CVE-2026-41940 SUPPORT SINGLE & MASS SCAN EXPLOIT
CVE-2026-41940 SUPPORT SINGLE & MASS SCAN EXPLOIT
This repository contains a Proof-of-Concept (PoC) exploit for CVE-2026-41940, a critical authentication bypass vulnerability in cPanel & WHM. The vulnerability allows unauthenticated remote attackers to gain unauthorized access to the control panel by abusing flaws in the login flow.
High fidelity scanner for CVE-2026-41940 (cPanel & WHM authentication bypass)
CVE-2026-41940利用工具(go并发检测,python利用)
Post-Exploitation Session Validation Tool for CVE-2026-41940
CVE-2026-41940 latest cPanel & WHM 0day - 70 million websites are possible to expose by Chirag Artani
A spoofing vulnerability exists in Microsoft SharePoint Server due to improper input validation. An unauthenticated attacker can send a specially crafted HTTP request to inject malicious JavaScript (reflected XSS), which executes in the security context of the SharePoint site.
Threat hunting query for bluehammer CVE windows CVE-2026-33825
marimo is a reactive Python notebook. Prior to 0.23.0, Marimo has a Pre-Auth RCE vulnerability
Microsoft Defender XDR KQL detections for RedSun, BlueHammer, UnDefend, and CVE-2026-33825-related Defender abuse behaviors.
Fork of jfrog/go-dbmigrate with pgx/v5 upgrade (CVE-2026-32286)
A sophisticated, cross-platform exploit generator for **CVE-2026-34621** – a critical prototype pollution vulnerability in Adobe Acrobat and Reader that leads to sandbox escape and arbitrary code execution on Windows and macOS.
CVE-2026-39987: Marimo Python Notebook Pre-Auth RCE (CVSS 9.3). Python & Nmap NSE detection scripts. Missing authentication on /terminal/ws WebSocket endpoint gives attackers a full PTY shell without any credentials. Exploited in the wild within 10 hours of disclosure. Fixed in Marimo 0.23.0.
CVE-2026-34197: Apache ActiveMQ Classic RCE via Jolokia API (CVSS 8.8). Python & Nmap NSE detection scripts. A 13-year-old vulnerability allows remote code execution through the addNetworkConnector MBean operation. Unauthenticated on versions 6.0.0 to 6.1.1. Fixed in 5.19.4 and 6.2.3.