๐ฅ CVE-2026-41091 SolarFlare | Microsoft Defender LPE exploit. Low-privileged users gain NT AUTHORITY\SYSTEM via Cloud Files API + NTFS junction trickery. Forces Defender to write malicious payloads to System32 with SYSTEM rights. โ ๏ธ Actively exploited in wild. CVSS 7.8. Patch: Defender Engine 1.1.26040.8. ๐ก๏ธ Educational PoC only.
A local lab for studying, reproducing, and verifying the patch for CVE-2026-42208: an unauthenticated SQL injection in LiteLLM's API key authentication path.
Defensive lab validation and SOC detection guidance for CVE-2026-48907 in Joomla JCE <= 2.9.99.4, including Apache/Joomla/auditd telemetry, webshell artifacts, Sigma rules, MITRE ATT&CK mapping and mitigation recommendations.
A web version of the bash scripts wrote for Check Point CVE-2026-50751 and CVE-2026-50752. This uses a local server to scan and make changes using Check Point Web API
Root-Level RCE via OS Command Injection in Ivanti Sentry
A vulnerability in LiteSpeed cPanel Plugin before 2.4.8 and WHM Plugin before 5.3.2.0 mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS.
CVE-2026-20262 - Cisco Catalyst SD-WAN Manager Arbitrary File Write Path Traversal Vulnerability (CWE-22) - Authenticated Remote File Write
CVE-2026-48907 is a critical improper access control vulnerability in the JCE editor extension for Joomla. It allows unauthenticated attackers to create new editor profiles, which can ultimately lead to arbitrary PHP file upload and remote code execution on affected systems
Mass Scanner For Drupal Exploit CVE-2026-9082
CVE-2026-41940 exploitation proof-of-concept project
CVE-2026-50751 Mass Scanner
Safely detect whether a SolarWinds Serv-U host is vulnerable to CVE-2026-28318
Cisco Unified Communications Manager (Unified CM) deployments affected by CVE-2026-20230.