker/myExploitServer 更新 2026-04-21 入库 2026-04-23 02:49

Apache Tomcat 远程代码执行漏洞，附漏洞自查方案

微步在线研究响应中心信息发布时间 2026-04-15 入库 2026-04-15 21:27

立即查看详情 →

momo安全漏洞库

威胁情报

漏洞监控

网安开源项目

威胁情报