Academic proof-of-concept demonstrating CVE-2025-14847 for authorized security research.
-
Updated
Dec 29, 2025 - Python
Academic proof-of-concept demonstrating CVE-2025-14847 for authorized security research.
Academic proof-of-concept demonstrating CVE-2026-21445 [LangFlow] for authorized security research.
🛠 Exploit the CVE-2025-14847 vulnerability in MongoDB to disclose sensitive heap memory using a Python script that analyzes responses for new leaked data.
motionEye's Absolute Path Traversal in Media File Handlers Allows Arbitrary File Read
Gogs has Path Traversal in organization name that results in RCE through Git hooks
Gorse < 0.5.10 contains an authentication bypass caused by empty admin_api_key in /api/dump and /api/restore endpoints, letting unauthenticated remote attackers access and modify protected data, exploit requires default empty admin_api_key configuration.
Add a description, image, and links to the codeb0ss topic page so that developers can more easily learn about it.
To associate your repository with the codeb0ss topic, visit your repo's landing page and select "manage topics."