CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-02-12 18:42:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix trending PoCs rendering and simplify frontend

Browse Source
This commit is contained in:
0xMarcio
2025-12-17 20:54:34 +01:00
parent 0bd6c7ceda
commit 23be2e0751
16 changed files with 2199 additions and 29676 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.github/workflows/site.yml vendored
View File

@@ -11,6 +11,7 @@ on:
- 'scripts/**'
- 'templates/**'
- 'docs/assets/**'
- 'README.md'
- 'requirements.txt'
- '.github/workflows/site.yml'

263
docs/api/v1/diff/2025-12-17.json
View File

@@ -2,156 +2,50 @@
"epss_movers": [],
"generated": "2025-12-17",
"new_high_epss": [
{
"cve": "CVE-2025-9316",
"epss": 0.78706,
"percentile": 0.98995,
"poc_count": 0,
"summary": ""
},
{
"cve": "CVE-2025-8943",
"epss": 0.6583,
"percentile": 0.9843,
"percentile": 0.98431,
"poc_count": 1,
"summary": "The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks ro..."
},
{
"cve": "CVE-2025-8489",
"epss": 0.43315,
"percentile": 0.97363,
"poc_count": 0,
"summary": ""
},
{
"cve": "CVE-2025-8426",
"epss": 0.3937,
"percentile": 0.97134,
"poc_count": 0,
"summary": ""
},
{
"cve": "CVE-2025-8518",
"epss": 0.33903,
"percentile": 0.96792,
"percentile": 0.96794,
"poc_count": 1,
"summary": "A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. The manipulation l..."
},
{
"cve": "CVE-2025-8868",
"epss": 0.17119,
"percentile": 0.94767,
"poc_count": 0,
"summary": ""
},
{
"cve": "CVE-2025-8730",
"epss": 0.11861,
"percentile": 0.93477,
"percentile": 0.93482,
"poc_count": 2,
"summary": "A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-c..."
},
{
"cve": "CVE-2025-7795",
"epss": 0.096,
"percentile": 0.92596,
"percentile": 0.926,
"poc_count": 3,
"summary": "A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument pa..."
},
{
"cve": "CVE-2025-9090",
"epss": 0.08297,
"percentile": 0.91936,
"epss": 0.0924,
"percentile": 0.92438,
"poc_count": 4,
"summary": "A vulnerability was identified in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection. It is possible..."
},
{
"cve": "CVE-2025-8085",
"epss": 0.07832,
"percentile": 0.91659,
"percentile": 0.91666,
"poc_count": 1,
"summary": "The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs."
}
],
"new_kev_entries": [
{
"cve": "CVE-2025-59718",
"date_added": "2025-12-16",
"due_date": "2025-12-23",
"epss": null,
"notes": "https://fortiguard.fortinet.com/psirt/FG-IR-25-647 ; https://docs.fortinet.com/upgrade-tool/fortigate ; https://nvd.nist.gov/vuln/detail/CVE-2025-59718",
"percentile": null,
"poc_count": 0,
"product": "Multiple Products",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Fortinet FortiOS, FortiSwitchMaster, FortiProxy, and FortiWeb contain an improper verification of cryptographic signature vulnerability that may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML message. Please be aware that CVE-2025-59719 pertains to the same problem and is mentioned in the same vendor advisory. Ensure to apply all patches mentioned in the advisory.",
"vendor": "Fortinet"
},
{
"cve": "CVE-2025-14611",
"date_added": "2025-12-15",
"due_date": "2026-01-05",
"epss": null,
"notes": "https://www.centrestack.com/p/gce_latest_release.html ; https://access.triofox.com/releases_history/; https://support.centrestack.com/hc/en-us/articles/360007159054-Hardening-the-CentreStack-Cluster#h_01JQRV57T37HJFQZKBZH9NBXQP ; https://nvd.nist.gov/vuln/detail/CVE-2025-14611",
"percentile": null,
"poc_count": 0,
"product": "CentreStack and Triofox",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Gladinet CentreStack and TrioFox contain a hardcoded cryptographic keys vulnerability for their implementation of the AES cryptoscheme. This vulnerability degrades security for public exposed endpoints that may make use of it and may offer arbitrary local file inclusion when provided a specially crafted request without authentication.",
"vendor": "Gladinet"
},
{
"cve": "CVE-2025-43529",
"date_added": "2025-12-15",
"due_date": "2026-01-05",
"epss": null,
"notes": "https://support.apple.com/en-us/125884 ; https://support.apple.com/en-us/125892 ; https://support.apple.com/en-us/125885 ; https://support.apple.com/en-us/125886 ; https://support.apple.com/en-us/125889 ; https://nvd.nist.gov/vuln/detail/CVE-2025-43529",
"percentile": null,
"poc_count": 0,
"product": "Multiple Products",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Apple iOS, iPadOS, macOS, and other Apple products contain a use-after-free vulnerability in WebKit. Processing maliciously crafted web content may lead to memory corruption. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",
"vendor": "Apple"
},
{
"cve": "CVE-2018-4063",
"date_added": "2025-12-12",
"due_date": "2026-01-02",
"epss": null,
"notes": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-122-03 ; https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---swi-psa-2019-003 ; https://source.sierrawireless.com/resources/airlink/hardware_reference_docs/airlink_es450_eol ; https://nvd.nist.gov/vuln/detail/CVE-2018-4063",
"percentile": null,
"poc_count": 2,
"product": "AirLink ALEOS",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Sierra Wireless AirLink ALEOS contains an unrestricted upload of file with dangerous type vulnerability. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger this vulnerability. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.",
"vendor": "Sierra Wireless"
},
{
"cve": "CVE-2025-14174",
"date_added": "2025-12-12",
"due_date": "2026-01-02",
"epss": null,
"notes": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_10.html ; https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security ; https://nvd.nist.gov/vuln/detail/CVE-2025-14174",
"percentile": null,
"poc_count": 0,
"product": "Chromium",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Google Chromium contains an out of bounds memory access vulnerability in ANGLE that could allow a remote attacker to perform out of bounds memory access via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",
"vendor": "Google"
},
{
"cve": "CVE-2025-58360",
"date_added": "2025-12-11",
"due_date": "2026-01-01",
"epss": null,
"notes": "This vulnerability affects an open-source component, third-party library, or a protocol used by different products. For more information, please see: https://github.com/geoserver/geoserver/security/advisories/GHSA-fjf5-xgmq-5525 ; https://osgeo-org.atlassian.net/browse/GEOS-11922 ; https://nvd.nist.gov/vuln/detail/CVE-2025-58360",
"percentile": null,
"poc_count": 0,
"product": "GeoServer",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "OSGeo GeoServer contains an improper restriction of XML external entity reference vulnerability that occurs when the application accepts XML input through a specific endpoint /geoserver/wms operation GetMap and could allow an attacker to define external entities within the XML request.",
"vendor": "OSGeo"
},
{
"cve": "CVE-2025-6218",
"date_added": "2025-12-09",
@@ -164,149 +58,6 @@
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "RARLAB WinRAR contains a path traversal vulnerability allowing an attacker to execute code in the context of the current user.",
"vendor": "RARLAB"
},
{
"cve": "CVE-2025-62221",
"date_added": "2025-12-09",
"due_date": "2025-12-30",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-62221 ; https://nvd.nist.gov/vuln/detail/CVE-2025-62221",
"percentile": null,
"poc_count": 0,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Cloud Files Mini Filter Driver contains a use after free vulnerability that can allow an authorized attacker to elevate privileges locally.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2022-37055",
"date_added": "2025-12-08",
"due_date": "2025-12-29",
"epss": null,
"notes": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10308 ; https://nvd.nist.gov/vuln/detail/CVE-2022-37055",
"percentile": null,
"poc_count": 2,
"product": "Routers",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "D-Link Routers contains a buffer overflow vulnerability that has a high impact on confidentiality, integrity, and availability. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.",
"vendor": "D-Link"
},
{
"cve": "CVE-2025-66644",
"date_added": "2025-12-08",
"due_date": "2025-12-29",
"epss": null,
"notes": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/ag.html ; https://www.jpcert.or.jp/at/2025/at250024.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-66644",
"percentile": null,
"poc_count": 0,
"product": "ArrayOS AG",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Array Networks ArrayOS AG contains an OS command injection vulnerability that could allow an attacker to execute arbitrary commands.",
"vendor": "Array Networks"
},
{
"cve": "CVE-2025-55182",
"date_added": "2025-12-05",
"due_date": "2025-12-12",
"epss": null,
"notes": "Check for signs of potential compromise on all internet accessible REACT instances after applying mitigations. For more information, please see: https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components ; https://github.com/vercel-labs/fix-react2shell-next?tab=readme-ov-file ; https://nvd.nist.gov/vuln/detail/CVE-2025-55182",
"percentile": null,
"poc_count": 0,
"product": "React Server Components",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Meta React Server Components contains a remote code execution vulnerability that could allow unauthenticated remote code execution by exploiting a flaw in how React decodes payloads sent to React Server Function endpoints. Please note CVE-2025-66478 has been rejected, but it is associated with CVE-2025- 55182.",
"vendor": "Meta"
},
{
"cve": "CVE-2021-26828",
"date_added": "2025-12-03",
"due_date": "2025-12-24",
"epss": null,
"notes": "This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/SCADA-LTS/Scada-LTS/pull/2174 ; https://nvd.nist.gov/vuln/detail/CVE-2021-26828",
"percentile": null,
"poc_count": 16,
"product": "ScadaBR",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "OpenPLC ScadaBR contains an unrestricted upload of file with dangerous type vulnerability that allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm.",
"vendor": "OpenPLC"
},
{
"cve": "CVE-2025-48572",
"date_added": "2025-12-02",
"due_date": "2025-12-23",
"epss": null,
"notes": "https://source.android.com/docs/security/bulletin/2025-12-01 ; https://nvd.nist.gov/vuln/detail/CVE-2025-48572",
"percentile": null,
"poc_count": 0,
"product": "Framework",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Android Framework contains an unspecified vulnerability that allows for privilege escalation.",
"vendor": "Android"
},
{
"cve": "CVE-2025-48633",
"date_added": "2025-12-02",
"due_date": "2025-12-23",
"epss": null,
"notes": "https://source.android.com/docs/security/bulletin/2025-12-01 ; https://nvd.nist.gov/vuln/detail/CVE-2025-48633",
"percentile": null,
"poc_count": 0,
"product": "Framework",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Android Framework contains an unspecified vulnerability that allows for information disclosure.",
"vendor": "Android"
},
{
"cve": "CVE-2021-26829",
"date_added": "2025-11-28",
"due_date": "2025-12-19",
"epss": null,
"notes": "This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/SCADA-LTS/Scada-LTS/pull/3211 ; https://nvd.nist.gov/vuln/detail/CVE-2021-26829",
"percentile": null,
"poc_count": 1,
"product": "ScadaBR",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "OpenPLC ScadaBR contains a cross-site scripting vulnerability via system_settings.shtm.",
"vendor": "OpenPLC"
},
{
"cve": "CVE-2025-61757",
"date_added": "2025-11-21",
"due_date": "2025-12-12",
"epss": null,
"notes": "https://www.oracle.com/security-alerts/cpuoct2025.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-61757",
"percentile": null,
"poc_count": 0,
"product": "Fusion Middleware",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Oracle Fusion Middleware contains a missing authentication for critical function vulnerability, allowing unauthenticated remote attackers to take over Identity Manager.",
"vendor": "Oracle"
},
{
"cve": "CVE-2025-13223",
"date_added": "2025-11-19",
"due_date": "2025-12-10",
"epss": null,
"notes": "https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop_17.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-13223",
"percentile": null,
"poc_count": 0,
"product": "Chromium V8",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Google Chromium V8 contains a type confusion vulnerability that allows for heap corruption.",
"vendor": "Google"
},
{
"cve": "CVE-2025-58034",
"date_added": "2025-11-18",
"due_date": "2025-11-25",
"epss": null,
"notes": "https://fortiguard.fortinet.com/psirt/FG-IR-25-513 ; https://nvd.nist.gov/vuln/detail/CVE-2025-58034",
"percentile": null,
"poc_count": 0,
"product": "FortiWeb",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Fortinet FortiWeb contains an OS command Injection vulnerability that may allow an authenticated attacker to execute unauthorized code on the underlying system via crafted HTTP requests or CLI commands.",
"vendor": "Fortinet"
}
],
"removed_high_epss": [],

263
docs/api/v1/diff/latest.json
View File

@@ -2,156 +2,50 @@
"epss_movers": [],
"generated": "2025-12-17",
"new_high_epss": [
{
"cve": "CVE-2025-9316",
"epss": 0.78706,
"percentile": 0.98995,
"poc_count": 0,
"summary": ""
},
{
"cve": "CVE-2025-8943",
"epss": 0.6583,
"percentile": 0.9843,
"percentile": 0.98431,
"poc_count": 1,
"summary": "The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks ro..."
},
{
"cve": "CVE-2025-8489",
"epss": 0.43315,
"percentile": 0.97363,
"poc_count": 0,
"summary": ""
},
{
"cve": "CVE-2025-8426",
"epss": 0.3937,
"percentile": 0.97134,
"poc_count": 0,
"summary": ""
},
{
"cve": "CVE-2025-8518",
"epss": 0.33903,
"percentile": 0.96792,
"percentile": 0.96794,
"poc_count": 1,
"summary": "A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. The manipulation l..."
},
{
"cve": "CVE-2025-8868",
"epss": 0.17119,
"percentile": 0.94767,
"poc_count": 0,
"summary": ""
},
{
"cve": "CVE-2025-8730",
"epss": 0.11861,
"percentile": 0.93477,
"percentile": 0.93482,
"poc_count": 2,
"summary": "A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-c..."
},
{
"cve": "CVE-2025-7795",
"epss": 0.096,
"percentile": 0.92596,
"percentile": 0.926,
"poc_count": 3,
"summary": "A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument pa..."
},
{
"cve": "CVE-2025-9090",
"epss": 0.08297,
"percentile": 0.91936,
"epss": 0.0924,
"percentile": 0.92438,
"poc_count": 4,
"summary": "A vulnerability was identified in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection. It is possible..."
},
{
"cve": "CVE-2025-8085",
"epss": 0.07832,
"percentile": 0.91659,
"percentile": 0.91666,
"poc_count": 1,
"summary": "The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs."
}
],
"new_kev_entries": [
{
"cve": "CVE-2025-59718",
"date_added": "2025-12-16",
"due_date": "2025-12-23",
"epss": null,
"notes": "https://fortiguard.fortinet.com/psirt/FG-IR-25-647 ; https://docs.fortinet.com/upgrade-tool/fortigate ; https://nvd.nist.gov/vuln/detail/CVE-2025-59718",
"percentile": null,
"poc_count": 0,
"product": "Multiple Products",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Fortinet FortiOS, FortiSwitchMaster, FortiProxy, and FortiWeb contain an improper verification of cryptographic signature vulnerability that may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML message. Please be aware that CVE-2025-59719 pertains to the same problem and is mentioned in the same vendor advisory. Ensure to apply all patches mentioned in the advisory.",
"vendor": "Fortinet"
},
{
"cve": "CVE-2025-14611",
"date_added": "2025-12-15",
"due_date": "2026-01-05",
"epss": null,
"notes": "https://www.centrestack.com/p/gce_latest_release.html ; https://access.triofox.com/releases_history/; https://support.centrestack.com/hc/en-us/articles/360007159054-Hardening-the-CentreStack-Cluster#h_01JQRV57T37HJFQZKBZH9NBXQP ; https://nvd.nist.gov/vuln/detail/CVE-2025-14611",
"percentile": null,
"poc_count": 0,
"product": "CentreStack and Triofox",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Gladinet CentreStack and TrioFox contain a hardcoded cryptographic keys vulnerability for their implementation of the AES cryptoscheme. This vulnerability degrades security for public exposed endpoints that may make use of it and may offer arbitrary local file inclusion when provided a specially crafted request without authentication.",
"vendor": "Gladinet"
},
{
"cve": "CVE-2025-43529",
"date_added": "2025-12-15",
"due_date": "2026-01-05",
"epss": null,
"notes": "https://support.apple.com/en-us/125884 ; https://support.apple.com/en-us/125892 ; https://support.apple.com/en-us/125885 ; https://support.apple.com/en-us/125886 ; https://support.apple.com/en-us/125889 ; https://nvd.nist.gov/vuln/detail/CVE-2025-43529",
"percentile": null,
"poc_count": 0,
"product": "Multiple Products",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Apple iOS, iPadOS, macOS, and other Apple products contain a use-after-free vulnerability in WebKit. Processing maliciously crafted web content may lead to memory corruption. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.",
"vendor": "Apple"
},
{
"cve": "CVE-2018-4063",
"date_added": "2025-12-12",
"due_date": "2026-01-02",
"epss": null,
"notes": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-122-03 ; https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---swi-psa-2019-003 ; https://source.sierrawireless.com/resources/airlink/hardware_reference_docs/airlink_es450_eol ; https://nvd.nist.gov/vuln/detail/CVE-2018-4063",
"percentile": null,
"poc_count": 2,
"product": "AirLink ALEOS",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Sierra Wireless AirLink ALEOS contains an unrestricted upload of file with dangerous type vulnerability. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger this vulnerability. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.",
"vendor": "Sierra Wireless"
},
{
"cve": "CVE-2025-14174",
"date_added": "2025-12-12",
"due_date": "2026-01-02",
"epss": null,
"notes": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_10.html ; https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security ; https://nvd.nist.gov/vuln/detail/CVE-2025-14174",
"percentile": null,
"poc_count": 0,
"product": "Chromium",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Google Chromium contains an out of bounds memory access vulnerability in ANGLE that could allow a remote attacker to perform out of bounds memory access via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",
"vendor": "Google"
},
{
"cve": "CVE-2025-58360",
"date_added": "2025-12-11",
"due_date": "2026-01-01",
"epss": null,
"notes": "This vulnerability affects an open-source component, third-party library, or a protocol used by different products. For more information, please see: https://github.com/geoserver/geoserver/security/advisories/GHSA-fjf5-xgmq-5525 ; https://osgeo-org.atlassian.net/browse/GEOS-11922 ; https://nvd.nist.gov/vuln/detail/CVE-2025-58360",
"percentile": null,
"poc_count": 0,
"product": "GeoServer",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "OSGeo GeoServer contains an improper restriction of XML external entity reference vulnerability that occurs when the application accepts XML input through a specific endpoint /geoserver/wms operation GetMap and could allow an attacker to define external entities within the XML request.",
"vendor": "OSGeo"
},
{
"cve": "CVE-2025-6218",
"date_added": "2025-12-09",
@@ -164,149 +58,6 @@
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "RARLAB WinRAR contains a path traversal vulnerability allowing an attacker to execute code in the context of the current user.",
"vendor": "RARLAB"
},
{
"cve": "CVE-2025-62221",
"date_added": "2025-12-09",
"due_date": "2025-12-30",
"epss": null,
"notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-62221 ; https://nvd.nist.gov/vuln/detail/CVE-2025-62221",
"percentile": null,
"poc_count": 0,
"product": "Windows",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Microsoft Windows Cloud Files Mini Filter Driver contains a use after free vulnerability that can allow an authorized attacker to elevate privileges locally.",
"vendor": "Microsoft"
},
{
"cve": "CVE-2022-37055",
"date_added": "2025-12-08",
"due_date": "2025-12-29",
"epss": null,
"notes": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10308 ; https://nvd.nist.gov/vuln/detail/CVE-2022-37055",
"percentile": null,
"poc_count": 2,
"product": "Routers",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "D-Link Routers contains a buffer overflow vulnerability that has a high impact on confidentiality, integrity, and availability. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.",
"vendor": "D-Link"
},
{
"cve": "CVE-2025-66644",
"date_added": "2025-12-08",
"due_date": "2025-12-29",
"epss": null,
"notes": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/ag.html ; https://www.jpcert.or.jp/at/2025/at250024.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-66644",
"percentile": null,
"poc_count": 0,
"product": "ArrayOS AG",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Array Networks ArrayOS AG contains an OS command injection vulnerability that could allow an attacker to execute arbitrary commands.",
"vendor": "Array Networks"
},
{
"cve": "CVE-2025-55182",
"date_added": "2025-12-05",
"due_date": "2025-12-12",
"epss": null,
"notes": "Check for signs of potential compromise on all internet accessible REACT instances after applying mitigations. For more information, please see: https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components ; https://github.com/vercel-labs/fix-react2shell-next?tab=readme-ov-file ; https://nvd.nist.gov/vuln/detail/CVE-2025-55182",
"percentile": null,
"poc_count": 0,
"product": "React Server Components",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Meta React Server Components contains a remote code execution vulnerability that could allow unauthenticated remote code execution by exploiting a flaw in how React decodes payloads sent to React Server Function endpoints. Please note CVE-2025-66478 has been rejected, but it is associated with CVE-2025- 55182.",
"vendor": "Meta"
},
{
"cve": "CVE-2021-26828",
"date_added": "2025-12-03",
"due_date": "2025-12-24",
"epss": null,
"notes": "This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/SCADA-LTS/Scada-LTS/pull/2174 ; https://nvd.nist.gov/vuln/detail/CVE-2021-26828",
"percentile": null,
"poc_count": 16,
"product": "ScadaBR",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "OpenPLC ScadaBR contains an unrestricted upload of file with dangerous type vulnerability that allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm.",
"vendor": "OpenPLC"
},
{
"cve": "CVE-2025-48572",
"date_added": "2025-12-02",
"due_date": "2025-12-23",
"epss": null,
"notes": "https://source.android.com/docs/security/bulletin/2025-12-01 ; https://nvd.nist.gov/vuln/detail/CVE-2025-48572",
"percentile": null,
"poc_count": 0,
"product": "Framework",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Android Framework contains an unspecified vulnerability that allows for privilege escalation.",
"vendor": "Android"
},
{
"cve": "CVE-2025-48633",
"date_added": "2025-12-02",
"due_date": "2025-12-23",
"epss": null,
"notes": "https://source.android.com/docs/security/bulletin/2025-12-01 ; https://nvd.nist.gov/vuln/detail/CVE-2025-48633",
"percentile": null,
"poc_count": 0,
"product": "Framework",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Android Framework contains an unspecified vulnerability that allows for information disclosure.",
"vendor": "Android"
},
{
"cve": "CVE-2021-26829",
"date_added": "2025-11-28",
"due_date": "2025-12-19",
"epss": null,
"notes": "This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/SCADA-LTS/Scada-LTS/pull/3211 ; https://nvd.nist.gov/vuln/detail/CVE-2021-26829",
"percentile": null,
"poc_count": 1,
"product": "ScadaBR",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "OpenPLC ScadaBR contains a cross-site scripting vulnerability via system_settings.shtm.",
"vendor": "OpenPLC"
},
{
"cve": "CVE-2025-61757",
"date_added": "2025-11-21",
"due_date": "2025-12-12",
"epss": null,
"notes": "https://www.oracle.com/security-alerts/cpuoct2025.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-61757",
"percentile": null,
"poc_count": 0,
"product": "Fusion Middleware",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Oracle Fusion Middleware contains a missing authentication for critical function vulnerability, allowing unauthenticated remote attackers to take over Identity Manager.",
"vendor": "Oracle"
},
{
"cve": "CVE-2025-13223",
"date_added": "2025-11-19",
"due_date": "2025-12-10",
"epss": null,
"notes": "https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop_17.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-13223",
"percentile": null,
"poc_count": 0,
"product": "Chromium V8",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Google Chromium V8 contains a type confusion vulnerability that allows for heap corruption.",
"vendor": "Google"
},
{
"cve": "CVE-2025-58034",
"date_added": "2025-11-18",
"due_date": "2025-11-25",
"epss": null,
"notes": "https://fortiguard.fortinet.com/psirt/FG-IR-25-513 ; https://nvd.nist.gov/vuln/detail/CVE-2025-58034",
"percentile": null,
"poc_count": 0,
"product": "FortiWeb",
"required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"short_description": "Fortinet FortiWeb contains an OS command Injection vulnerability that may allow an authenticated attacker to execute unauthorized code on the underlying system via crafted HTTP requests or CLI commands.",
"vendor": "Fortinet"
}
],
"removed_high_epss": [],

42
docs/api/v1/epss_top.json
View File

@@ -1,73 +1,45 @@
{
"generated": "2025-12-17",
"items": [
{
"cve": "CVE-2025-9316",
"epss": 0.78706,
"percentile": 0.98995,
"poc_count": 0,
"summary": ""
},
{
"cve": "CVE-2025-8943",
"epss": 0.6583,
"percentile": 0.9843,
"percentile": 0.98431,
"poc_count": 1,
"summary": "The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks ro..."
},
{
"cve": "CVE-2025-8489",
"epss": 0.43315,
"percentile": 0.97363,
"poc_count": 0,
"summary": ""
},
{
"cve": "CVE-2025-8426",
"epss": 0.3937,
"percentile": 0.97134,
"poc_count": 0,
"summary": ""
},
{
"cve": "CVE-2025-8518",
"epss": 0.33903,
"percentile": 0.96792,
"percentile": 0.96794,
"poc_count": 1,
"summary": "A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. The manipulation l..."
},
{
"cve": "CVE-2025-8868",
"epss": 0.17119,
"percentile": 0.94767,
"poc_count": 0,
"summary": ""
},
{
"cve": "CVE-2025-8730",
"epss": 0.11861,
"percentile": 0.93477,
"percentile": 0.93482,
"poc_count": 2,
"summary": "A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-c..."
},
{
"cve": "CVE-2025-7795",
"epss": 0.096,
"percentile": 0.92596,
"percentile": 0.926,
"poc_count": 3,
"summary": "A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument pa..."
},
{
"cve": "CVE-2025-9090",
"epss": 0.08297,
"percentile": 0.91936,
"epss": 0.0924,
"percentile": 0.92438,
"poc_count": 4,
"summary": "A vulnerability was identified in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection. It is possible..."
},
{
"cve": "CVE-2025-8085",
"epss": 0.07832,
"percentile": 0.91659,
"percentile": 0.91666,
"poc_count": 1,
"summary": "The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs."
}

1924
docs/api/v1/joined_top.json
View File

File diff suppressed because it is too large Load Diff

15932
docs/api/v1/kev.json
View File

File diff suppressed because it is too large Load Diff

1924
docs/api/v1/snapshots/2025-12-17.json
View File

File diff suppressed because it is too large Load Diff

157
docs/assets/site.js
View File

@@ -1,161 +1,20 @@
(function(){
let datasetPromise = null;
let pocSet = null;
let descSet = null;
function fetchDataset() {
if (datasetPromise) return datasetPromise;
const candidates = [
new URL('/CVE_list.json', window.location.origin).href,
new URL('CVE_list.json', window.location.href).href,
new URL('../CVE_list.json', window.location.href).href
];
datasetPromise = (async () => {
for (const url of candidates) {
try {
const res = await fetch(url, { cache: 'no-store' });
if (!res.ok) continue;
const data = await res.json();
return Array.isArray(data) ? data : [];
} catch (err) {
console.warn('Dataset fetch failed', err);
}
}
return [];
})();
return datasetPromise;
}
async function ensureSets() {
if (pocSet && descSet) return { pocSet, descSet };
const dataset = await fetchDataset();
pocSet = new Set();
descSet = new Set();
dataset.forEach(item => {
const cve = (item.cve || '').toUpperCase();
const desc = (item.desc || '').trim();
const hasPoc = Array.isArray(item.poc) && item.poc.length > 0;
if (hasPoc) pocSet.add(cve);
if (desc) descSet.add(cve);
});
return { pocSet, descSet };
}
(function () {
function bindColumnFilters() {
const filterInputs = document.querySelectorAll('[data-filter-table]');
filterInputs.forEach(input => {
const tableId = input.dataset.filterTable;
const table = document.getElementById(tableId);
const filterInputs = document.querySelectorAll("[data-filter-table]");
filterInputs.forEach((input) => {
const table = document.getElementById(input.dataset.filterTable);
if (!table) return;
input.addEventListener('input', () => {
input.addEventListener("input", () => {
const term = input.value.trim().toLowerCase();
for (const row of table.querySelectorAll('tbody tr')) {
for (const row of table.querySelectorAll("tbody tr")) {
const text = row.innerText.toLowerCase();
row.style.display = text.includes(term) ? '' : 'none';
row.style.display = text.includes(term) ? "" : "none";
}
});
});
}
async function filterTablesByData() {
const { pocSet, descSet } = await ensureSets();
const currentYear = new Date().getUTCFullYear();
const isRecent = (text) => {
const m = /CVE-(\d{4})-/i.exec(text || '');
return m ? parseInt(m[1], 10) >= currentYear - 1 : false;
};
document.querySelectorAll('table[data-require-poc], table[data-require-desc]').forEach(table => {
for (const row of Array.from(table.querySelectorAll('tbody tr'))) {
const link = row.querySelector('a');
const idText = (link ? link.textContent : row.textContent || '').trim().toUpperCase();
const needsPoc = table.hasAttribute('data-require-poc');
const needsDesc = table.hasAttribute('data-require-desc');
const hasPoc = pocSet.has(idText);
const hasDesc = descSet.has(idText);
if ((needsPoc && !hasPoc) || (needsDesc && !hasDesc) || !isRecent(idText)) {
row.remove();
}
}
});
}
function truncate(text, limit = 160) {
if (!text) return '';
return text.length > limit ? `${text.slice(0, limit - 1)}` : text;
}
function parseRelativeDays(label) {
if (!label) return Infinity;
const lower = label.toLowerCase();
if (lower.includes('hour') || lower.includes('minute') || lower.includes('just')) return 0;
const match = lower.match(/(\d+)\s*day/);
return match ? parseInt(match[1], 10) : Infinity;
}
function cveYear(text) {
const m = /cve-(\d{4})-/i.exec(text || '');
return m ? parseInt(m[1], 10) : null;
}
function parseTrendingMarkdown(text) {
const rows = [];
const regex = /^\|\s*(\d+)\s*⭐\s*\|\s*([^|]+)\|\s*\[([^\]]+)\]\(([^)]+)\)\s*\|\s*(.*?)\|$/;
text.split('\n').forEach(line => {
const trimmed = line.trim();
const m = regex.exec(trimmed);
if (!m) return;
const stars = parseInt(m[1], 10);
const updated = m[2].trim();
const name = m[3].trim();
const url = m[4].trim();
const desc = m[5].trim();
const ageDays = parseRelativeDays(updated);
rows.push({ stars, updated, name, url, desc, ageDays });
});
return rows;
}
async function renderTrending() {
const container = document.querySelector('[data-trending]');
const tbody = document.getElementById('trending-body');
if (!container || !tbody) return;
try {
const res = await fetch('/README.md', { cache: 'no-store' });
if (!res.ok) throw new Error('failed to load README');
const text = await res.text();
const entries = parseTrendingMarkdown(text)
.filter(item => item.ageDays <= 4)
.filter(item => {
const currentYear = new Date().getUTCFullYear();
const yr = cveYear(item.name);
return yr !== null && yr >= currentYear - 1;
})
.sort((a, b) => b.stars - a.stars)
.slice(0, 20);
if (entries.length === 0) {
tbody.innerHTML = '<tr><td colspan="4" class="muted">No recent PoCs with stars yet.</td></tr>';
return;
}
tbody.innerHTML = entries.map(item => {
return `<tr>
<td>${item.stars}⭐</td>
<td>${item.updated}</td>
<td><a href="${item.url}" target="_blank" rel="noreferrer">${item.name}</a></td>
<td class="mono">${truncate(item.desc)}</td>
</tr>`;
}).join('');
} catch (err) {
console.warn('Trending render failed', err);
tbody.innerHTML = '<tr><td colspan="4" class="muted">Unable to load trending PoCs.</td></tr>';
}
}
document.addEventListener('DOMContentLoaded', () => {
document.addEventListener("DOMContentLoaded", () => {
bindColumnFilters();
filterTablesByData();
renderTrending();
});
})();

53
docs/diffs/index.html Normal file
View File

@@ -0,0 +1,53 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>CVE PoC Hub</title>
<link rel="icon" href="/favicon.ico" />
<link rel="stylesheet" href="/style.css" />
<script defer src="/assets/site.js"></script>
</head>
<body class="">
<header class="site-header">
<div class="wrap">
<div class="brand"><a href="/">CVE PoC Hub</a></div>
<nav>
<a href="/search/">PoC Search</a>
<a href="/kev/">KEV</a>
<a href="/epss/">EPSS</a>
</nav>
</div>
</header>
<main class="wrap">
<section class="section">
<div class="section-header">
<h1>New KEV entries</h1>
<span class="muted">Only the recent additions</span>
</div>
<div class="table-wrap">
<table>
<thead><tr><th>CVE</th><th>Vendor</th><th>Product</th><th>EPSS</th><th>Percentile</th><th>Date Added</th><th>Due</th></tr></thead>
<tbody>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-6218">CVE-2025-6218</a></td>
<td>RARLAB</td>
<td>WinRAR</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-09</td>
<td>2025-12-30</td>
</tr>
</tbody>
</table>
</div>
</section>
</main>
<footer class="site-footer">
<div class="wrap">
<span>Fast CVE triage without the noise.</span>
<span><a href="https://github.com/0xMarcio/cve">GitHub repo</a></span>
</div>
</footer>
</body>
</html>

35
docs/epss/index.html
View File

@@ -4,6 +4,7 @@
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>CVE PoC Hub</title>
<link rel="icon" href="/favicon.ico" />
<link rel="stylesheet" href="/style.css" />
<script defer src="/assets/site.js"></script>
</head>
@@ -26,16 +27,9 @@
</div>
<input type="search" placeholder="Filter CVE" data-filter-table="epss-table" class="filter" />
<div class="table-responsive">
<table class="list" id="epss-table" data-require-poc data-require-desc>
<table class="list" id="epss-table">
<thead><tr><th>CVE</th><th>EPSS</th><th>Percentile</th><th>PoCs</th><th>Summary</th></tr></thead>
<tbody>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-9316">CVE-2025-9316</a></td>
<td>0.787</td>
<td>99th</td>
<td>0</td>
<td class="mono">No public description yet.</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8943">CVE-2025-8943</a></td>
<td>0.658</td>
@@ -43,20 +37,6 @@
<td>1</td>
<td class="mono">The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to spin up local MCP Servers. However, Flowise&#39;s inherent authentication and authorization model is minimal and lacks ro...</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8489">CVE-2025-8489</a></td>
<td>0.433</td>
<td>97th</td>
<td>0</td>
<td class="mono">No public description yet.</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8426">CVE-2025-8426</a></td>
<td>0.394</td>
<td>97th</td>
<td>0</td>
<td class="mono">No public description yet.</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8518">CVE-2025-8518</a></td>
<td>0.339</td>
@@ -64,13 +44,6 @@
<td>1</td>
<td class="mono">A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. The manipulation l...</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8868">CVE-2025-8868</a></td>
<td>0.171</td>
<td>95th</td>
<td>0</td>
<td class="mono">No public description yet.</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8730">CVE-2025-8730</a></td>
<td>0.119</td>
@@ -87,7 +60,7 @@
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-9090">CVE-2025-9090</a></td>
<td>0.083</td>
<td>0.092</td>
<td>92th</td>
<td>4</td>
<td class="mono">A vulnerability was identified in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection. It is possible...</td>
@@ -111,4 +84,4 @@
</div>
</footer>
</body>
</html>
</html>

BIN
docs/favicon.ico Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 33 KiB

279
docs/index.html
View File

@@ -4,6 +4,7 @@
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>CVE PoC Hub</title>
<link rel="icon" href="/favicon.ico" />
<link rel="stylesheet" href="/style.css" />
<script defer src="/assets/site.js"></script>
</head>
@@ -21,17 +22,16 @@
<main class="wrap">
<section class="hero hero-signal" data-search-root>
<div class="hero-meta">
<p class="eyebrow">Signal-first</p>
<h1>Search PoCs, KEV, and EPSS without the clutter</h1>
<p class="lede">Built for fast triage. One page, no badges, no filler.</p>
<h1>CVE PoC Hub</h1>
<p class="lede">Search PoCs, KEV, and EPSS quickly—no filler.</p>
</div>
<form class="searchForm" action="#">
<input type="text" class="search" placeholder="Search CVE, vendor, product, or keyword" autocomplete="off">
</form>
<div class="stat-row">
<div class="stat"><strong>1478</strong><span>KEV entries tracked</span></div>
<div class="stat"><strong>10</strong><span>High-EPSS not in KEV</span></div>
<div class="stat"><strong>18</strong><span>New KEV in last 30 days</span></div>
<div class="stat"><strong>264</strong><span>KEV entries tracked</span></div>
<div class="stat"><strong>6</strong><span>High-EPSS not in KEV</span></div>
<div class="stat"><strong>1</strong><span>New KEV in last 30 days</span></div>
</div>
<div class="search-results" data-results style="display:none">
<div class="header">
@@ -56,193 +56,131 @@
<section class="section">
<div class="section-header">
<h1>Trending PoCs</h1>
<span class="muted">Recent GitHub movement (last 4 days, sorted by stars)</span>
<span class="muted">Pulled from the current-year table in README.md</span>
</div>
<div class="table-wrap" data-trending>
<table>
<thead>
<tr><th>Stars</th><th>Updated</th><th>Name</th><th>Description</th></tr>
</thead>
<thead><tr><th>Stars</th><th>Updated</th><th>Name</th><th>Description</th></tr></thead>
<tbody id="trending-body">
<tr><td colspan="4" class="muted">Loading trending PoCs…</td></tr>
</tbody>
</table>
</div>
</section>
<section class="section">
<div class="section-header">
<h1>Latest KEV additions</h1>
<span class="muted">Last 30 days</span>
</div>
<div class="table-wrap">
<table data-require-poc data-require-desc>
<thead>
<tr><th>CVE</th><th>Vendor</th><th>Product</th><th>EPSS</th><th>Percentile</th><th>Date Added</th><th>Due</th></tr>
</thead>
<tbody>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-59718">CVE-2025-59718</a></td>
<td>Fortinet</td>
<td>Multiple Products</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-16</td>
<td>2025-12-23</td>
<td>1241</td>
<td>2 hours ago</td>
<td><a href="https://github.com/msanft/CVE-2025-55182" target="_blank">CVE-2025-55182</a></td>
<td class="mono">Explanation and full RCE PoC for CVE-2025-55182</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-14611">CVE-2025-14611</a></td>
<td>Gladinet</td>
<td>CentreStack and Triofox</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-15</td>
<td>2026-01-05</td>
<td>775</td>
<td>3 hours ago</td>
<td><a href="https://github.com/ejpir/CVE-2025-55182-research" target="_blank">CVE-2025-55182-research</a></td>
<td class="mono">CVE-2025-55182 POC</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-43529">CVE-2025-43529</a></td>
<td>Apple</td>
<td>Multiple Products</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-15</td>
<td>2026-01-05</td>
<td>495</td>
<td>8 days ago</td>
<td><a href="https://github.com/WyAtu/CVE-2018-20250" target="_blank">CVE-2018-20250</a></td>
<td class="mono">exp for https://research.checkpoint.com/extracting-code-execution-from-winrar</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2018-4063">CVE-2018-4063</a></td>
<td>Sierra Wireless</td>
<td>AirLink ALEOS</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-12</td>
<td>2026-01-02</td>
<td>607</td>
<td>20 hours ago</td>
<td><a href="https://github.com/mverschu/CVE-2025-33073" target="_blank">CVE-2025-33073</a></td>
<td class="mono">PoC Exploit for the NTLM reflection SMB flaw.</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-14174">CVE-2025-14174</a></td>
<td>Google</td>
<td>Chromium</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-12</td>
<td>2026-01-02</td>
<td>496</td>
<td>4 days ago</td>
<td><a href="https://github.com/pr0v3rbs/CVE-2025-32463_chwoot" target="_blank">CVE-2025-32463_chwoot</a></td>
<td class="mono">Escalation of Privilege to the root through sudo binary with chroot option. CVE-2025-32463</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-58360">CVE-2025-58360</a></td>
<td>OSGeo</td>
<td>GeoServer</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-11</td>
<td>2026-01-01</td>
<td>419</td>
<td>5 hours ago</td>
<td><a href="https://github.com/kh4sh3i/CVE-2025-32463" target="_blank">CVE-2025-32463</a></td>
<td class="mono">Local Privilege Escalation to Root via Sudo chroot in Linux</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-6218">CVE-2025-6218</a></td>
<td>RARLAB</td>
<td>WinRAR</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-09</td>
<td>2025-12-30</td>
<td>305</td>
<td>1 day ago</td>
<td><a href="https://github.com/soltanali0/CVE-2025-53770-Exploit" target="_blank">CVE-2025-53770-Exploit</a></td>
<td class="mono">SharePoint WebPart Injection Exploit Tool</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-62221">CVE-2025-62221</a></td>
<td>Microsoft</td>
<td>Windows</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-09</td>
<td>2025-12-30</td>
<td>289</td>
<td>4 hours ago</td>
<td><a href="https://github.com/emredavut/CVE-2025-55182" target="_blank">CVE-2025-55182</a></td>
<td class="mono">RSC/Next.js RCE Vulnerability Detector &amp; PoC Chrome Extension CVE-2025-55182 &amp; CVE-2025-66478</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2022-37055">CVE-2022-37055</a></td>
<td>D-Link</td>
<td>Routers</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-08</td>
<td>2025-12-29</td>
<td>901</td>
<td>1 hour ago</td>
<td><a href="https://github.com/lachlan2k/React2Shell-CVE-2025-55182-original-poc" target="_blank">React2Shell-CVE-2025-55182-original-poc</a></td>
<td class="mono">Original Proof-of-Concepts for React2Shell CVE-2025-55182</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-66644">CVE-2025-66644</a></td>
<td>Array Networks</td>
<td>ArrayOS AG</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-08</td>
<td>2025-12-29</td>
<td>386</td>
<td>4 days ago</td>
<td><a href="https://github.com/0x6rss/CVE-2025-24071_PoC" target="_blank">CVE-2025-24071_PoC</a></td>
<td class="mono">CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-55182">CVE-2025-55182</a></td>
<td>Meta</td>
<td>React Server Components</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-05</td>
<td>2025-12-12</td>
<td>207</td>
<td>1 day ago</td>
<td><a href="https://github.com/leesh3288/CVE-2025-32023" target="_blank">CVE-2025-32023</a></td>
<td class="mono">PoC &amp; Exploit for CVE-2025-32023 / PlaidCTF 2025 &#34;Zerodeo&#34;</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2021-26828">CVE-2021-26828</a></td>
<td>OpenPLC</td>
<td>ScadaBR</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-03</td>
<td>2025-12-24</td>
<td>396</td>
<td>6 days ago</td>
<td><a href="https://github.com/yuuouu/ColorOS-CVE-2025-10184" target="_blank">ColorOS-CVE-2025-10184</a></td>
<td class="mono">ColorOS短信漏洞以及用户自救方案</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-48572">CVE-2025-48572</a></td>
<td>Android</td>
<td>Framework</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-02</td>
<td>2025-12-23</td>
<td>180</td>
<td>6 days ago</td>
<td><a href="https://github.com/absholi7ly/POC-CVE-2025-24813" target="_blank">POC-CVE-2025-24813</a></td>
<td class="mono">his repository contains an automated Proof of Concept (PoC) script for exploiting **CVE-2025-24813**, a Remote Code Execution (RCE) vulnerability in Apache Tomcat. The vulnerability allows an attacker to upload a malicious serialized payload to the server, leading to arbitrary code execution via deserialization when specific conditions are met.</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-48633">CVE-2025-48633</a></td>
<td>Android</td>
<td>Framework</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-12-02</td>
<td>2025-12-23</td>
<td>256</td>
<td>15 minutes ago</td>
<td><a href="https://github.com/zack0x01/CVE-2025-55182-advanced-scanner-" target="_blank">CVE-2025-55182-advanced-scanner-</a></td>
<td class="mono"></td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2021-26829">CVE-2021-26829</a></td>
<td>OpenPLC</td>
<td>ScadaBR</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-11-28</td>
<td>2025-12-19</td>
<td>357</td>
<td>1 hour ago</td>
<td><a href="https://github.com/Malayke/Next.js-RSC-RCE-Scanner-CVE-2025-66478" target="_blank">Next.js-RSC-RCE-Scanner-CVE-2025-66478</a></td>
<td class="mono">A command-line scanner for batch detection of Next.js application versions and determining if they are affected by CVE-2025-66478 vulnerability.</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-61757">CVE-2025-61757</a></td>
<td>Oracle</td>
<td>Fusion Middleware</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-11-21</td>
<td>2025-12-12</td>
<td>198</td>
<td>4 days ago</td>
<td><a href="https://github.com/ThumpBo/CVE-2025-30208-EXP" target="_blank">CVE-2025-30208-EXP</a></td>
<td class="mono">CVE-2025-30208-EXP</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-13223">CVE-2025-13223</a></td>
<td>Google</td>
<td>Chromium V8</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-11-19</td>
<td>2025-12-10</td>
<td>73</td>
<td>6 days ago</td>
<td><a href="https://github.com/4daysday/cve-2025-8088" target="_blank">cve-2025-8088</a></td>
<td class="mono">Path traversal tool based on cve-2025-8088</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-58034">CVE-2025-58034</a></td>
<td>Fortinet</td>
<td>FortiWeb</td>
<td>0.000</td>
<td> 0th</td>
<td>2025-11-18</td>
<td>2025-11-25</td>
<td>163</td>
<td>1 day ago</td>
<td><a href="https://github.com/ZeroMemoryEx/CVE-2025-26125" target="_blank">CVE-2025-26125</a></td>
<td class="mono">( 0day ) Local Privilege Escalation in IObit Malware Fighter</td>
</tr>
<tr>
<td>153</td>
<td>8 days ago</td>
<td><a href="https://github.com/hoefler02/CVE-2025-21756" target="_blank">CVE-2025-21756</a></td>
<td class="mono">Exploit for CVE-2025-21756 for Linux kernel 6.6.75. My first linux kernel exploit!</td>
</tr>
<tr>
<td>136</td>
<td>27 days ago</td>
<td><a href="https://github.com/platsecurity/CVE-2025-32433" target="_blank">CVE-2025-32433</a></td>
<td class="mono">CVE-2025-32433 https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2</td>
</tr>
</tbody>
</table>
@@ -258,13 +196,6 @@
<table data-require-poc data-require-desc>
<thead><tr><th>CVE</th><th>EPSS</th><th>Percentile</th><th>PoCs</th><th>Summary</th></tr></thead>
<tbody>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-9316">CVE-2025-9316</a></td>
<td>0.787</td>
<td>99th</td>
<td>0</td>
<td class="mono">No public description yet.</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8943">CVE-2025-8943</a></td>
<td>0.658</td>
@@ -272,20 +203,6 @@
<td>1</td>
<td class="mono">The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to spin up local MCP Servers. However, Flowise&#39;s inherent authentication and authorization model is minimal and lacks ro...</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8489">CVE-2025-8489</a></td>
<td>0.433</td>
<td>97th</td>
<td>0</td>
<td class="mono">No public description yet.</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8426">CVE-2025-8426</a></td>
<td>0.394</td>
<td>97th</td>
<td>0</td>
<td class="mono">No public description yet.</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8518">CVE-2025-8518</a></td>
<td>0.339</td>
@@ -293,13 +210,6 @@
<td>1</td>
<td class="mono">A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. The manipulation l...</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8868">CVE-2025-8868</a></td>
<td>0.171</td>
<td>95th</td>
<td>0</td>
<td class="mono">No public description yet.</td>
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-8730">CVE-2025-8730</a></td>
<td>0.119</td>
@@ -316,7 +226,7 @@
</tr>
<tr>
<td class="cve-cell"><a href="/cve/?id=CVE-2025-9090">CVE-2025-9090</a></td>
<td>0.083</td>
<td>0.092</td>
<td>92th</td>
<td>4</td>
<td class="mono">A vulnerability was identified in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection. It is possible...</td>
@@ -332,7 +242,6 @@
</table>
</div>
</section>
</main>
<footer class="site-footer">
<div class="wrap">
@@ -342,4 +251,4 @@
</footer>
<script src="/logic.js"></script>
</body>
</html>
</html>

10931
docs/kev/index.html
View File

File diff suppressed because it is too large Load Diff

63
scripts/build_site.py
View File

@@ -1,9 +1,7 @@
from __future__ import annotations
import argparse
from datetime import datetime, timezone
from pathlib import Path
import re
from typing import Dict, Tuple
from jinja2 import Environment, FileSystemLoader, select_autoescape
@@ -57,33 +55,52 @@ def write_snapshot(joined: Dict) -> Path:
return snapshot_path
def select_trending(readme_rows: list[dict]) -> list[dict]:
"""Pick the first 20 entries from the newest year table in README."""
if not readme_rows:
return []
def parse_year(row: dict) -> int | None:
try:
return int(row.get("year"))
except (TypeError, ValueError):
return None
years = [yr for yr in (parse_year(row) for row in readme_rows) if yr is not None]
if not years:
return []
latest_year = max(years)
selected: list[dict] = []
for row in readme_rows:
if parse_year(row) != latest_year:
continue
try:
stars = int(row.get("stars") or 0)
except (TypeError, ValueError):
stars = 0
selected.append(
{
"stars": stars,
"updated": (row.get("updated") or "").strip(),
"name": (row.get("name") or "").strip(),
"url": (row.get("url") or "").strip(),
"desc": (row.get("desc") or "").strip(),
"year": latest_year,
}
)
if len(selected) >= 20:
break
return selected
def build_pages(env: Environment, data: Dict, diff: Dict | None = None, html_mode: str = "summary") -> None:
joined = data["joined"]
details = data["details"]
vendors = data["vendors"]
def is_recent_label(label: str) -> bool:
label = (label or "").lower()
if "minute" in label or "hour" in label:
return True
m = re.search(r"(\d+)\\s*day", label)
if not m:
return False
return int(m.group(1)) <= 4
current_year = datetime.now(timezone.utc).year
def extract_year(name: str) -> int | None:
m = re.search(r"cve-(\\d{4})-", name.lower())
return int(m.group(1)) if m else None
trending_raw = parse_trending_from_readme(README_PATH)
trending = [
row
for row in trending_raw
if is_recent_label(row.get("updated", ""))
and (extract_year(row.get("name", "")) or current_year) >= current_year - 1
]
trending.sort(key=lambda r: int(r.get("stars") or 0), reverse=True)
trending = select_trending(trending_raw)
recent_kev = (diff or {}).get("new_kev_entries") or []
metrics = {
"kev_total": len(data["kev_enriched"]),

1
templates/base.html
View File

@@ -4,6 +4,7 @@
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>{{ title or 'CVE PoC Hub' }}</title>
<link rel="icon" href="/favicon.ico" />
<link rel="stylesheet" href="/style.css" />
<script defer src="/assets/site.js"></script>
</head>

7
templates/index.html
View File

@@ -3,9 +3,8 @@
{% block content %}
<section class="hero hero-signal" data-search-root>
<div class="hero-meta">
<p class="eyebrow">Signal-first</p>
<h1>Search PoCs, KEV, and EPSS without the clutter</h1>
<p class="lede">Built for fast triage. One page, no badges, no filler.</p>
<h1>CVE PoC Hub</h1>
<p class="lede">Search PoCs, KEV, and EPSS quickly—no filler.</p>
</div>
<form class="searchForm" action="#">
<input type="text" class="search" placeholder="Search CVE, vendor, product, or keyword" autocomplete="off">
@@ -38,7 +37,7 @@
<section class="section">
<div class="section-header">
<h1>Trending PoCs</h1>
<span class="muted">Recent GitHub movement (last 4 days, sorted by stars)</span>
<span class="muted">Pulled from the current-year table in README.md</span>
</div>
<div class="table-wrap" data-trending>
<table>