From 722d7261bad2d48552e3583dbaf484ad3ace8e10 Mon Sep 17 00:00:00 2001 From: 0xMarcio Date: Wed, 17 Dec 2025 21:06:33 +0100 Subject: [PATCH] Filter trending PoCs to current-year updates --- .github/getTrending.py | 195 ++++++++++++++++++--------------- .github/workflows/hot_cves.yml | 2 + .github/workflows/site.yml | 2 + README.md | 143 ++---------------------- docs/index.html | 138 ++++++----------------- scripts/build_site.py | 58 ++++++++-- templates/index.html | 2 +- 7 files changed, 199 insertions(+), 341 deletions(-) diff --git a/.github/getTrending.py b/.github/getTrending.py index edc89cfa93..3fca31f89f 100644 --- a/.github/getTrending.py +++ b/.github/getTrending.py @@ -1,99 +1,114 @@ #!/usr/bin/env python3 -# -*- coding:utf-8 -*- +"""Regenerate the Trending PoCs table in README.md. + +- Only consider repositories whose names contain the current year's CVE pattern (e.g., CVE-2025-1234). +- Restrict to repositories updated in the last 4 days. +- Sort by most recently updated, then stars, and emit up to 20 rows. +""" + +from __future__ import annotations + +import os +import re +from datetime import datetime, timedelta, timezone +from pathlib import Path +from typing import Iterable, List, TypedDict + import requests -import json -from datetime import datetime + +WINDOW_DAYS = 4 +MAX_ROWS = 20 -def time_ago(datetime_str): - datetime_obj = datetime.strptime(datetime_str, "%Y-%m-%dT%H:%M:%SZ") - current_datetime = datetime.now() - delta = current_datetime - datetime_obj +class Repo(TypedDict): + name: str + html_url: str + description: str | None + stargazers_count: int + updated_at: str + + +def github_headers() -> dict: + token = os.environ.get("GITHUB_TOKEN") or os.environ.get("GH_TOKEN") + headers = {"Accept": "application/vnd.github+json"} + if token: + headers["Authorization"] = f"Bearer {token}" + return headers + + +def time_ago(updated_at: str, now: datetime) -> str: + dt = datetime.strptime(updated_at, "%Y-%m-%dT%H:%M:%SZ").replace(tzinfo=timezone.utc) + delta = now - dt if delta.days > 0: - if delta.days == 1: - return "1 day ago" - else: - return f"{delta.days} days ago" - elif delta.seconds >= 3600: - hours = delta.seconds // 3600 - if hours == 1: - return "1 hour ago" - else: - return f"{hours} hours ago" - elif delta.seconds >= 60: - minutes = delta.seconds // 60 - if minutes == 1: - return "1 minute ago" - else: - return f"{minutes} minutes ago" + return "1 day ago" if delta.days == 1 else f"{delta.days} days ago" + hours = delta.seconds // 3600 + if hours: + return "1 hour ago" if hours == 1 else f"{hours} hours ago" + minutes = (delta.seconds % 3600) // 60 + if minutes: + return "1 minute ago" if minutes == 1 else f"{minutes} minutes ago" + return "just now" + + +def fetch_trending(current_year: int, cutoff: datetime) -> List[Repo]: + query = f"CVE-{current_year} in:name stars:>2 pushed:>={cutoff.date().isoformat()} archived:false" + url = "https://api.github.com/search/repositories" + params = { + "q": query, + "sort": "updated", + "order": "desc", + "per_page": 100, + "page": 1, + } + resp = requests.get(url, params=params, headers=github_headers(), timeout=30) + resp.raise_for_status() + items: Iterable[Repo] = resp.json().get("items", []) + pattern = re.compile(rf"cve-{current_year}-\d+", re.IGNORECASE) + filtered: List[Repo] = [] + for item in items: + name = item.get("name", "") + updated_at = item.get("updated_at") + if not updated_at or not pattern.search(name or ""): + continue + updated_dt = datetime.strptime(updated_at, "%Y-%m-%dT%H:%M:%SZ").replace(tzinfo=timezone.utc) + if updated_dt < cutoff: + continue + filtered.append(item) + # Already sorted by updated desc; break ties by stars + filtered.sort(key=lambda r: (-datetime.strptime(r["updated_at"], "%Y-%m-%dT%H:%M:%SZ").timestamp(), -int(r.get("stargazers_count", 0)))) + return filtered[:MAX_ROWS] + + +def build_rows(repos: List[Repo], now: datetime) -> List[str]: + rows: List[str] = [] + for repo in repos: + desc = repo.get("description") or "" + stars = int(repo.get("stargazers_count", 0)) + updated = time_ago(repo["updated_at"], now) + rows.append(f"| {stars}⭐ | {updated} | [{repo['name']}]({repo['html_url']}) | {desc} |") + return rows + + +def main() -> None: + current_year = datetime.now(timezone.utc).year + cutoff = datetime.now(timezone.utc) - timedelta(days=WINDOW_DAYS) + now = datetime.now(timezone.utc) + + repos = fetch_trending(current_year, cutoff) + + output: List[str] = ['

Recently updated Proof-of-Concepts

'] + output.append(f"\n\n## {current_year}\n") + output.append(f"### Updated in the last {WINDOW_DAYS} days (up to {MAX_ROWS} repos)\n") + output.append("| Stars | Updated | Name | Description |") + output.append("| --- | --- | --- | --- |") + if repos: + output.extend(build_rows(repos, now)) else: - return "just now" + output.append("| 0⭐ | — | No recent CVE PoCs | No repositories matched the filters. |") -current_year = datetime.now().year -total_repos_per_year = {} -#tz_header = {"Time-Zone": "Europe/Amsterdam"} + Path("README.md").write_text("\n".join(output), encoding="utf-8") + print(f"Wrote {len(repos)} rows for {current_year}") -repositories_by_year = {} -for year in range(current_year, current_year - 5, -1): - year_repositories = [] - print(f"Fetching data for {year}") - response = requests.get(f'https://api.github.com/search/repositories?q=CVE-{year}%20in:name%20%20stars:>2%20language:Shell%20language:Go%20language:ASP%20language:WebAssembly%20language:R%20language:Lua%20language:Python%20%20%20language:C++%20language:C%20language:JavaScript%20language:Perl%20language:PowerShell%20language:Ruby%20language:Rust%20language:Java%20%20language:PHP&s=updated&o=desc&page=1&per_page=20') - if response.status_code != 200: - print(f"Failed to fetch data for year {year}: {response.status_code}") - continue - data = response.json() - total_count = data.get("total_count", 0) - print(f"Found: {total_count}") - total_repos_per_year[year] = total_count - if "items" in data: - items = data["items"] - if items: - year_repositories.extend(items) - else: - print(f"No more items found for year {year}") - - if year_repositories: - # Sort the repositories by stargazers_count in descending order - #year_repositories.sort(key=lambda repo: repo['stargazers_count'], reverse=True) - repositories_by_year[year] = year_repositories - -# Define a class to handle repository information -class RepositoryInfo: - def __init__(self, description, stargazers_count, name, html_url, updated_at): - self.description = description - self.stargazers_count = stargazers_count - self.name = name - self.html_url = html_url - self.updated_at = updated_at - - def __hash__(self): - return hash(self.name + self.html_url) - - def __eq__(self, other): - return self.html_url == other.html_url and self.name == other.name - -final_output = ['

Recently updated Proof-of-Concepts

'] -for year in range(current_year, current_year - 5, -1): - if year in repositories_by_year: - year_repositories = repositories_by_year[year] - year_repositories = [RepositoryInfo(repo["description"], repo["stargazers_count"], repo["name"], repo["html_url"], repo["updated_at"]) for repo in year_repositories] - - final_output.append(f"\n\n## {year}\n") - final_output.append(f"### Latest 20 of {total_repos_per_year[year]} Repositories\n") - final_output.append("| Stars | Updated | Name | Description |") - final_output.append("| --- | --- | --- | --- |") - - for repo in year_repositories: - try: - description = repo.description or "" - updated = time_ago(repo.updated_at) - final_output.append(f"| {repo.stargazers_count}⭐ | {updated} | [{repo.name}]({repo.html_url}) | {description} |") - except Exception as e: - print(f"Error generating final output for repository {repo.name}: {e}") - pass - -if repositories_by_year: - with open("README.md", "w", encoding="utf-8") as file: - file.write("\n".join(final_output)) - print("Final output written to README.md") +if __name__ == "__main__": + main() diff --git a/.github/workflows/hot_cves.yml b/.github/workflows/hot_cves.yml index e2b83b0262..f40c2189d6 100644 --- a/.github/workflows/hot_cves.yml +++ b/.github/workflows/hot_cves.yml @@ -24,6 +24,8 @@ jobs: cd /home/runner/work/cve/cve pip install requests python .github/getTrending.py + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Check for changes and commit if necessary run: | diff --git a/.github/workflows/site.yml b/.github/workflows/site.yml index 1c8c0dab42..fae1509d56 100644 --- a/.github/workflows/site.yml +++ b/.github/workflows/site.yml @@ -12,6 +12,8 @@ on: - 'templates/**' - 'docs/assets/**' - 'README.md' + - '.github/getTrending.py' + - '.github/workflows/hot_cves.yml' - 'requirements.txt' - '.github/workflows/site.yml' diff --git a/README.md b/README.md index 7c58b3cee8..9ef59a29a1 100644 --- a/README.md +++ b/README.md @@ -1,140 +1,17 @@

Recently updated Proof-of-Concepts

+ ## 2025 -### Latest 20 of 433 Repositories +### Updated in the last 4 days (up to 20 repos) | Stars | Updated | Name | Description | | --- | --- | --- | --- | -| 1241⭐ | 2 hours ago | [CVE-2025-55182](https://github.com/msanft/CVE-2025-55182) | Explanation and full RCE PoC for CVE-2025-55182 | -| 775⭐ | 3 hours ago | [CVE-2025-55182-research](https://github.com/ejpir/CVE-2025-55182-research) | CVE-2025-55182 POC | -| 495⭐ | 8 days ago | [CVE-2018-20250](https://github.com/WyAtu/CVE-2018-20250) | exp for https://research.checkpoint.com/extracting-code-execution-from-winrar | -| 607⭐ | 20 hours ago | [CVE-2025-33073](https://github.com/mverschu/CVE-2025-33073) | PoC Exploit for the NTLM reflection SMB flaw. | -| 496⭐ | 4 days ago | [CVE-2025-32463_chwoot](https://github.com/pr0v3rbs/CVE-2025-32463_chwoot) | Escalation of Privilege to the root through sudo binary with chroot option. CVE-2025-32463 | -| 419⭐ | 5 hours ago | [CVE-2025-32463](https://github.com/kh4sh3i/CVE-2025-32463) | Local Privilege Escalation to Root via Sudo chroot in Linux | -| 305⭐ | 1 day ago | [CVE-2025-53770-Exploit](https://github.com/soltanali0/CVE-2025-53770-Exploit) | SharePoint WebPart Injection Exploit Tool | -| 289⭐ | 4 hours ago | [CVE-2025-55182](https://github.com/emredavut/CVE-2025-55182) | RSC/Next.js RCE Vulnerability Detector & PoC Chrome Extension – CVE-2025-55182 & CVE-2025-66478 | -| 901⭐ | 1 hour ago | [React2Shell-CVE-2025-55182-original-poc](https://github.com/lachlan2k/React2Shell-CVE-2025-55182-original-poc) | Original Proof-of-Concepts for React2Shell CVE-2025-55182 | -| 386⭐ | 4 days ago | [CVE-2025-24071_PoC](https://github.com/0x6rss/CVE-2025-24071_PoC) | CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File | -| 207⭐ | 1 day ago | [CVE-2025-32023](https://github.com/leesh3288/CVE-2025-32023) | PoC & Exploit for CVE-2025-32023 / PlaidCTF 2025 "Zerodeo" | -| 396⭐ | 6 days ago | [ColorOS-CVE-2025-10184](https://github.com/yuuouu/ColorOS-CVE-2025-10184) | ColorOS短信漏洞,以及用户自救方案 | -| 180⭐ | 6 days ago | [POC-CVE-2025-24813](https://github.com/absholi7ly/POC-CVE-2025-24813) | his repository contains an automated Proof of Concept (PoC) script for exploiting **CVE-2025-24813**, a Remote Code Execution (RCE) vulnerability in Apache Tomcat. The vulnerability allows an attacker to upload a malicious serialized payload to the server, leading to arbitrary code execution via deserialization when specific conditions are met. | -| 256⭐ | 15 minutes ago | [CVE-2025-55182-advanced-scanner-](https://github.com/zack0x01/CVE-2025-55182-advanced-scanner-) | | -| 357⭐ | 1 hour ago | [Next.js-RSC-RCE-Scanner-CVE-2025-66478](https://github.com/Malayke/Next.js-RSC-RCE-Scanner-CVE-2025-66478) | A command-line scanner for batch detection of Next.js application versions and determining if they are affected by CVE-2025-66478 vulnerability. | -| 198⭐ | 4 days ago | [CVE-2025-30208-EXP](https://github.com/ThumpBo/CVE-2025-30208-EXP) | CVE-2025-30208-EXP | -| 73⭐ | 6 days ago | [cve-2025-8088](https://github.com/4daysday/cve-2025-8088) | Path traversal tool based on cve-2025-8088 | -| 163⭐ | 1 day ago | [CVE-2025-26125](https://github.com/ZeroMemoryEx/CVE-2025-26125) | ( 0day ) Local Privilege Escalation in IObit Malware Fighter | -| 153⭐ | 8 days ago | [CVE-2025-21756](https://github.com/hoefler02/CVE-2025-21756) | Exploit for CVE-2025-21756 for Linux kernel 6.6.75. My first linux kernel exploit! | -| 136⭐ | 27 days ago | [CVE-2025-32433](https://github.com/platsecurity/CVE-2025-32433) | CVE-2025-32433 https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2 | - - -## 2024 - -### Latest 20 of 621 Repositories - -| Stars | Updated | Name | Description | -| --- | --- | --- | --- | -| 2421⭐ | 20 hours ago | [CVE-2024-1086](https://github.com/Notselwyn/CVE-2024-1086) | Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images. | -| 685⭐ | 11 days ago | [CVE-2024-38063](https://github.com/ynwarcs/CVE-2024-38063) | poc for CVE-2024-38063 (RCE in tcpip.sys) | -| 489⭐ | 5 hours ago | [cve-2024-6387-poc](https://github.com/zgzhang/cve-2024-6387-poc) | a signal handler race condition in OpenSSH's server (sshd) | -| 507⭐ | 1 day ago | [CVE-2024-49113](https://github.com/SafeBreach-Labs/CVE-2024-49113) | LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113 | -| 507⭐ | 1 day ago | [CVE-2024-6387_Check](https://github.com/xaitax/CVE-2024-6387_Check) | CVE-2024-6387_Check is a lightweight, efficient tool designed to identify servers running vulnerable versions of OpenSSH | -| 217⭐ | 8 hours ago | [CVE-2024-38077](https://github.com/qi4L/CVE-2024-38077) | RDL的堆溢出导致的RCE | -| 384⭐ | 12 days ago | [cve-2024-6387-poc](https://github.com/acrono/cve-2024-6387-poc) | 32-bit PoC for CVE-2024-6387 — mirror of the original 7etsuo/cve-2024-6387-poc | -| 321⭐ | 3 days ago | [CVE-2024-0044](https://github.com/0xbinder/CVE-2024-0044) | CVE-2024-0044: a "run-as any app" high-severity vulnerability affecting Android versions 12 and 13 | -| 302⭐ | 11 days ago | [CVE-2024-4577](https://github.com/watchtowrlabs/CVE-2024-4577) | PHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC | -| 310⭐ | 6 hours ago | [CVE-2024-21338](https://github.com/hakaioffsec/CVE-2024-21338) | Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled. | -| 752⭐ | 17 hours ago | [CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability](https://github.com/xaitax/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability) | Microsoft-Outlook-Remote-Code-Execution-Vulnerability | -| 183⭐ | 3 days ago | [CVE-2024-21413](https://github.com/CMNatic/CVE-2024-21413) | CVE-2024-21413 PoC for THM Lab | -| 236⭐ | 30 days ago | [CVE_2024_30078_POC_WIFI](https://github.com/blkph0x/CVE_2024_30078_POC_WIFI) | basic concept for the latest windows wifi driver CVE | -| 8⭐ | 166 days ago | [CVE-2024-38077-POC](https://github.com/SecStarBot/CVE-2024-38077-POC) | | -| 164⭐ | 6 days ago | [CVE-2024-6387](https://github.com/Karmakstylez/CVE-2024-6387) | Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387) | -| 200⭐ | 67 days ago | [CVE-2024-23897](https://github.com/h4x0r-dz/CVE-2024-23897) | CVE-2024-23897 | -| 176⭐ | 20 hours ago | [CVE-2024-25600](https://github.com/Chocapikk/CVE-2024-25600) | Unauthenticated Remote Code Execution – Bricks <= 1.9.6 | -| 156⭐ | 36 days ago | [CVE-2024-21413](https://github.com/duy-31/CVE-2024-21413) | Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POC | -| 83⭐ | 11 days ago | [CVE-2024-40725-CVE-2024-40898](https://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898) | CVE-2024-40725 and CVE-2024-40898, affecting Apache HTTP Server versions 2.4.0 through 2.4.61. These flaws pose significant risks to web servers worldwide, potentially leading to source code disclosure and server-side request forgery (SSRF) attacks. | -| 141⭐ | 3 days ago | [cve-2024-20017](https://github.com/mellow-hype/cve-2024-20017) | exploits for CVE-2024-20017 | - - -## 2023 - -### Latest 20 of 509 Repositories - -| Stars | Updated | Name | Description | -| --- | --- | --- | --- | -| 788⭐ | 16 days ago | [CVE-2023-38831-winrar-exploit](https://github.com/b1tg/CVE-2023-38831-winrar-exploit) | CVE-2023-38831 winrar exploit generator | -| 504⭐ | 32 days ago | [Windows_LPE_AFD_CVE-2023-21768](https://github.com/chompie1337/Windows_LPE_AFD_CVE-2023-21768) | LPE exploit for CVE-2023-21768 | -| 371⭐ | 4 days ago | [CVE-2023-32233](https://github.com/Liuk3r/CVE-2023-32233) | CVE-2023-32233: Linux内核中的安全漏洞 | -| 108⭐ | 23 days ago | [CVE-2023-21839](https://github.com/ASkyeye/CVE-2023-21839) | Weblogic CVE-2023-21839 RCE (无需Java依赖一键RCE) | -| 408⭐ | 7 days ago | [CVE-2023-0386](https://github.com/xkaneiki/CVE-2023-0386) | CVE-2023-0386在ubuntu22.04上的提权 | -| 387⭐ | 4 days ago | [CVE-2023-4911](https://github.com/leesh3288/CVE-2023-4911) | PoC for CVE-2023-4911 | -| 280⭐ | 3 days ago | [CVE-2023-21608](https://github.com/hacksysteam/CVE-2023-21608) | Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit | -| 318⭐ | 2 days ago | [CVE-2023-4863](https://github.com/mistymntncop/CVE-2023-4863) | | -| 243⭐ | 22 days ago | [CVE-2023-44487](https://github.com/bcdannyboy/CVE-2023-44487) | Basic vulnerability scanning to see if web servers may be vulnerable to CVE-2023-44487 | -| 167⭐ | 1 day ago | [CVE-2023-36745](https://github.com/N1k0la-T/CVE-2023-36745) | | -| 231⭐ | 63 days ago | [CVE-2023-20887](https://github.com/sinsinology/CVE-2023-20887) | VMWare vRealize Network Insight Pre-Authenticated RCE (CVE-2023-20887) | -| 347⭐ | 72 days ago | [CVE-2023-23397-POC-Powershell](https://github.com/api0cradle/CVE-2023-23397-POC-Powershell) | | -| 241⭐ | 20 hours ago | [CVE-2023-7028](https://github.com/Vozec/CVE-2023-7028) | This repository presents a proof-of-concept of CVE-2023-7028 | -| 229⭐ | 20 hours ago | [CVE-2023-3519](https://github.com/BishopFox/CVE-2023-3519) | RCE exploit for CVE-2023-3519 | -| 178⭐ | 22 hours ago | [CVE-2023-28252](https://github.com/fortra/CVE-2023-28252) | | -| 131⭐ | 17 days ago | [CVE-2023-2640-CVE-2023-32629](https://github.com/g1vi/CVE-2023-2640-CVE-2023-32629) | GameOver(lay) Ubuntu Privilege Escalation | -| 241⭐ | 76 days ago | [Weblogic-CVE-2023-21839](https://github.com/DXask88MA/Weblogic-CVE-2023-21839) | | -| 204⭐ | 5 hours ago | [CVE-2023-46747-RCE](https://github.com/W01fh4cker/CVE-2023-46747-RCE) | exploit for f5-big-ip RCE cve-2023-46747 | -| 234⭐ | 16 days ago | [CVE-2023-29357](https://github.com/Chocapikk/CVE-2023-29357) | Microsoft SharePoint Server Elevation of Privilege Vulnerability | -| 171⭐ | 60 days ago | [CVE-2023-25157](https://github.com/win3zz/CVE-2023-25157) | CVE-2023-25157 - GeoServer SQL Injection - PoC | - - -## 2022 - -### Latest 20 of 561 Repositories - -| Stars | Updated | Name | Description | -| --- | --- | --- | --- | -| 1123⭐ | 3 days ago | [CVE-2022-0847-DirtyPipe-Exploit](https://github.com/Arinerron/CVE-2022-0847-DirtyPipe-Exploit) | A root exploit for CVE-2022-0847 (Dirty Pipe) | -| 577⭐ | 11 days ago | [CVE-2022-23222](https://github.com/tr3ee/CVE-2022-23222) | CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation | -| 364⭐ | 56 days ago | [CVE-2022-21907](https://github.com/ZZ-SOCMAP/CVE-2022-21907) | HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2022-21907 | -| 356⭐ | 1 day ago | [CVE-2022-40684](https://github.com/horizon3ai/CVE-2022-40684) | A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager | -| 374⭐ | 4 days ago | [CVE-2022-29464](https://github.com/hakivvi/CVE-2022-29464) | WSO2 RCE (CVE-2022-29464) exploit and writeup. | -| 434⭐ | 25 days ago | [CVE-2022-25636](https://github.com/Bonfee/CVE-2022-25636) | CVE-2022-25636 | -| 664⭐ | 16 hours ago | [CVE-2022-0847-DirtyPipe-Exploits](https://github.com/AlexisAhmed/CVE-2022-0847-DirtyPipe-Exploits) | A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability. | -| 485⭐ | 22 days ago | [CVE-2022-2588](https://github.com/Markakd/CVE-2022-2588) | exploit for CVE-2022-2588 | -| 496⭐ | 22 days ago | [CVE-2022-0995](https://github.com/Bonfee/CVE-2022-0995) | CVE-2022-0995 exploit | -| 387⭐ | 18 days ago | [CVE-2022-39197](https://github.com/its-arun/CVE-2022-39197) | CobaltStrike <= 4.7.1 RCE | -| 279⭐ | 7 days ago | [CVE-2022-0847](https://github.com/r1is/CVE-2022-0847) | CVE-2022-0847-DirtyPipe-Exploit CVE-2022-0847 是存在于 Linux内核 5.8 及之后版本中的本地提权漏洞。攻击者通过利用此漏洞,可覆盖重写任意可读文件中的数据,从而可将普通权限的用户提升到特权 root。 CVE-2022-0847 的漏洞原理类似于 CVE-2016-5195 脏牛漏洞(Dirty Cow),但它更容易被利用。漏洞作者将此漏洞命名为“Dirty Pipe” | -| 414⭐ | 22 days ago | [CVE-2022-33679](https://github.com/Bdenneu/CVE-2022-33679) | One day based on https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html | -| 343⭐ | 10 days ago | [CVE-2022-21894](https://github.com/Wack0/CVE-2022-21894) | baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability | -| 376⭐ | 7 days ago | [CVE-2022-0185](https://github.com/Crusaders-of-Rust/CVE-2022-0185) | CVE-2022-0185 | -| 278⭐ | 47 days ago | [cve-2022-27255](https://github.com/infobyte/cve-2022-27255) | | -| 267⭐ | 28 days ago | [CVE-2022-39952](https://github.com/horizon3ai/CVE-2022-39952) | POC for CVE-2022-39952 | -| 485⭐ | 4 hours ago | [CVE-2022-38694_unlock_bootloader](https://github.com/TomKing062/CVE-2022-38694_unlock_bootloader) | This is a one-time signature verification bypass. For persistent signature verification bypass, check https://github.com/TomKing062/CVE-2022-38691_38692 | -| 238⭐ | 32 days ago | [CVE-2022-20699](https://github.com/Audiobahn/CVE-2022-20699) | Cisco Anyconnect VPN unauth RCE (rwx stack) | -| 229⭐ | 9 days ago | [CVE-2022-30075](https://github.com/aaronsvk/CVE-2022-30075) | Tp-Link Archer AX50 Authenticated RCE (CVE-2022-30075) | -| 218⭐ | 11 days ago | [CVE-2022-34918](https://github.com/veritas501/CVE-2022-34918) | CVE-2022-34918 netfilter nf_tables 本地提权 POC | - - -## 2021 - -### Latest 20 of 517 Repositories - -| Stars | Updated | Name | Description | -| --- | --- | --- | --- | -| 2020⭐ | 1 day ago | [CVE-2021-4034](https://github.com/berdav/CVE-2021-4034) | CVE-2021-4034 1day | -| 1119⭐ | 6 days ago | [CVE-2021-4034](https://github.com/arthepsy/CVE-2021-4034) | PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034) | -| 1080⭐ | 6 days ago | [CVE-2021-1675](https://github.com/calebstewart/CVE-2021-1675) | Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare) | -| 1000⭐ | 9 days ago | [CVE-2021-3156](https://github.com/blasty/CVE-2021-3156) | | -| 784⭐ | 27 days ago | [CVE-2021-3156](https://github.com/worawit/CVE-2021-3156) | Sudo Baron Samedit Exploit | -| 832⭐ | 22 days ago | [CVE-2021-31166](https://github.com/0vercl0k/CVE-2021-31166) | Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely. | -| 860⭐ | 6 days ago | [CVE-2021-44228-Scanner](https://github.com/logpresso/CVE-2021-44228-Scanner) | Vulnerability scanner and mitigation patch for Log4j2 CVE-2021-44228 | -| 498⭐ | 11 days ago | [CVE-2021-21972](https://github.com/NS-Sp4ce/CVE-2021-21972) | CVE-2021-21972 Exploit | -| 431⭐ | 5 hours ago | [CVE-2021-3493](https://github.com/briskets/CVE-2021-3493) | Ubuntu OverlayFS Local Privesc | -| 435⭐ | 22 days ago | [CVE-2021-3156](https://github.com/stong/CVE-2021-3156) | PoC for CVE-2021-3156 (sudo heap overflow) | -| 284⭐ | 23 days ago | [CVE-2021-22205](https://github.com/Al1ex/CVE-2021-22205) | CVE-2021-22205& GitLab CE/EE RCE | -| 267⭐ | 7 hours ago | [CVE-2021-21972](https://github.com/horizon3ai/CVE-2021-21972) | Proof of Concept Exploit for vCenter CVE-2021-21972 | -| 291⭐ | 2 days ago | [CVE-2021-36260](https://github.com/Aiminsun/CVE-2021-36260) | command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands. | -| 295⭐ | 2 hours ago | [CVE-2021-34527](https://github.com/JohnHammond/CVE-2021-34527) | | -| 364⭐ | 8 days ago | [Grafana-CVE-2021-43798](https://github.com/jas502n/Grafana-CVE-2021-43798) | Grafana Unauthorized arbitrary file reading vulnerability | -| 349⭐ | 62 days ago | [CVE-2021-44228_scanner](https://github.com/CERTCC/CVE-2021-44228_scanner) | Scanners for Jar files that may be vulnerable to CVE-2021-44228 | -| 312⭐ | 4 days ago | [CVE-2021-26084_Confluence](https://github.com/hev0x/CVE-2021-26084_Confluence) | Confluence Server Webwork OGNL injection | -| 328⭐ | 6 days ago | [CVE-2021-1675-LPE](https://github.com/hlldz/CVE-2021-1675-LPE) | Local Privilege Escalation Edition for CVE-2021-1675/CVE-2021-34527 | -| 233⭐ | 92 days ago | [CVE-2021-38647](https://github.com/horizon3ai/CVE-2021-38647) | Proof on Concept Exploit for CVE-2021-38647 (OMIGOD) | -| 235⭐ | 15 days ago | [CVE-2021-24086](https://github.com/0vercl0k/CVE-2021-24086) | Proof of concept for CVE-2021-24086, a NULL dereference in tcpip.sys triggered remotely. | +| 360⭐ | 2 hours ago | [Next.js-RSC-RCE-Scanner-CVE-2025-66478](https://github.com/Malayke/Next.js-RSC-RCE-Scanner-CVE-2025-66478) | A command-line scanner for batch detection of Next.js application versions and determining if they are affected by CVE-2025-66478 vulnerability. | +| 4⭐ | 13 hours ago | [CVE-2025-66478-POC](https://github.com/wangxso/CVE-2025-66478-POC) | CVE-2025-66478 Proof of Concept | +| 4⭐ | 22 hours ago | [CVE-2025-65318-and-CVE-2025-65319](https://github.com/bbaboha/CVE-2025-65318-and-CVE-2025-65319) | Insecure attachment handling when using Canary Mail or Blue mail | +| 6⭐ | 1 day ago | [CVE-2025-55184-POC-Expolit](https://github.com/cybertechajju/CVE-2025-55184-POC-Expolit) | | +| 78⭐ | 1 day ago | [Blackash-CVE-2025-55182](https://github.com/Ashwesker/Blackash-CVE-2025-55182) | CVE-2025-55182 | +| 3⭐ | 1 day ago | [CVE-2025-54100](https://github.com/ThemeHackers/CVE-2025-54100) | CVE-2025-54100 (CVSS 7.8 High) is a command injection vulnerability in the Invoke-WebRequest cmdlet of Windows PowerShell 5.1. It arises from improper neutralization of special elements during the automatic parsing of Web responses. | +| 17⭐ | 1 day ago | [CVE-2025-55182](https://github.com/ThemeHackers/CVE-2025-55182) | a critical Remote Code Execution (RCE) vulnerability in React Server Components (RSC). It also includes a realistic "Lab Environment" to safely test and understand the vulnerability. | +| 5⭐ | 3 days ago | [CVE-2025-55182-golang-PoC](https://github.com/keklick1337/CVE-2025-55182-golang-PoC) | CVE-2025-55182 React Server Components RCE - Go PoC | \ No newline at end of file diff --git a/docs/index.html b/docs/index.html index 56049de347..4da3ba7f39 100644 --- a/docs/index.html +++ b/docs/index.html @@ -56,131 +56,59 @@

Trending PoCs

- Pulled from the current-year table in README.md + Current year, updated in the last 4 days
- + - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + - - - - + + + + - + - - + + - - - - + + + + - - - - + + + + + + + + + + + + + + + +
StarsUpdatedNameDescription
1241360 2 hours agoCVE-2025-55182Explanation and full RCE PoC for CVE-2025-55182
7753 hours agoCVE-2025-55182-researchCVE-2025-55182 POC
4958 days agoCVE-2018-20250exp for https://research.checkpoint.com/extracting-code-execution-from-winrar
60720 hours agoCVE-2025-33073PoC Exploit for the NTLM reflection SMB flaw.
4964 days agoCVE-2025-32463_chwootEscalation of Privilege to the root through sudo binary with chroot option. CVE-2025-32463
4195 hours agoCVE-2025-32463Local Privilege Escalation to Root via Sudo chroot in Linux
3051 day agoCVE-2025-53770-ExploitSharePoint WebPart Injection Exploit Tool
2894 hours agoCVE-2025-55182RSC/Next.js RCE Vulnerability Detector & PoC Chrome Extension – CVE-2025-55182 & CVE-2025-66478
9011 hour agoReact2Shell-CVE-2025-55182-original-pocOriginal Proof-of-Concepts for React2Shell CVE-2025-55182
3864 days agoCVE-2025-24071_PoCCVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File
2071 day agoCVE-2025-32023PoC & Exploit for CVE-2025-32023 / PlaidCTF 2025 "Zerodeo"
3966 days agoColorOS-CVE-2025-10184ColorOS短信漏洞,以及用户自救方案
1806 days agoPOC-CVE-2025-24813his repository contains an automated Proof of Concept (PoC) script for exploiting **CVE-2025-24813**, a Remote Code Execution (RCE) vulnerability in Apache Tomcat. The vulnerability allows an attacker to upload a malicious serialized payload to the server, leading to arbitrary code execution via deserialization when specific conditions are met.
25615 minutes agoCVE-2025-55182-advanced-scanner-
3571 hour ago Next.js-RSC-RCE-Scanner-CVE-2025-66478 A command-line scanner for batch detection of Next.js application versions and determining if they are affected by CVE-2025-66478 vulnerability.
1984 days agoCVE-2025-30208-EXPCVE-2025-30208-EXP413 hours agoCVE-2025-66478-POCCVE-2025-66478 Proof of Concept
736 days agocve-2025-8088Path traversal tool based on cve-2025-8088422 hours agoCVE-2025-65318-and-CVE-2025-65319Insecure attachment handling when using Canary Mail or Blue mail
16378 1 day agoCVE-2025-26125( 0day ) Local Privilege Escalation in IObit Malware FighterBlackash-CVE-2025-55182CVE-2025-55182
1538 days agoCVE-2025-21756Exploit for CVE-2025-21756 for Linux kernel 6.6.75. My first linux kernel exploit!171 day agoCVE-2025-55182a critical Remote Code Execution (RCE) vulnerability in React Server Components (RSC). It also includes a realistic "Lab Environment" to safely test and understand the vulnerability.
13627 days agoCVE-2025-32433CVE-2025-32433 https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc261 day agoCVE-2025-55184-POC-Expolit
31 day agoCVE-2025-54100CVE-2025-54100 (CVSS 7.8 High) is a command injection vulnerability in the Invoke-WebRequest cmdlet of Windows PowerShell 5.1. It arises from improper neutralization of special elements during the automatic parsing of Web responses.
53 days agoCVE-2025-55182-golang-PoCCVE-2025-55182 React Server Components RCE - Go PoC
diff --git a/scripts/build_site.py b/scripts/build_site.py index 4f3c714c1f..ad84c195e3 100644 --- a/scripts/build_site.py +++ b/scripts/build_site.py @@ -1,7 +1,9 @@ from __future__ import annotations import argparse +from datetime import timedelta from pathlib import Path +import re from typing import Dict, Tuple from jinja2 import Environment, FileSystemLoader, select_autoescape @@ -23,6 +25,7 @@ from build_diffs import build_diff, prune_snapshots KEV_DATA = DOCS_DIR.parent / "data" / "kev.json" EPSS_DATA = DOCS_DIR.parent / "data" / "epss.json" README_PATH = DOCS_DIR.parent / "README.md" +TRENDING_WINDOW = timedelta(days=4) def build_env() -> Environment: @@ -55,26 +58,59 @@ def write_snapshot(joined: Dict) -> Path: return snapshot_path +def _parse_year(row: dict) -> int | None: + try: + return int(row.get("year")) + except (TypeError, ValueError): + return None + + +def _age_from_label(label: str) -> timedelta | None: + text = (label or "").strip().lower() + if text == "just now": + return timedelta() + match = re.match(r"(?P\d+)\s+(?Pminute|minutes|hour|hours|day|days)\s+ago", text) + if not match: + return None + value = int(match.group("value")) + unit = match.group("unit") + if unit.startswith("minute"): + return timedelta(minutes=value) + if unit.startswith("hour"): + return timedelta(hours=value) + return timedelta(days=value) + + +def _is_current_year_name(name: str, year: int) -> bool: + return bool(re.search(rf"cve-{year}-\d+", name or "", re.IGNORECASE)) + + def select_trending(readme_rows: list[dict]) -> list[dict]: - """Pick the first 20 entries from the newest year table in README.""" + """Pick up to 20 entries from the newest year table, filtered to last 4 days and matching the current year.""" if not readme_rows: return [] - def parse_year(row: dict) -> int | None: - try: - return int(row.get("year")) - except (TypeError, ValueError): - return None - - years = [yr for yr in (parse_year(row) for row in readme_rows) if yr is not None] + years = [yr for yr in (_parse_year(row) for row in readme_rows) if yr is not None] if not years: return [] latest_year = max(years) - selected: list[dict] = [] + filtered: list[tuple[dict, timedelta]] = [] for row in readme_rows: - if parse_year(row) != latest_year: + if _parse_year(row) != latest_year: continue + if not _is_current_year_name(row.get("name", ""), latest_year): + continue + age = _age_from_label(row.get("updated", "")) + if age is None or age > TRENDING_WINDOW: + continue + filtered.append((row, age)) + + # Sort by freshness then stars + filtered.sort(key=lambda pair: (pair[1], -int(pair[0].get("stars") or 0))) + + selected: list[dict] = [] + for row, _age in filtered[:20]: try: stars = int(row.get("stars") or 0) except (TypeError, ValueError): @@ -89,8 +125,6 @@ def select_trending(readme_rows: list[dict]) -> list[dict]: "year": latest_year, } ) - if len(selected) >= 20: - break return selected diff --git a/templates/index.html b/templates/index.html index 683b895f71..f635b6d7ef 100644 --- a/templates/index.html +++ b/templates/index.html @@ -37,7 +37,7 @@

Trending PoCs

- Pulled from the current-year table in README.md + Current year, updated in the last 4 days