CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-05-21 08:56:47 +02:00
Code Issues Packages Projects Releases Wiki Activity

Refresh KEV and EPSS pages for cleaner signal

Browse Source
This commit is contained in:
0xMarcio
2025-12-17 18:24:55 +01:00
parent 1ae3d7e711
commit 0f18fc5736
21 changed files with 14828 additions and 2663 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/api/v1/diff/2025-12-17.json
+238 -998
View File
File diff suppressed because it is too large Load Diff
docs/api/v1/diff/latest.json
+238 -998
View File
File diff suppressed because it is too large Load Diff
docs/api/v1/epss_top.json
+56
View File
@@ -14,6 +14,62 @@
"percentile": 0.9843,
"poc_count": 1,
"summary": "The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks ro..."
},
{
"cve": "CVE-2025-8489",
"epss": 0.43315,
"percentile": 0.97363,
"poc_count": 0,
"summary": ""
},
{
"cve": "CVE-2025-8426",
"epss": 0.3937,
"percentile": 0.97134,
"poc_count": 0,
"summary": ""
},
{
"cve": "CVE-2025-8518",
"epss": 0.33903,
"percentile": 0.96792,
"poc_count": 1,
"summary": "A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. The manipulation l..."
},
{
"cve": "CVE-2025-8868",
"epss": 0.17119,
"percentile": 0.94767,
"poc_count": 0,
"summary": ""
},
{
"cve": "CVE-2025-8730",
"epss": 0.11861,
"percentile": 0.93477,
"poc_count": 2,
"summary": "A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-c..."
},
{
"cve": "CVE-2025-7795",
"epss": 0.096,
"percentile": 0.92596,
"poc_count": 3,
"summary": "A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument pa..."
},
{
"cve": "CVE-2025-9090",
"epss": 0.08297,
"percentile": 0.91936,
"poc_count": 4,
"summary": "A vulnerability was identified in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection. It is possible..."
},
{
"cve": "CVE-2025-8085",
"epss": 0.07832,
"percentile": 0.91659,
"poc_count": 1,
"summary": "The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs."
}
]
}
docs/api/v1/joined_top.json
+56
View File
@@ -14,6 +14,62 @@
"percentile": 0.9843,
"poc_count": 1,
"summary": "The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks ro..."
},
{
"cve": "CVE-2025-8489",
"epss": 0.43315,
"percentile": 0.97363,
"poc_count": 0,
"summary": ""
},
{
"cve": "CVE-2025-8426",
"epss": 0.3937,
"percentile": 0.97134,
"poc_count": 0,
"summary": ""
},
{
"cve": "CVE-2025-8518",
"epss": 0.33903,
"percentile": 0.96792,
"poc_count": 1,
"summary": "A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. The manipulation l..."
},
{
"cve": "CVE-2025-8868",
"epss": 0.17119,
"percentile": 0.94767,
"poc_count": 0,
"summary": ""
},
{
"cve": "CVE-2025-8730",
"epss": 0.11861,
"percentile": 0.93477,
"poc_count": 2,
"summary": "A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-c..."
},
{
"cve": "CVE-2025-7795",
"epss": 0.096,
"percentile": 0.92596,
"poc_count": 3,
"summary": "A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument pa..."
},
{
"cve": "CVE-2025-9090",
"epss": 0.08297,
"percentile": 0.91936,
"poc_count": 4,
"summary": "A vulnerability was identified in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection. It is possible..."
},
{
"cve": "CVE-2025-8085",
"epss": 0.07832,
"percentile": 0.91659,
"poc_count": 1,
"summary": "The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs."
}
],
"kev_top": [
docs/api/v1/snapshots/2025-12-17.json
+56
View File
@@ -14,6 +14,62 @@
"percentile": 0.9843,
"poc_count": 1,
"summary": "The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks ro..."
},
{
"cve": "CVE-2025-8489",
"epss": 0.43315,
"percentile": 0.97363,
"poc_count": 0,
"summary": ""
},
{
"cve": "CVE-2025-8426",
"epss": 0.3937,
"percentile": 0.97134,
"poc_count": 0,
"summary": ""
},
{
"cve": "CVE-2025-8518",
"epss": 0.33903,
"percentile": 0.96792,
"poc_count": 1,
"summary": "A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. The manipulation l..."
},
{
"cve": "CVE-2025-8868",
"epss": 0.17119,
"percentile": 0.94767,
"poc_count": 0,
"summary": ""
},
{
"cve": "CVE-2025-8730",
"epss": 0.11861,
"percentile": 0.93477,
"poc_count": 2,
"summary": "A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-c..."
},
{
"cve": "CVE-2025-7795",
"epss": 0.096,
"percentile": 0.92596,
"poc_count": 3,
"summary": "A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument pa..."
},
{
"cve": "CVE-2025-9090",
"epss": 0.08297,
"percentile": 0.91936,
"poc_count": 4,
"summary": "A vulnerability was identified in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection. It is possible..."
},
{
"cve": "CVE-2025-8085",
"epss": 0.07832,
"percentile": 0.91659,
"poc_count": 1,
"summary": "The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs."
}
],
"kev_top": [
docs/cve/index.html
+3 -7
View File
@@ -10,12 +10,12 @@
<body>
<header class="site-header">
<div class="wrap">
<div class="brand"><a href="/">CVE PoC Hub</a><span>daily</span></div>
<div class="brand"><a href="/">CVE PoC Hub</a></div>
<nav>
<a href="/search/">PoC Search</a>
<a href="/kev/">KEV</a>
<a href="/epss/">EPSS</a>
<a href="/diffs/">Diffs</a>
<a href="/diffs/">New KEV</a>
</nav>
</div>
</header>
@@ -25,10 +25,6 @@
<h1 id="cve-title">Loading…</h1>
<p class="lede" id="cve-summary">Fetching CVE data.</p>
<div class="pill-row tight" id="cve-meta"></div>
<div class="search-meta">
<span>Data source: <code>/api/v1/cve/&lt;id&gt;.json</code></span>
<span>Fallback: <code>CVE_list.json</code></span>
</div>
</section>
<section class="section" id="cve-details" style="display:none;">
@@ -62,7 +58,7 @@
</main>
<footer class="site-footer">
<div class="wrap">
<span>Data via GitHub Actions + Trickest feed</span>
<span>Fast CVE triage without the noise.</span>
<span><a href="https://github.com/0xMarcio/cve">GitHub repo</a></span>
</div>
</footer>
docs/diffs/index.html
+182 -93
View File
@@ -3,115 +3,204 @@
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Diffs - CVE PoC Hub</title>
<title>CVE PoC Hub</title>
<link rel="stylesheet" href="/style.css" />
<script defer src="/assets/site.js"></script>
</head>
<body>
<body class="">
<header class="site-header">
<div class="wrap">
<div class="brand"><a href="/">CVE PoC Hub</a><span>daily</span></div>
<div class="brand"><a href="/">CVE PoC Hub</a></div>
<nav>
<a href="/search/">PoC Search</a>
<a href="/kev/">KEV</a>
<a href="/epss/">EPSS</a>
<a href="/diffs/">Diffs</a>
<a href="/diffs/">New KEV</a>
</nav>
</div>
</header>
<main class="wrap">
<section class="section">
<h1>Daily Diff</h1>
<p class="muted">Newest changes from <code>/api/v1/diff/latest.json</code>.</p>
</section>
<section class="section">
<h2>New KEV Entries</h2>
<div class="table-responsive">
<table class="list">
<thead><tr><th>CVE</th><th>Vendor</th><th>Product</th><th>Date Added</th></tr></thead>
<tbody id="diff-kev"></tbody>
</table>
</div>
</section>
<section class="section">
<h2>New High EPSS</h2>
<div class="table-responsive">
<table class="list">
<thead><tr><th>CVE</th><th>EPSS</th><th>Percentile</th></tr></thead>
<tbody id="diff-epss"></tbody>
</table>
</div>
</section>
<section class="section">
<h2>Biggest EPSS Movers</h2>
<div class="table-responsive">
<table class="list">
<thead><tr><th>CVE</th><th>Δ EPSS</th><th>Current</th></tr></thead>
<tbody id="diff-movers"></tbody>
</table>
</div>
</section>
<section class="section">
<div class="section-header">
<h1>New KEV entries</h1>
<span class="muted">Only the recent additions</span>
</div>
<div class="table-wrap">
<table>
<thead><tr><th>CVE</th><th>Vendor</th><th>Product</th><th>EPSS</th><th>Percentile</th><th>Date Added</th><th>Due</th></tr></thead>
<tbody>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-59718">CVE-2025-59718</a></td>
<td>Fortinet</td>
<td>Multiple Products</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-16</td>
<td>2025-12-23</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-14611">CVE-2025-14611</a></td>
<td>Gladinet</td>
<td>CentreStack and Triofox</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-15</td>
<td>2026-01-05</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-43529">CVE-2025-43529</a></td>
<td>Apple</td>
<td>Multiple Products</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-15</td>
<td>2026-01-05</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2018-4063">CVE-2018-4063</a></td>
<td>Sierra Wireless</td>
<td>AirLink ALEOS</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-12</td>
<td>2026-01-02</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-14174">CVE-2025-14174</a></td>
<td>Google</td>
<td>Chromium</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-12</td>
<td>2026-01-02</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-58360">CVE-2025-58360</a></td>
<td>OSGeo</td>
<td>GeoServer</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-11</td>
<td>2026-01-01</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-6218">CVE-2025-6218</a></td>
<td>RARLAB</td>
<td>WinRAR</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-09</td>
<td>2025-12-30</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-62221">CVE-2025-62221</a></td>
<td>Microsoft</td>
<td>Windows</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-09</td>
<td>2025-12-30</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2022-37055">CVE-2022-37055</a></td>
<td>D-Link</td>
<td>Routers</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-08</td>
<td>2025-12-29</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-66644">CVE-2025-66644</a></td>
<td>Array Networks</td>
<td>ArrayOS AG</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-08</td>
<td>2025-12-29</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-55182">CVE-2025-55182</a></td>
<td>Meta</td>
<td>React Server Components</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-05</td>
<td>2025-12-12</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2021-26828">CVE-2021-26828</a></td>
<td>OpenPLC</td>
<td>ScadaBR</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-03</td>
<td>2025-12-24</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-48572">CVE-2025-48572</a></td>
<td>Android</td>
<td>Framework</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-02</td>
<td>2025-12-23</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-48633">CVE-2025-48633</a></td>
<td>Android</td>
<td>Framework</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-02</td>
<td>2025-12-23</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2021-26829">CVE-2021-26829</a></td>
<td>OpenPLC</td>
<td>ScadaBR</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-11-28</td>
<td>2025-12-19</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-61757">CVE-2025-61757</a></td>
<td>Oracle</td>
<td>Fusion Middleware</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-11-21</td>
<td>2025-12-12</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-13223">CVE-2025-13223</a></td>
<td>Google</td>
<td>Chromium V8</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-11-19</td>
<td>2025-12-10</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-58034">CVE-2025-58034</a></td>
<td>Fortinet</td>
<td>FortiWeb</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-11-18</td>
<td>2025-11-25</td>
</tr>
</tbody>
</table>
</div>
</section>
</main>
<footer class="site-footer">
<div class="wrap">
<span>Data: CISA KEV, FIRST EPSS, community PoCs</span>
<span>Fast CVE triage without the noise.</span>
<span><a href="https://github.com/0xMarcio/cve">GitHub repo</a></span>
</div>
</footer>
<script>
function renderRows(target, rows, columns, emptyText) {
const el = document.getElementById(target);
if (!rows || rows.length === 0) {
el.innerHTML = `<tr><td colspan="${columns}" class="muted">${emptyText}</td></tr>`;
return;
}
el.innerHTML = rows.join("");
}
async function loadDiff() {
try {
const res = await fetch("/api/v1/diff/latest.json", { cache: "no-store" });
if (!res.ok) throw new Error("Failed to load diff");
const data = await res.json();
const kevRows = (data.new_kev_entries || []).map(row => `
<tr>
<td><a href="/cve/?id=${row.cve}">${row.cve}</a></td>
<td>${row.vendor || ""}</td>
<td>${row.product || ""}</td>
<td>${row.date_added || ""}</td>
</tr>
`);
renderRows("diff-kev", kevRows, 4, "No new KEV entries.");
const epssRows = (data.new_high_epss || []).map(row => `
<tr>
<td><a href="/cve/?id=${row.cve}">${row.cve}</a></td>
<td>${row.epss !== null && row.epss !== undefined ? row.epss.toFixed(3) : ""}</td>
<td>${row.percentile !== null && row.percentile !== undefined ? Math.round(row.percentile * 100) + "th" : ""}</td>
</tr>
`);
renderRows("diff-epss", epssRows, 3, "No new high EPSS items.");
const moverRows = (data.epss_movers || []).map(row => `
<tr>
<td><a href="/cve/?id=${row.cve}">${row.cve}</a></td>
<td>${row.delta !== undefined ? row.delta.toFixed(3) : ""}</td>
<td>${row.epss !== undefined ? row.epss.toFixed(3) : ""}</td>
</tr>
`);
renderRows("diff-movers", moverRows, 3, "No movers yet.");
} catch (err) {
console.error(err);
renderRows("diff-kev", [], 4, "Unable to load diff data.");
renderRows("diff-epss", [], 3, "Unable to load diff data.");
renderRows("diff-movers", [], 3, "Unable to load diff data.");
}
}
document.addEventListener("DOMContentLoaded", loadDiff);
</script>
<script defer src="/assets/site.js"></script>
</body>
</html>
</html>
docs/epss/index.html
+91 -42
View File
@@ -3,64 +3,113 @@
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>EPSS - CVE PoC Hub</title>
<title>CVE PoC Hub</title>
<link rel="stylesheet" href="/style.css" />
<script defer src="/assets/site.js"></script>
</head>
<body>
<body class="">
<header class="site-header">
<div class="wrap">
<div class="brand"><a href="/">CVE PoC Hub</a><span>daily</span></div>
<div class="brand"><a href="/">CVE PoC Hub</a></div>
<nav>
<a href="/search/">PoC Search</a>
<a href="/kev/">KEV</a>
<a href="/epss/">EPSS</a>
<a href="/diffs/">Diffs</a>
<a href="/diffs/">New KEV</a>
</nav>
</div>
</header>
<main class="wrap">
<section class="section">
<h1>EPSS highlights</h1>
<p class="muted">High-probability EPSS picks that are not in KEV. Data from <code>/api/v1/epss_top.json</code>.</p>
<input type="search" placeholder="Filter CVE" data-filter-table="epss-table" class="filter" />
<div class="table-responsive">
<table class="list" id="epss-table">
<thead><tr><th>CVE</th><th>EPSS</th><th>Percentile</th><th>PoCs</th><th>Description</th></tr></thead>
<tbody></tbody>
</table>
</div>
</section>
<section class="section">
<div class="section-header">
<h1>EPSS highlights</h1>
<span class="muted">High-probability CVEs that are not in KEV.</span>
</div>
<input type="search" placeholder="Filter CVE" data-filter-table="epss-table" class="filter" />
<div class="table-responsive">
<table class="list" id="epss-table">
<thead><tr><th>CVE</th><th>EPSS</th><th>Percentile</th><th>PoCs</th><th>Summary</th></tr></thead>
<tbody>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-9316">CVE-2025-9316</a></td>
<td>0.787</td>
<td>99th</td>
<td>0</td>
<td class="mono">No public description yet.</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8943">CVE-2025-8943</a></td>
<td>0.658</td>
<td>98th</td>
<td>1</td>
<td class="mono">The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to spin up local MCP Servers. However, Flowise&#39;s inherent authentication and authorization model is minimal and lacks ro...</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8489">CVE-2025-8489</a></td>
<td>0.433</td>
<td>97th</td>
<td>0</td>
<td class="mono">No public description yet.</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8426">CVE-2025-8426</a></td>
<td>0.394</td>
<td>97th</td>
<td>0</td>
<td class="mono">No public description yet.</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8518">CVE-2025-8518</a></td>
<td>0.339</td>
<td>97th</td>
<td>1</td>
<td class="mono">A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. The manipulation l...</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8868">CVE-2025-8868</a></td>
<td>0.171</td>
<td>95th</td>
<td>0</td>
<td class="mono">No public description yet.</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8730">CVE-2025-8730</a></td>
<td>0.119</td>
<td>93th</td>
<td>2</td>
<td class="mono">A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-c...</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-7795">CVE-2025-7795</a></td>
<td>0.096</td>
<td>93th</td>
<td>3</td>
<td class="mono">A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument pa...</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-9090">CVE-2025-9090</a></td>
<td>0.083</td>
<td>92th</td>
<td>4</td>
<td class="mono">A vulnerability was identified in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection. It is possible...</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8085">CVE-2025-8085</a></td>
<td>0.078</td>
<td>92th</td>
<td>1</td>
<td class="mono">The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs.</td>
</tr>
</tbody>
</table>
</div>
</section>
</main>
<footer class="site-footer">
<div class="wrap">
<span>Data: CISA KEV, FIRST EPSS, community PoCs</span>
<span>Fast CVE triage without the noise.</span>
<span><a href="https://github.com/0xMarcio/cve">GitHub repo</a></span>
</div>
</footer>
<script>
async function loadEpss() {
const tbody = document.querySelector("#epss-table tbody");
try {
const res = await fetch("/api/v1/epss_top.json", { cache: "no-store" });
if (!res.ok) throw new Error("Failed to load EPSS");
const data = await res.json();
const items = data.items || [];
tbody.innerHTML = items.map(row => `
<tr>
<td><a href="/cve/?id=${row.cve}">${row.cve}</a></td>
<td>${row.epss !== null && row.epss !== undefined ? row.epss.toFixed(3) : ""}</td>
<td>${row.percentile !== null && row.percentile !== undefined ? Math.round(row.percentile * 100) + "th" : ""}</td>
<td>${row.poc_count || 0}</td>
<td>${row.summary || ""}</td>
</tr>
`).join("");
} catch (err) {
console.error(err);
tbody.innerHTML = '<tr><td colspan="5" class="muted">Unable to load EPSS data.</td></tr>';
}
}
document.addEventListener("DOMContentLoaded", loadEpss);
</script>
<script defer src="/assets/site.js"></script>
</body>
</html>
</html>
docs/index.html
+359 -264
View File
@@ -6,55 +6,46 @@
<title>CVE PoC Hub</title>
<link rel="stylesheet" href="/style.css" />
<script defer src="/assets/site.js"></script>
<script defer src="/assets/home.js"></script>
</head>
<body class="color-no-search">
<header class="site-header">
<div class="wrap">
<div class="brand"><a href="/">CVE PoC Hub</a><span>daily</span></div>
<div class="brand"><a href="/">CVE PoC Hub</a></div>
<nav>
<a href="/search/">PoC Search</a>
<a href="/kev/">KEV</a>
<a href="/epss/">EPSS</a>
<a href="/diffs/">Diffs</a>
<a href="/diffs/">New KEV</a>
</nav>
</div>
</header>
<main class="wrap">
<section class="hero" data-search-root>
<p class="eyebrow">CVE PoC search &amp; intel</p>
<h1>Search PoCs, KEV, and EPSS in one place</h1>
<p class="lede">Pulls PoC references from <code>github.txt</code>, daily CVE descriptions, CISA KEV, and FIRST EPSS so you can quickly find relevant exploits or risk data.</p>
<div class="pill-row tight">
<span class="pill"><strong>Search</strong> CVE, vendor, product, or keyword</span>
<span class="pill">Negative terms supported (<strong>-windows</strong>)</span>
<span class="pill">Links out to MITRE + PoC repos</span>
<span class="pill">Nightly GitHub Action refresh</span>
<section class="hero hero-signal" data-search-root>
<div class="hero-meta">
<p class="eyebrow">Signal-first</p>
<h1>Search PoCs, KEV, and EPSS without the clutter</h1>
<p class="lede">Built for fast triage. One page, no badges, no filler.</p>
</div>
<form class="searchForm" action="#">
<input type="text" class="search" placeholder="Search CVE, vendor, product, or keyword" autocomplete="off">
</form>
<div class="search-meta">
<span>Loads from <code>CVE_list.json</code></span>
<span>Updated daily</span>
<span>Max 10k results for performance</span>
<div class="stat-row">
<div class="stat"><strong>1478</strong><span>KEV entries tracked</span></div>
<div class="stat"><strong>10</strong><span>High-EPSS not in KEV</span></div>
<div class="stat"><strong>18</strong><span>New KEV in last 30 days</span></div>
</div>
<div class="search-results" data-results style="display:none">
<div class="header">
<h2>Results</h2>
<span class="muted">Fast monospace table for quick scanning</span>
<span class="muted">Filter with negative terms (e.g., -windows)</span>
</div>
<div class="noResults">No results yet.</div>
<div class="results-table hide">
<table class="results">
<thead>
<tr>
<td width="18%">
CVE
</td>
<td>
Description / PoC links
</td>
<td width="18%">CVE</td>
<td>Description / PoC links</td>
</tr>
</thead>
<tbody class="results"></tbody>
@@ -64,260 +55,177 @@
</section>
<section class="section">
<h1>KEV with high EPSS</h1>
<p class="muted">KEV items that also carry high EPSS probability.</p>
<div class="card-grid" id="kev-grid">
<article class="card">
<div class="card-title"><a href="/cve/?id=CVE-2025-9242">CVE-2025-9242</a></div>
<div class="card-meta">EPSS 0.744 • 99th pct</div>
<p>No description.</p>
<div class="badge">WatchGuard</div>
<div class="badge">Firebox</div>
</article>
<article class="card">
<div class="card-title"><a href="/cve/?id=CVE-2025-7775">CVE-2025-7775</a></div>
<div class="card-meta">EPSS 0.174 • 95th pct</div>
<p>Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) o...</p>
<div class="badge">Citrix</div>
<div class="badge">NetScaler</div>
</article>
<article class="card">
<div class="card-title"><a href="/cve/?id=CVE-2025-9377">CVE-2025-9377</a></div>
<div class="card-meta">EPSS 0.146 • 94th pct</div>
<p>The authenticated remote command execution (RCE) vulnerability exists in the Parental Control page on TP-Link Archer C7(EU) V2 and TL-WR841N/ND(MS) V9.This issue affects Archer C7(EU) V2: before 241108 and TL-WR841N/N...</p>
<div class="badge">TP-Link</div>
<div class="badge">Multiple Routers</div>
</article>
<article class="card">
<div class="card-title"><a href="/cve/?id=CVE-2025-8876">CVE-2025-8876</a></div>
<div class="card-meta">EPSS 0.139 • 94th pct</div>
<p>Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This issue affects N-central: before 2025.3.1.</p>
<div class="badge">N-able</div>
<div class="badge">N-Central</div>
</article>
<article class="card">
<div class="card-title"><a href="/cve/?id=CVE-2025-8875">CVE-2025-8875</a></div>
<div class="card-meta">EPSS 0.051 • 89th pct</div>
<p>Deserialization of Untrusted Data vulnerability in N-able N-central allows Local Execution of Code.This issue affects N-central: before 2025.3.1.</p>
<div class="badge">N-able</div>
<div class="badge">N-Central</div>
</article>
<article class="card">
<div class="card-title"><a href="/cve/?id=CVE-2025-8088">CVE-2025-8088</a></div>
<div class="card-meta">EPSS 0.032 • 86th pct</div>
<p>A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovere...</p>
<div class="badge">RARLAB</div>
<div class="badge">WinRAR</div>
</article>
<article class="card">
<div class="card-title"><a href="/cve/?id=CVE-2002-0367">CVE-2002-0367</a></div>
<div class="card-meta">EPSS 0.000 • 0th pct</div>
<p>smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a...</p>
<div class="badge">Microsoft</div>
<div class="badge">Windows</div>
</article>
<article class="card">
<div class="card-title"><a href="/cve/?id=CVE-2004-0210">CVE-2004-0210</a></div>
<div class="card-meta">EPSS 0.000 • 0th pct</div>
<p>The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overflow.</p>
<div class="badge">Microsoft</div>
<div class="badge">Windows</div>
</article>
<article class="card">
<div class="card-title"><a href="/cve/?id=CVE-2004-1464">CVE-2004-1464</a></div>
<div class="card-meta">EPSS 0.000 • 0th pct</div>
<p>Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.</p>
<div class="badge">Cisco</div>
<div class="badge">IOS</div>
</article>
<article class="card">
<div class="card-title"><a href="/cve/?id=CVE-2005-2773">CVE-2005-2773</a></div>
<div class="card-meta">EPSS 0.000 • 0th pct</div>
<p>HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl...</p>
<div class="badge">Hewlett Packard (HP)</div>
<div class="badge">OpenView Network Node Manager</div>
</article>
<article class="card">
<div class="card-title"><a href="/cve/?id=CVE-2006-1547">CVE-2006-1547</a></div>
<div class="card-meta">EPSS 0.000 • 0th pct</div>
<p>ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references t...</p>
<div class="badge">Apache</div>
<div class="badge">Struts 1</div>
</article>
<article class="card">
<div class="card-title"><a href="/cve/?id=CVE-2006-2492">CVE-2006-2492</a></div>
<div class="card-meta">EPSS 0.000 • 0th pct</div>
<p>Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, Office 2003 Sp1 and SP2, and Microsoft Works Suites through 2006, allows user-assisted attackers to execute arbitrary code via a malformed object po...</p>
<div class="badge">Microsoft</div>
<div class="badge">Word</div>
</article>
<article class="card">
<div class="card-title"><a href="/cve/?id=CVE-2007-0671">CVE-2007-0671</a></div>
<div class="card-meta">EPSS 0.000 • 0th pct</div>
<p>Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonst...</p>
<div class="badge">Microsoft</div>
<div class="badge">Office</div>
</article>
<article class="card">
<div class="card-title"><a href="/cve/?id=CVE-2007-3010">CVE-2007-3010</a></div>
<div class="card-meta">EPSS 0.000 • 0th pct</div>
<p>masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the user parameter during...</p>
<div class="badge">Alcatel</div>
<div class="badge">OmniPCX Enterprise</div>
</article>
<article class="card">
<div class="card-title"><a href="/cve/?id=CVE-2007-5659">CVE-2007-5659</a></div>
<div class="card-meta">EPSS 0.000 • 0th pct</div>
<p>Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. NOTE: this issue might be...</p>
<div class="badge">Adobe</div>
<div class="badge">Acrobat and Reader</div>
</article>
<div class="section-header">
<h1>Latest KEV additions</h1>
<span class="muted">Last 30 days</span>
</div>
</section>
<section class="section">
<h1>EPSS picks not in KEV</h1>
<p class="muted">High-probability EPSS items that are not yet in the KEV list.</p>
<div class="card-grid" id="epss-grid">
<article class="card">
<div class="card-title"><a href="/cve/?id=CVE-2025-9316">CVE-2025-9316</a></div>
<div class="card-meta">EPSS 0.787 • 99th pct</div>
<p>No description.</p>
</article>
<article class="card">
<div class="card-title"><a href="/cve/?id=CVE-2025-8943">CVE-2025-8943</a></div>
<div class="card-meta">EPSS 0.658 • 98th pct</div>
<p>The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to spin up local MCP Servers. However, Flowise&#39;s inherent authentication and authorization model is minimal and lacks ro...</p>
</article>
</div>
</section>
<section class="section">
<h1>Trending PoCs</h1>
<p class="muted">Fresh GitHub PoCs by stars and recency.</p>
<div class="table-responsive">
<table class="list" id="trending-table">
<thead><tr><th>Stars</th><th>Updated</th><th>Name</th><th>Description</th></tr></thead>
<div class="table-wrap">
<table>
<thead>
<tr><th>CVE</th><th>Vendor</th><th>Product</th><th>EPSS</th><th>Percentile</th><th>Date Added</th><th>Due</th></tr>
</thead>
<tbody>
<tr>
<td>1241</td>
<td>2 hours ago </td>
<td><a href="https://github.com/msanft/CVE-2025-55182" target="_blank">CVE-2025-55182</a></td>
<td>Explanation and full RCE PoC for CVE-2025-55182 </td>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-59718">CVE-2025-59718</a></td>
<td>Fortinet</td>
<td>Multiple Products</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-16</td>
<td>2025-12-23</td>
</tr>
<tr>
<td>775</td>
<td>3 hours ago </td>
<td><a href="https://github.com/ejpir/CVE-2025-55182-research" target="_blank">CVE-2025-55182-research</a></td>
<td>CVE-2025-55182 POC </td>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-14611">CVE-2025-14611</a></td>
<td>Gladinet</td>
<td>CentreStack and Triofox</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-15</td>
<td>2026-01-05</td>
</tr>
<tr>
<td>495</td>
<td>8 days ago </td>
<td><a href="https://github.com/WyAtu/CVE-2018-20250" target="_blank">CVE-2018-20250</a></td>
<td>exp for https://research.checkpoint.com/extracting-code-execution-from-winrar </td>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-43529">CVE-2025-43529</a></td>
<td>Apple</td>
<td>Multiple Products</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-15</td>
<td>2026-01-05</td>
</tr>
<tr>
<td>607</td>
<td>20 hours ago </td>
<td><a href="https://github.com/mverschu/CVE-2025-33073" target="_blank">CVE-2025-33073</a></td>
<td>PoC Exploit for the NTLM reflection SMB flaw. </td>
<td class="cve-cell"><a href="/cve/?id=CVE-2018-4063">CVE-2018-4063</a></td>
<td>Sierra Wireless</td>
<td>AirLink ALEOS</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-12</td>
<td>2026-01-02</td>
</tr>
<tr>
<td>496</td>
<td>4 days ago </td>
<td><a href="https://github.com/pr0v3rbs/CVE-2025-32463_chwoot" target="_blank">CVE-2025-32463_chwoot</a></td>
<td>Escalation of Privilege to the root through sudo binary with chroot option. CVE-2025-32463 </td>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-14174">CVE-2025-14174</a></td>
<td>Google</td>
<td>Chromium</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-12</td>
<td>2026-01-02</td>
</tr>
<tr>
<td>419</td>
<td>5 hours ago </td>
<td><a href="https://github.com/kh4sh3i/CVE-2025-32463" target="_blank">CVE-2025-32463</a></td>
<td>Local Privilege Escalation to Root via Sudo chroot in Linux </td>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-58360">CVE-2025-58360</a></td>
<td>OSGeo</td>
<td>GeoServer</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-11</td>
<td>2026-01-01</td>
</tr>
<tr>
<td>305</td>
<td>1 day ago </td>
<td><a href="https://github.com/soltanali0/CVE-2025-53770-Exploit" target="_blank">CVE-2025-53770-Exploit</a></td>
<td>SharePoint WebPart Injection Exploit Tool </td>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-6218">CVE-2025-6218</a></td>
<td>RARLAB</td>
<td>WinRAR</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-09</td>
<td>2025-12-30</td>
</tr>
<tr>
<td>289</td>
<td>4 hours ago </td>
<td><a href="https://github.com/emredavut/CVE-2025-55182" target="_blank">CVE-2025-55182</a></td>
<td>RSC/Next.js RCE Vulnerability Detector &amp; PoC Chrome Extension CVE-2025-55182 &amp; CVE-2025-66478 </td>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-62221">CVE-2025-62221</a></td>
<td>Microsoft</td>
<td>Windows</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-09</td>
<td>2025-12-30</td>
</tr>
<tr>
<td>901</td>
<td>1 hour ago </td>
<td><a href="https://github.com/lachlan2k/React2Shell-CVE-2025-55182-original-poc" target="_blank">React2Shell-CVE-2025-55182-original-poc</a></td>
<td>Original Proof-of-Concepts for React2Shell CVE-2025-55182 </td>
<td class="cve-cell"><a href="/cve/?id=CVE-2022-37055">CVE-2022-37055</a></td>
<td>D-Link</td>
<td>Routers</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-08</td>
<td>2025-12-29</td>
</tr>
<tr>
<td>386</td>
<td>4 days ago </td>
<td><a href="https://github.com/0x6rss/CVE-2025-24071_PoC" target="_blank">CVE-2025-24071_PoC</a></td>
<td>CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File </td>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-66644">CVE-2025-66644</a></td>
<td>Array Networks</td>
<td>ArrayOS AG</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-08</td>
<td>2025-12-29</td>
</tr>
<tr>
<td>207</td>
<td>1 day ago </td>
<td><a href="https://github.com/leesh3288/CVE-2025-32023" target="_blank">CVE-2025-32023</a></td>
<td>PoC &amp; Exploit for CVE-2025-32023 / PlaidCTF 2025 &#34;Zerodeo&#34; </td>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-55182">CVE-2025-55182</a></td>
<td>Meta</td>
<td>React Server Components</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-05</td>
<td>2025-12-12</td>
</tr>
<tr>
<td>396</td>
<td>6 days ago </td>
<td><a href="https://github.com/yuuouu/ColorOS-CVE-2025-10184" target="_blank">ColorOS-CVE-2025-10184</a></td>
<td>ColorOS短信漏洞,以及用户自救方案 </td>
<td class="cve-cell"><a href="/cve/?id=CVE-2021-26828">CVE-2021-26828</a></td>
<td>OpenPLC</td>
<td>ScadaBR</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-03</td>
<td>2025-12-24</td>
</tr>
<tr>
<td>180</td>
<td>6 days ago </td>
<td><a href="https://github.com/absholi7ly/POC-CVE-2025-24813" target="_blank">POC-CVE-2025-24813</a></td>
<td>his repository contains an automated Proof of Concept (PoC) script for exploiting **CVE-2025-24813**, a Remote Code Execution (RCE) vulnerability in Apache Tomcat. The vulnerability allows an attacker to upload a malicious serialized payload to the server, leading to arbitrary code execution via deserialization when specific conditions are met. </td>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-48572">CVE-2025-48572</a></td>
<td>Android</td>
<td>Framework</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-02</td>
<td>2025-12-23</td>
</tr>
<tr>
<td>256</td>
<td>15 minutes ago </td>
<td><a href="https://github.com/zack0x01/CVE-2025-55182-advanced-scanner-" target="_blank">CVE-2025-55182-advanced-scanner-</a></td>
<td></td>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-48633">CVE-2025-48633</a></td>
<td>Android</td>
<td>Framework</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-02</td>
<td>2025-12-23</td>
</tr>
<tr>
<td>357</td>
<td>1 hour ago </td>
<td><a href="https://github.com/Malayke/Next.js-RSC-RCE-Scanner-CVE-2025-66478" target="_blank">Next.js-RSC-RCE-Scanner-CVE-2025-66478</a></td>
<td>A command-line scanner for batch detection of Next.js application versions and determining if they are affected by CVE-2025-66478 vulnerability. </td>
<td class="cve-cell"><a href="/cve/?id=CVE-2021-26829">CVE-2021-26829</a></td>
<td>OpenPLC</td>
<td>ScadaBR</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-11-28</td>
<td>2025-12-19</td>
</tr>
<tr>
<td>198</td>
<td>4 days ago </td>
<td><a href="https://github.com/ThumpBo/CVE-2025-30208-EXP" target="_blank">CVE-2025-30208-EXP</a></td>
<td>CVE-2025-30208-EXP </td>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-61757">CVE-2025-61757</a></td>
<td>Oracle</td>
<td>Fusion Middleware</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-11-21</td>
<td>2025-12-12</td>
</tr>
<tr>
<td>73</td>
<td>6 days ago </td>
<td><a href="https://github.com/4daysday/cve-2025-8088" target="_blank">cve-2025-8088</a></td>
<td>Path traversal tool based on cve-2025-8088 </td>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-13223">CVE-2025-13223</a></td>
<td>Google</td>
<td>Chromium V8</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-11-19</td>
<td>2025-12-10</td>
</tr>
<tr>
<td>163</td>
<td>1 day ago </td>
<td><a href="https://github.com/ZeroMemoryEx/CVE-2025-26125" target="_blank">CVE-2025-26125</a></td>
<td>( 0day ) Local Privilege Escalation in IObit Malware Fighter </td>
</tr>
<tr>
<td>153</td>
<td>8 days ago </td>
<td><a href="https://github.com/hoefler02/CVE-2025-21756" target="_blank">CVE-2025-21756</a></td>
<td>Exploit for CVE-2025-21756 for Linux kernel 6.6.75. My first linux kernel exploit! </td>
</tr>
<tr>
<td>136</td>
<td>27 days ago </td>
<td><a href="https://github.com/platsecurity/CVE-2025-32433" target="_blank">CVE-2025-32433</a></td>
<td>CVE-2025-32433 https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2 </td>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-58034">CVE-2025-58034</a></td>
<td>Fortinet</td>
<td>FortiWeb</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-11-18</td>
<td>2025-11-25</td>
</tr>
</tbody>
</table>
@@ -325,29 +233,217 @@
</section>
<section class="section">
<h1>Changes since yesterday</h1>
<p class="muted">Quick snapshot of the latest diffs in the feeds.</p>
<div class="table-responsive">
<table class="list">
<thead><tr><th>Type</th><th>Count</th><th>Examples</th></tr></thead>
<tbody id="diff-table-body">
<div class="section-header">
<h1>High EPSS not in KEV</h1>
<span class="muted">Sorted by score</span>
</div>
<div class="table-wrap">
<table>
<thead><tr><th>CVE</th><th>EPSS</th><th>Percentile</th><th>PoCs</th><th>Summary</th></tr></thead>
<tbody>
<tr>
<td>New KEV entries</td>
<td>75</td>
<td>
<a href="/cve/?id=CVE-2025-9242">CVE-2025-9242</a>, <a href="/cve/?id=CVE-2025-7775">CVE-2025-7775</a>, <a href="/cve/?id=CVE-2025-9377">CVE-2025-9377</a>, <a href="/cve/?id=CVE-2025-8876">CVE-2025-8876</a>, <a href="/cve/?id=CVE-2025-8875">CVE-2025-8875</a> </td>
</tr>
<tr>
<td>New high EPSS</td>
<td>2</td>
<td>
<a href="/cve/?id=CVE-2025-9316">CVE-2025-9316</a>, <a href="/cve/?id=CVE-2025-8943">CVE-2025-8943</a> </td>
</tr>
<tr>
<td>Top EPSS movers</td>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-9316">CVE-2025-9316</a></td>
<td>0.787</td>
<td>99th</td>
<td>0</td>
<td>
None </td>
<td class="mono">No public description yet.</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8943">CVE-2025-8943</a></td>
<td>0.658</td>
<td>98th</td>
<td>1</td>
<td class="mono">The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to spin up local MCP Servers. However, Flowise&#39;s inherent authentication and authorization model is minimal and lacks ro...</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8489">CVE-2025-8489</a></td>
<td>0.433</td>
<td>97th</td>
<td>0</td>
<td class="mono">No public description yet.</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8426">CVE-2025-8426</a></td>
<td>0.394</td>
<td>97th</td>
<td>0</td>
<td class="mono">No public description yet.</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8518">CVE-2025-8518</a></td>
<td>0.339</td>
<td>97th</td>
<td>1</td>
<td class="mono">A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. The manipulation l...</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8868">CVE-2025-8868</a></td>
<td>0.171</td>
<td>95th</td>
<td>0</td>
<td class="mono">No public description yet.</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8730">CVE-2025-8730</a></td>
<td>0.119</td>
<td>93th</td>
<td>2</td>
<td class="mono">A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-c...</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-7795">CVE-2025-7795</a></td>
<td>0.096</td>
<td>93th</td>
<td>3</td>
<td class="mono">A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument pa...</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-9090">CVE-2025-9090</a></td>
<td>0.083</td>
<td>92th</td>
<td>4</td>
<td class="mono">A vulnerability was identified in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection. It is possible...</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8085">CVE-2025-8085</a></td>
<td>0.078</td>
<td>92th</td>
<td>1</td>
<td class="mono">The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs.</td>
</tr>
</tbody>
</table>
</div>
</section>
<section class="section">
<div class="section-header">
<h1>Fresh PoCs</h1>
<span class="muted">Recent GitHub movement</span>
</div>
<div class="table-wrap">
<table>
<thead><tr><th>Stars</th><th>Updated</th><th>Name</th><th>Description</th></tr></thead>
<tbody>
<tr>
<td>1241</td>
<td>2 hours ago </td>
<td><a href="https://github.com/msanft/CVE-2025-55182" target="_blank">CVE-2025-55182</a></td>
<td class="mono">Explanation and full RCE PoC for CVE-2025-55182 </td>
</tr>
<tr>
<td>775</td>
<td>3 hours ago </td>
<td><a href="https://github.com/ejpir/CVE-2025-55182-research" target="_blank">CVE-2025-55182-research</a></td>
<td class="mono">CVE-2025-55182 POC </td>
</tr>
<tr>
<td>495</td>
<td>8 days ago </td>
<td><a href="https://github.com/WyAtu/CVE-2018-20250" target="_blank">CVE-2018-20250</a></td>
<td class="mono">exp for https://research.checkpoint.com/extracting-code-execution-from-winrar </td>
</tr>
<tr>
<td>607</td>
<td>20 hours ago </td>
<td><a href="https://github.com/mverschu/CVE-2025-33073" target="_blank">CVE-2025-33073</a></td>
<td class="mono">PoC Exploit for the NTLM reflection SMB flaw. </td>
</tr>
<tr>
<td>496</td>
<td>4 days ago </td>
<td><a href="https://github.com/pr0v3rbs/CVE-2025-32463_chwoot" target="_blank">CVE-2025-32463_chwoot</a></td>
<td class="mono">Escalation of Privilege to the root through sudo binary with chroot option. CVE-2025-32463 </td>
</tr>
<tr>
<td>419</td>
<td>5 hours ago </td>
<td><a href="https://github.com/kh4sh3i/CVE-2025-32463" target="_blank">CVE-2025-32463</a></td>
<td class="mono">Local Privilege Escalation to Root via Sudo chroot in Linux </td>
</tr>
<tr>
<td>305</td>
<td>1 day ago </td>
<td><a href="https://github.com/soltanali0/CVE-2025-53770-Exploit" target="_blank">CVE-2025-53770-Exploit</a></td>
<td class="mono">SharePoint WebPart Injection Exploit Tool </td>
</tr>
<tr>
<td>289</td>
<td>4 hours ago </td>
<td><a href="https://github.com/emredavut/CVE-2025-55182" target="_blank">CVE-2025-55182</a></td>
<td class="mono">RSC/Next.js RCE Vulnerability Detector &amp; PoC Chrome Extension CVE-2025-55182 &amp; CVE-2025-66478 </td>
</tr>
<tr>
<td>901</td>
<td>1 hour ago </td>
<td><a href="https://github.com/lachlan2k/React2Shell-CVE-2025-55182-original-poc" target="_blank">React2Shell-CVE-2025-55182-original-poc</a></td>
<td class="mono">Original Proof-of-Concepts for React2Shell CVE-2025-55182 </td>
</tr>
<tr>
<td>386</td>
<td>4 days ago </td>
<td><a href="https://github.com/0x6rss/CVE-2025-24071_PoC" target="_blank">CVE-2025-24071_PoC</a></td>
<td class="mono">CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File </td>
</tr>
<tr>
<td>207</td>
<td>1 day ago </td>
<td><a href="https://github.com/leesh3288/CVE-2025-32023" target="_blank">CVE-2025-32023</a></td>
<td class="mono">PoC &amp; Exploit for CVE-2025-32023 / PlaidCTF 2025 &#34;Zerodeo&#34; </td>
</tr>
<tr>
<td>396</td>
<td>6 days ago </td>
<td><a href="https://github.com/yuuouu/ColorOS-CVE-2025-10184" target="_blank">ColorOS-CVE-2025-10184</a></td>
<td class="mono">ColorOS短信漏洞,以及用户自救方案 </td>
</tr>
<tr>
<td>180</td>
<td>6 days ago </td>
<td><a href="https://github.com/absholi7ly/POC-CVE-2025-24813" target="_blank">POC-CVE-2025-24813</a></td>
<td class="mono">his repository contains an automated Proof of Concept (PoC) script for exploiting **CVE-2025-24813**, a Remote Code Execution (RCE) vulnerability in Apache Tomcat. The vulnerability allows an attacker to upload a malicious serialized payload to the server, leading to arbitrary code execution via deserialization when specific conditions are met. </td>
</tr>
<tr>
<td>256</td>
<td>15 minutes ago </td>
<td><a href="https://github.com/zack0x01/CVE-2025-55182-advanced-scanner-" target="_blank">CVE-2025-55182-advanced-scanner-</a></td>
<td class="mono"></td>
</tr>
<tr>
<td>357</td>
<td>1 hour ago </td>
<td><a href="https://github.com/Malayke/Next.js-RSC-RCE-Scanner-CVE-2025-66478" target="_blank">Next.js-RSC-RCE-Scanner-CVE-2025-66478</a></td>
<td class="mono">A command-line scanner for batch detection of Next.js application versions and determining if they are affected by CVE-2025-66478 vulnerability. </td>
</tr>
<tr>
<td>198</td>
<td>4 days ago </td>
<td><a href="https://github.com/ThumpBo/CVE-2025-30208-EXP" target="_blank">CVE-2025-30208-EXP</a></td>
<td class="mono">CVE-2025-30208-EXP </td>
</tr>
<tr>
<td>73</td>
<td>6 days ago </td>
<td><a href="https://github.com/4daysday/cve-2025-8088" target="_blank">cve-2025-8088</a></td>
<td class="mono">Path traversal tool based on cve-2025-8088 </td>
</tr>
<tr>
<td>163</td>
<td>1 day ago </td>
<td><a href="https://github.com/ZeroMemoryEx/CVE-2025-26125" target="_blank">CVE-2025-26125</a></td>
<td class="mono">( 0day ) Local Privilege Escalation in IObit Malware Fighter </td>
</tr>
<tr>
<td>153</td>
<td>8 days ago </td>
<td><a href="https://github.com/hoefler02/CVE-2025-21756" target="_blank">CVE-2025-21756</a></td>
<td class="mono">Exploit for CVE-2025-21756 for Linux kernel 6.6.75. My first linux kernel exploit! </td>
</tr>
<tr>
<td>136</td>
<td>27 days ago </td>
<td><a href="https://github.com/platsecurity/CVE-2025-32433" target="_blank">CVE-2025-32433</a></td>
<td class="mono">CVE-2025-32433 https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2 </td>
</tr>
</tbody>
</table>
@@ -356,11 +452,10 @@ None </td>
</main>
<footer class="site-footer">
<div class="wrap">
<span>Updated 2025-12-17</span>
<span>Data: CISA KEV, FIRST EPSS, community PoCs</span>
<span>Fast CVE triage without the noise.</span>
<span><a href="https://github.com/0xMarcio/cve">GitHub repo</a></span>
</div>
</footer>
<script src="/logic.js"></script>
</body>
</html>
</html>
docs/kev/index.html
+13325 -46
View File
File diff suppressed because it is too large Load Diff
docs/search/index.html
+2 -6
View File
@@ -10,12 +10,12 @@
<body class="color-no-search">
<header class="site-header">
<div class="wrap">
<div class="brand"><a href="/">CVE PoC Hub</a><span>daily</span></div>
<div class="brand"><a href="/">CVE PoC Hub</a></div>
<nav>
<a href="/search/">PoC Search</a>
<a href="/kev/">KEV</a>
<a href="/epss/">EPSS</a>
<a href="/diffs/">Diffs</a>
<a href="/diffs/">New KEV</a>
</nav>
</div>
</header>
@@ -33,10 +33,6 @@
<form class="searchForm" action="#">
<input type="text" class="search" placeholder="Search CVE, vendor, product, or keyword" autocomplete="off">
</form>
<div class="search-meta">
<span>Loads from <code>CVE_list.json</code></span>
<span>Updated daily via GitHub Actions</span>
</div>
<div class="search-results" data-results style="display:none">
<div class="header">
<h2>Results</h2>
docs/style.css
+40 -32
View File
@@ -1,19 +1,19 @@
@import url("https://fonts.googleapis.com/css2?family=Space+Grotesk:wght@400;500;600;700&family=JetBrains+Mono:wght@400;600&display=swap");
@import url("https://fonts.googleapis.com/css2?family=Sora:wght@400;500;600;700&family=IBM+Plex+Mono:wght@400;600&display=swap");
:root {
--bg: #0b1021;
--bg-2: #0f172a;
--bg: #04060f;
--bg-2: #0a0f24;
--panel: rgba(255, 255, 255, 0.04);
--panel-strong: rgba(255, 255, 255, 0.08);
--text: #e9edf5;
--muted: #9bb0d3;
--panel-strong: rgba(255, 255, 255, 0.1);
--text: #e7ecf5;
--muted: #94a3c7;
--border: rgba(255, 255, 255, 0.08);
--border-strong: rgba(255, 255, 255, 0.15);
--accent: #7ee0ff;
--accent-2: #b097ff;
--border-strong: rgba(255, 255, 255, 0.16);
--accent: #7af0c1;
--accent-2: #6fb3ff;
--danger: #ff8a8a;
--success: #6ee7b7;
font-family: 'Space Grotesk', 'JetBrains Mono', system-ui, -apple-system, sans-serif;
--success: #7ee0ff;
font-family: 'Sora', 'IBM Plex Mono', system-ui, -apple-system, sans-serif;
}
* { box-sizing: border-box; }
@@ -21,11 +21,11 @@
body {
margin: 0;
min-height: 100vh;
background: radial-gradient(circle at 20% 20%, rgba(126, 224, 255, 0.1), transparent 25%),
radial-gradient(circle at 80% 0%, rgba(176, 151, 255, 0.1), transparent 20%),
linear-gradient(145deg, var(--bg) 0%, #0a152b 40%, #090f1c 100%);
background: radial-gradient(circle at 18% 20%, rgba(122, 240, 193, 0.08), transparent 26%),
radial-gradient(circle at 82% 12%, rgba(111, 179, 255, 0.12), transparent 22%),
linear-gradient(130deg, #04060f 0%, #070d1c 55%, #040712 100%);
color: var(--text);
font-family: 'Space Grotesk', 'JetBrains Mono', system-ui, -apple-system, sans-serif;
font-family: 'Sora', 'IBM Plex Mono', system-ui, -apple-system, sans-serif;
line-height: 1.6;
overflow-x: hidden;
transition: background 0.6s ease;
@@ -93,11 +93,11 @@ main { padding-top: 1.5rem; }
.hero {
display: grid;
gap: 1rem;
padding: 1.5rem;
padding: 1.25rem 1.25rem 1.5rem;
border-radius: 18px;
background: linear-gradient(145deg, rgba(126, 224, 255, 0.08), rgba(176, 151, 255, 0.08));
background: linear-gradient(150deg, rgba(122, 240, 193, 0.08), rgba(111, 179, 255, 0.08));
border: 1px solid var(--border-strong);
box-shadow: 0 30px 80px rgba(0,0,0,0.35);
box-shadow: 0 24px 70px rgba(0,0,0,0.4);
position: relative;
overflow: hidden;
}
@@ -105,11 +105,16 @@ main { padding-top: 1.5rem; }
content: '';
position: absolute;
inset: 0;
background: radial-gradient(circle at 80% 20%, rgba(126,224,255,0.14), transparent 35%),
radial-gradient(circle at 10% 90%, rgba(176,151,255,0.12), transparent 30%);
background: radial-gradient(circle at 78% 18%, rgba(111,179,255,0.14), transparent 36%),
radial-gradient(circle at 14% 86%, rgba(122,240,193,0.15), transparent 34%);
pointer-events: none;
}
.hero > * { position: relative; z-index: 1; }
.hero-signal {
background: linear-gradient(135deg, rgba(8, 15, 32, 0.95) 0%, rgba(6, 12, 26, 0.9) 65%);
border: 1px solid var(--border);
}
.hero-meta { display: grid; gap: 0.25rem; }
.hero .eyebrow {
text-transform: uppercase;
letter-spacing: 0.08em;
@@ -118,20 +123,15 @@ main { padding-top: 1.5rem; }
margin: 0;
}
.hero h1 {
margin: 0.2rem 0 0.3rem;
font-size: clamp(2.1rem, 4vw, 2.8rem);
letter-spacing: -0.02em;
margin: 0.2rem 0 0.2rem;
font-size: clamp(2.2rem, 4vw, 2.9rem);
letter-spacing: -0.03em;
color: #fff;
}
.hero .lede {
margin: 0 0 0.8rem;
color: var(--muted);
max-width: 780px;
}
.hero .pill-row {
display: flex;
flex-wrap: wrap;
gap: 0.4rem;
max-width: 820px;
}
.pill {
display: inline-flex;
@@ -155,10 +155,10 @@ main { padding-top: 1.5rem; }
padding: 1.1rem 1.25rem;
border-radius: 14px;
border: 1px solid var(--border-strong);
background: rgba(6, 10, 22, 0.8);
background: rgba(6, 10, 22, 0.9);
color: #fff;
font-size: 1.05rem;
font-family: 'JetBrains Mono', monospace;
font-family: 'IBM Plex Mono', monospace;
outline: none;
box-shadow: inset 0 0 0 1px rgba(126, 224, 255, 0.05), 0 16px 32px rgba(0,0,0,0.35);
}
@@ -216,7 +216,7 @@ main { padding-top: 1.5rem; }
overflow-wrap: anywhere;
}
.search-results table.results td.desc {
font-family: 'JetBrains Mono', monospace;
font-family: 'IBM Plex Mono', monospace;
font-size: 0.95rem;
white-space: normal;
word-break: break-word;
@@ -341,11 +341,17 @@ main { padding-top: 1.5rem; }
grid-template-columns: repeat(auto-fit, minmax(220px, 1fr));
gap: 0.75rem;
}
.stat-row {
display: flex;
gap: 0.75rem;
flex-wrap: wrap;
}
.stat {
padding: 0.75rem 0.9rem;
border-radius: 12px;
background: rgba(255,255,255,0.04);
border: 1px solid var(--border);
min-width: 180px;
}
.stat strong { display: block; color: #fff; font-size: 1.2rem; }
.stat span { color: var(--muted); font-size: 0.9rem; }
@@ -406,6 +412,8 @@ main { padding-top: 1.5rem; }
text-align: left;
}
.table-wrap th { background: rgba(255,255,255,0.03); color: var(--muted); }
.cve-cell a { white-space: nowrap; font-variant-numeric: tabular-nums; }
.mono { font-family: 'IBM Plex Mono', monospace; color: #c7d2ea; font-size: 0.95rem; }
@media screen and (max-width: 720px) {
nav { gap: 0.35rem; }
scripts/build_diffs.py
+32 -4
View File
@@ -8,8 +8,9 @@ from typing import Dict, List, Tuple
from utils import API_DIR, SNAPSHOT_DIR, ensure_dirs, load_json, save_json
DEFAULT_LOOKBACK_DAYS = 14
DEFAULT_HIGH_EPSS_THRESHOLD = 0.5
DEFAULT_HIGH_EPSS_THRESHOLD = 0.05
DEFAULT_MAX_MOVERS = 50
DEFAULT_RECENT_KEV_DAYS = 30
def parse_date(date_str: str) -> date:
@@ -42,7 +43,31 @@ def compute_epss_movers(prev_epss: Dict[str, Dict], curr_epss: Dict[str, Dict],
return deltas[:max_items]
def build_diff(snapshots: List[Path], *, threshold: float, max_movers: int) -> Tuple[Dict, Path | None]:
def filter_recent_kev(kev_items: List[Dict], *, recent_days: int) -> List[Dict]:
cutoff = datetime.utcnow().date() - timedelta(days=recent_days)
fresh: List[Tuple[date, Dict]] = []
for row in kev_items:
date_str = row.get("date_added") or row.get("dateAdded")
if not date_str:
continue
try:
added = parse_date(date_str)
except ValueError:
continue
if added >= cutoff:
fresh.append((added, row))
fresh.sort(key=lambda item: (item[0], item[1].get("percentile") or 0), reverse=True)
return [row for _, row in fresh]
def build_diff(
snapshots: List[Path],
kev_full: List[Dict] | None = None,
*,
threshold: float,
max_movers: int,
recent_days: int,
) -> Tuple[Dict, Path | None]:
if not snapshots:
return {}, None
latest_path = snapshots[-1]
@@ -62,9 +87,11 @@ def build_diff(snapshots: List[Path], *, threshold: float, max_movers: int) -> T
curr_epss_lookup = {row["cve"]: row for row in latest.get("high_epss", [])}
epss_movers = compute_epss_movers(prev_epss_lookup, curr_epss_lookup, max_movers)
kev_recent = filter_recent_kev(kev_full or latest.get("kev_top", []), recent_days=recent_days)
diff_outputs = {
"generated": latest_date,
"new_kev_entries": kev_diff["new"],
"new_kev_entries": kev_recent,
"removed_kev_entries": kev_diff["removed"],
"new_high_epss": [row for row in high_epss_diff["new"] if (row.get("epss") or 0) >= threshold],
"removed_high_epss": high_epss_diff["removed"],
@@ -93,11 +120,12 @@ def main() -> int:
parser.add_argument("--threshold", type=float, default=DEFAULT_HIGH_EPSS_THRESHOLD, help="High EPSs minimum threshold")
parser.add_argument("--lookback", type=int, default=DEFAULT_LOOKBACK_DAYS, help="How many days of snapshots to keep")
parser.add_argument("--max-movers", type=int, default=DEFAULT_MAX_MOVERS, help="Max EPSs movers to keep")
parser.add_argument("--recent-days", type=int, default=DEFAULT_RECENT_KEV_DAYS, help="Days of KEV entries to surface as new")
args = parser.parse_args()
ensure_dirs(SNAPSHOT_DIR)
snapshots = sorted(SNAPSHOT_DIR.glob("*.json"))
diff, target = build_diff(snapshots, threshold=args.threshold, max_movers=args.max_movers)
diff, target = build_diff(snapshots, kev_full=None, threshold=args.threshold, max_movers=args.max_movers, recent_days=args.recent_days)
if target:
print(f"Wrote diff to {target}")
else:
scripts/build_joined.py
+40 -22
View File
@@ -22,8 +22,8 @@ KEV_PATH = DATA_DIR / "kev.json"
EPSS_PATH = DATA_DIR / "epss.json"
DEFAULT_TOP_KEV = 75
DEFAULT_HIGH_EPSS_LIMIT = 250
DEFAULT_HIGH_EPSS_THRESHOLD = 0.5
DEFAULT_HIGH_EPSS_LIMIT = 50
DEFAULT_HIGH_EPSS_THRESHOLD = 0.05
def load_inputs(kev_path: Path, epss_path: Path) -> Tuple[Dict, Dict]:
@@ -72,26 +72,44 @@ def build_high_epss_not_in_kev(
threshold: float,
limit: int,
) -> List[Dict]:
output: List[Dict] = []
for row in epss_items:
cve = row.get("cve", "").upper()
if not cve or cve in kev_set:
continue
epss_score = row.get("epss") or 0.0
if epss_score < threshold:
continue
poc_count = len(poc_index.get(cve, {}).get("poc", []))
output.append(
{
"cve": cve,
"epss": row.get("epss"),
"percentile": row.get("percentile"),
"poc_count": poc_count,
}
)
if len(output) >= limit:
break
return output
ranked = sorted(
(
row
for row in epss_items
if row.get("cve")
and row.get("cve", "").upper() not in kev_set
and (row.get("epss") is not None)
),
key=lambda row: (-float(row.get("epss") or 0), row.get("cve", "")),
)
def build_rows(source: List[Dict]) -> List[Dict]:
output: List[Dict] = []
for row in source:
cve = row.get("cve", "").upper()
if not cve:
continue
epss_score = row.get("epss") or 0.0
if epss_score < threshold:
continue
poc_count = len(poc_index.get(cve, {}).get("poc", []))
output.append(
{
"cve": cve,
"epss": row.get("epss"),
"percentile": row.get("percentile"),
"poc_count": poc_count,
}
)
if len(output) >= limit:
break
return output
rows = build_rows(ranked)
if not rows and threshold > 0:
# If the threshold is too strict for a given day, fall back to the top ranked set.
rows = build_rows([dict(row, epss=row.get("epss", 0) or 0) for row in ranked[:limit]])
return rows
def build_cve_details(
scripts/build_site.py
+14 -2
View File
@@ -60,9 +60,15 @@ def build_pages(env: Environment, data: Dict, diff: Dict | None = None, html_mod
details = data["details"]
vendors = data["vendors"]
trending = parse_trending_from_readme(README_PATH)
recent_kev = (diff or {}).get("new_kev_entries") or []
metrics = {
"kev_total": len(data["kev_enriched"]),
"high_epss_count": len(joined["high_epss"]),
"recent_kev_count": len(recent_kev),
}
if html_mode in {"summary", "all"}:
common_ctx = {"generated": joined["generated"]}
common_ctx = {"generated": joined["generated"], "metrics": metrics, "recent_kev": recent_kev}
render(
env,
"index.html",
@@ -99,7 +105,13 @@ def main() -> int:
# snapshot + diff before rendering so dashboard can show it
snapshot_path = write_snapshot(data["joined"])
snapshots = sorted((API_DIR / "snapshots").glob("*.json"))
diff, target = build_diff(snapshots, threshold=0.5, max_movers=50)
diff, target = build_diff(
snapshots,
kev_full=data["kev_enriched"],
threshold=0.05,
max_movers=50,
recent_days=30,
)
prune_snapshots(snapshots, lookback_days=14)
if args.html_mode != "none":
templates/base.html
+3 -4
View File
@@ -10,12 +10,12 @@
<body class="{{ body_class or '' }}">
<header class="site-header">
<div class="wrap">
<div class="brand"><a href="/">CVE PoC Hub</a><span>daily</span></div>
<div class="brand"><a href="/">CVE PoC Hub</a></div>
<nav>
<a href="/search/">PoC Search</a>
<a href="/kev/">KEV</a>
<a href="/epss/">EPSS</a>
<a href="/diffs/">Diffs</a>
<a href="/diffs/">New KEV</a>
</nav>
</div>
</header>
@@ -24,8 +24,7 @@
</main>
<footer class="site-footer">
<div class="wrap">
<span>Updated {{ generated or '' }}</span>
<span>Data: CISA KEV, FIRST EPSS, community PoCs</span>
<span>Fast CVE triage without the noise.</span>
<span><a href="https://github.com/0xMarcio/cve">GitHub repo</a></span>
</div>
</footer>
templates/diffs.html
+12 -47
View File
@@ -1,60 +1,25 @@
{% extends "base.html" %}
{% block content %}
<section class="section">
<h1>Daily Diff</h1>
<p class="muted">Comparing the latest snapshot to the previous one.</p>
</section>
<section class="section">
<h2>New KEV Entries</h2>
<div class="table-responsive">
<table class="list">
<thead><tr><th>CVE</th><th>Vendor</th><th>Product</th><th>Date Added</th></tr></thead>
<div class="section-header">
<h1>New KEV entries</h1>
<span class="muted">Only the recent additions</span>
</div>
<div class="table-wrap">
<table>
<thead><tr><th>CVE</th><th>Vendor</th><th>Product</th><th>EPSS</th><th>Percentile</th><th>Date Added</th><th>Due</th></tr></thead>
<tbody>
{% for row in diff.new_kev_entries or [] %}
{% for row in recent_kev %}
<tr>
<td><a href="/cve/?id={{ row.cve }}">{{ row.cve }}</a></td>
<td class="cve-cell"><a href="/cve/?id={{ row.cve }}">{{ row.cve }}</a></td>
<td>{{ row.vendor }}</td>
<td>{{ row.product }}</td>
<td>{{ row.date_added }}</td>
</tr>
{% else %}<tr><td colspan="4">No new KEV entries.</td></tr>{% endfor %}
</tbody>
</table>
</div>
</section>
<section class="section">
<h2>New High EPSS</h2>
<div class="table-responsive">
<table class="list">
<thead><tr><th>CVE</th><th>EPSS</th><th>Percentile</th></tr></thead>
<tbody>
{% for row in diff.new_high_epss or [] %}
<tr>
<td><a href="/cve/?id={{ row.cve }}">{{ row.cve }}</a></td>
<td>{{ '%.3f'|format(row.epss or 0) }}</td>
<td>{{ '%2.0f'|format((row.percentile or 0)*100) }}th</td>
<td>{{ row.date_added }}</td>
<td>{{ row.due_date or '—' }}</td>
</tr>
{% else %}<tr><td colspan="3">No new high EPSS items.</td></tr>{% endfor %}
</tbody>
</table>
</div>
</section>
<section class="section">
<h2>Biggest EPSS Movers</h2>
<div class="table-responsive">
<table class="list">
<thead><tr><th>CVE</th><th>Δ EPSS</th><th>Current</th></tr></thead>
<tbody>
{% for row in diff.epss_movers or [] %}
<tr>
<td><a href="/cve/?id={{ row.cve }}">{{ row.cve }}</a></td>
<td>{{ '%.3f'|format(row.delta) }}</td>
<td>{{ '%.3f'|format(row.epss or 0) }}</td>
</tr>
{% else %}<tr><td colspan="3">No movers yet.</td></tr>{% endfor %}
{% else %}<tr><td colspan="7">No fresh KEV entries in the last 30 days.</td></tr>{% endfor %}
</tbody>
</table>
</div>
templates/epss.html
+7 -4
View File
@@ -1,19 +1,22 @@
{% extends "base.html" %}
{% block content %}
<section class="section">
<h1>EPSS highlights</h1>
<p class="muted">High-probability EPSS picks that are not already in KEV. Use the filter to zero in on vendors or products.</p>
<div class="section-header">
<h1>EPSS highlights</h1>
<span class="muted">High-probability CVEs that are not in KEV.</span>
</div>
<input type="search" placeholder="Filter CVE" data-filter-table="epss-table" class="filter" />
<div class="table-responsive">
<table class="list" id="epss-table">
<thead><tr><th>CVE</th><th>EPSS</th><th>Percentile</th><th>PoCs</th></tr></thead>
<thead><tr><th>CVE</th><th>EPSS</th><th>Percentile</th><th>PoCs</th><th>Summary</th></tr></thead>
<tbody>
{% for row in epss %}
<tr>
<td><a href="/cve/?id={{ row.cve }}">{{ row.cve }}</a></td>
<td class="cve-cell"><a href="/cve/?id={{ row.cve }}">{{ row.cve }}</a></td>
<td>{{ '%.3f'|format(row.epss or 0) }}</td>
<td>{{ '%2.0f'|format((row.percentile or 0)*100) }}th</td>
<td>{{ row.poc_count }}</td>
<td class="mono">{{ row.summary or 'No public description yet.' }}</td>
</tr>
{% endfor %}
</tbody>
templates/index.html
+66 -87
View File
@@ -1,40 +1,32 @@
{% extends "base.html" %}
{% set body_class = "color-no-search" %}
{% block content %}
<section class="hero" data-search-root>
<p class="eyebrow">CVE PoC search &amp; intel</p>
<h1>Search PoCs, KEV, and EPSS in one place</h1>
<p class="lede">Pulls PoC references from <code>github.txt</code>, daily CVE descriptions, CISA KEV, and FIRST EPSS so you can quickly find relevant exploits or risk data.</p>
<div class="pill-row tight">
<span class="pill"><strong>Search</strong> CVE, vendor, product, or keyword</span>
<span class="pill">Negative terms supported (<strong>-windows</strong>)</span>
<span class="pill">Links out to MITRE + PoC repos</span>
<span class="pill">Nightly GitHub Action refresh</span>
<section class="hero hero-signal" data-search-root>
<div class="hero-meta">
<p class="eyebrow">Signal-first</p>
<h1>Search PoCs, KEV, and EPSS without the clutter</h1>
<p class="lede">Built for fast triage. One page, no badges, no filler.</p>
</div>
<form class="searchForm" action="#">
<input type="text" class="search" placeholder="Search CVE, vendor, product, or keyword" autocomplete="off">
</form>
<div class="search-meta">
<span>Loads from <code>CVE_list.json</code></span>
<span>Updated daily</span>
<span>Max 10k results for performance</span>
<div class="stat-row">
<div class="stat"><strong>{{ metrics.kev_total }}</strong><span>KEV entries tracked</span></div>
<div class="stat"><strong>{{ metrics.high_epss_count }}</strong><span>High-EPSS not in KEV</span></div>
<div class="stat"><strong>{{ metrics.recent_kev_count }}</strong><span>New KEV in last 30 days</span></div>
</div>
<div class="search-results" data-results style="display:none">
<div class="header">
<h2>Results</h2>
<span class="muted">Fast monospace table for quick scanning</span>
<span class="muted">Filter with negative terms (e.g., -windows)</span>
</div>
<div class="noResults">No results yet.</div>
<div class="results-table hide">
<table class="results">
<thead>
<tr>
<td width="18%">
CVE
</td>
<td>
Description / PoC links
</td>
<td width="18%">CVE</td>
<td>Description / PoC links</td>
</tr>
</thead>
<tbody class="results"></tbody>
@@ -44,49 +36,28 @@
</section>
<section class="section">
<h1>KEV with high EPSS</h1>
<p class="muted">KEV items that also carry high EPSS probability.</p>
<div class="card-grid">
{% for item in data.kev_top[:15] %}
<article class="card">
<div class="card-title"><a href="/cve/?id={{ item.cve }}">{{ item.cve }}</a></div>
<div class="card-meta">EPSS {{ '%.3f'|format(item.epss or 0) }} • {{ '%2.0f'|format((item.percentile or 0)*100) }}th pct</div>
<p>{{ item.summary or 'No description.' }}</p>
<div class="badge">{{ item.vendor or 'Unknown vendor' }}</div>
<div class="badge">{{ item.product or 'Unknown product' }}</div>
</article>
{% endfor %}
<div class="section-header">
<h1>Latest KEV additions</h1>
<span class="muted">Last 30 days</span>
</div>
</section>
<section class="section">
<h1>EPSS picks not in KEV</h1>
<p class="muted">High-probability EPSS items that are not yet in the KEV list.</p>
<div class="card-grid">
{% for item in data.high_epss[:15] %}
<article class="card">
<div class="card-title"><a href="/cve/?id={{ item.cve }}">{{ item.cve }}</a></div>
<div class="card-meta">EPSS {{ '%.3f'|format(item.epss or 0) }} • {{ '%2.0f'|format((item.percentile or 0)*100) }}th pct</div>
<p>{{ item.summary or 'No description.' }}</p>
</article>
{% endfor %}
</div>
</section>
<section class="section">
<h1>Trending PoCs</h1>
<p class="muted">Fresh GitHub PoCs by stars and recency.</p>
<div class="table-responsive">
<table class="list">
<thead><tr><th>Stars</th><th>Updated</th><th>Name</th><th>Description</th></tr></thead>
<div class="table-wrap">
<table>
<thead>
<tr><th>CVE</th><th>Vendor</th><th>Product</th><th>EPSS</th><th>Percentile</th><th>Date Added</th><th>Due</th></tr>
</thead>
<tbody>
{% for row in trending[:20] %}
{% for row in recent_kev %}
<tr>
<td>{{ row.stars }}</td>
<td>{{ row.updated }}</td>
<td><a href="{{ row.url }}" target="_blank">{{ row.name }}</a></td>
<td>{{ row.desc }}</td>
<td class="cve-cell"><a href="/cve/?id={{ row.cve }}">{{ row.cve }}</a></td>
<td>{{ row.vendor }}</td>
<td>{{ row.product }}</td>
<td>{{ '%.3f'|format(row.epss or 0) }}</td>
<td>{{ '%2.0f'|format((row.percentile or 0)*100) }}th</td>
<td>{{ row.date_added }}</td>
<td>{{ row.due_date or '—' }}</td>
</tr>
{% else %}
<tr><td colspan="7">No recent KEV entries.</td></tr>
{% endfor %}
</tbody>
</table>
@@ -94,39 +65,47 @@
</section>
<section class="section">
<h1>Changes since yesterday</h1>
<p class="muted">Quick snapshot of the latest diffs in the feeds.</p>
<div class="table-responsive">
<table class="list">
<thead><tr><th>Type</th><th>Count</th><th>Examples</th></tr></thead>
<div class="section-header">
<h1>High EPSS not in KEV</h1>
<span class="muted">Sorted by score</span>
</div>
<div class="table-wrap">
<table>
<thead><tr><th>CVE</th><th>EPSS</th><th>Percentile</th><th>PoCs</th><th>Summary</th></tr></thead>
<tbody>
{% for row in data.high_epss %}
<tr>
<td>New KEV entries</td>
<td>{{ (diff.new_kev_entries or [])|length }}</td>
<td>
{% for row in (diff.new_kev_entries or [])[:5] %}
<a href="/cve/?id={{ row.cve }}">{{ row.cve }}</a>{% if not loop.last %}, {% endif %}
{% else %}None{% endfor %}
</td>
<td class="cve-cell"><a href="/cve/?id={{ row.cve }}">{{ row.cve }}</a></td>
<td>{{ '%.3f'|format(row.epss or 0) }}</td>
<td>{{ '%2.0f'|format((row.percentile or 0)*100) }}th</td>
<td>{{ row.poc_count }}</td>
<td class="mono">{{ row.summary or 'No public description yet.' }}</td>
</tr>
{% else %}
<tr><td colspan="5">No high-EPSS items outside KEV today.</td></tr>
{% endfor %}
</tbody>
</table>
</div>
</section>
<section class="section">
<div class="section-header">
<h1>Fresh PoCs</h1>
<span class="muted">Recent GitHub movement</span>
</div>
<div class="table-wrap">
<table>
<thead><tr><th>Stars</th><th>Updated</th><th>Name</th><th>Description</th></tr></thead>
<tbody>
{% for row in trending[:20] %}
<tr>
<td>New high EPSS</td>
<td>{{ (diff.new_high_epss or [])|length }}</td>
<td>
{% for row in (diff.new_high_epss or [])[:5] %}
<a href="/cve/?id={{ row.cve }}">{{ row.cve }}</a>{% if not loop.last %}, {% endif %}
{% else %}None{% endfor %}
</td>
</tr>
<tr>
<td>Top EPSS movers</td>
<td>{{ (diff.epss_movers or [])|length }}</td>
<td>
{% for row in (diff.epss_movers or [])[:5] %}
<a href="/cve/?id={{ row.cve }}">{{ row.cve }}</a> ({{ '%.3f'|format(row.delta) }}){% if not loop.last %}, {% endif %}
{% else %}None{% endfor %}
</td>
<td>{{ row.stars }}</td>
<td>{{ row.updated }}</td>
<td><a href="{{ row.url }}" target="_blank">{{ row.name }}</a></td>
<td class="mono">{{ row.desc }}</td>
</tr>
{% endfor %}
</tbody>
</table>
</div>
templates/kev.html
+5 -3
View File
@@ -1,8 +1,10 @@
{% extends "base.html" %}
{% block content %}
<section class="section">
<h1>Known Exploited Vulnerabilities</h1>
<p class="muted">Filter by CVE, vendor, or product. Rows include EPSS so you can quickly prioritize remediation.</p>
<div class="section-header">
<h1>KEV catalog</h1>
<span class="muted">Filter by CVE, vendor, or product.</span>
</div>
<input type="search" placeholder="Filter CVE, vendor, product" data-filter-table="kev-table" class="filter" />
<div class="table-responsive">
<table class="list" id="kev-table">
@@ -12,7 +14,7 @@
<tbody>
{% for row in kev %}
<tr>
<td><a href="/cve/?id={{ row.cve }}">{{ row.cve }}</a></td>
<td class="cve-cell"><a href="/cve/?id={{ row.cve }}">{{ row.cve }}</a></td>
<td>{{ row.vendor }}</td>
<td>{{ row.product }}</td>
<td>{{ '%.3f'|format(row.epss or 0) }}</td>
templates/pipeline_base.html
+3 -4
View File
@@ -11,12 +11,11 @@
<div class="wrap">
<div class="brand">
<a href="/"><span class="dot"></span> CVE PoC Hub</a>
<div class="muted small">Updated {{ generated or summary.generated }}</div>
</div>
<nav>
<a href="/search/">PoC Search</a>
<a href="/pocs/">Explorer</a>
<a href="/diffs/">Diffs</a>
<a href="/diffs/">New KEV</a>
<a href="/epss/">EPSS</a>
<a href="/kev/">KEV</a>
<a href="https://github.com/0xMarcio/cve" target="_blank" rel="noreferrer">GitHub</a>
@@ -28,8 +27,8 @@
</main>
<footer class="footer">
<div class="wrap footer-inner">
<div>Built daily from GitHub search with scoring + evidence.</div>
<div class="muted">API: <code>/api/v1/</code> · Pages under <code>/docs/</code></div>
<div>PoC explorer with clean signals only.</div>
<div class="muted">API: <code>/api/v1/</code></div>
</div>
</footer>
<script src="/assets/app.js"></script>