Vulnerability Disclosure — FreeIntelHub

Exploit Database Vulnerability Disclosure Apr 30

[webapps] Frigate NVR 0.16.3 - Remote Code Execution

Frigate NVR 0.16.

T1190

Exploit Database →

Exploit Database Vulnerability Disclosure Apr 30

[webapps] Js2Py 0.74 - RCE

Js2Py 0.

Exploit Database →

Exploit Database Vulnerability Disclosure Apr 30

[webapps] Erugo 0.2.14 - Remote Code Execution (RCE)

Erugo 0.2.

T1190

Exploit Database →

The Hacker News Vulnerability Disclosure Apr 29

Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately

cPanel has released security updates to address a security issue impacting various authentication paths that could allow an attacker to obtain access to the ...

The Hacker News →

Exploit Database Vulnerability Disclosure Apr 29

[webapps] HAX CMS 24.x - Stored Cross-Site Scripting (XSS)

HAX CMS 24.

Exploit Database →

Exploit Database Vulnerability Disclosure Apr 29

[webapps] Craft CMS 5.6.16 - RCE

Craft CMS 5.6.

Exploit Database →

Exploit Database Vulnerability Disclosure Apr 29

[local] GNU InetUtils 2.6 - Telnetd Remote Privilege Escalation

GNU InetUtils 2.

T1548

Exploit Database →

Exploit Database Vulnerability Disclosure Apr 29

[webapps] GeographicLib v2.5.1 - stack buffer overflow

GeographicLib v2.5.

Exploit Database →

Exploit Database Vulnerability Disclosure Apr 29

[local] OpenWrt 23.05 - Authenticated Remote Code Execution (RCE)

OpenWrt 23.

T1190

Exploit Database →

Exploit Database Vulnerability Disclosure Apr 29

[webapps] GUnet OpenEclass E-learning platform < 4.2 - Remote Code Execution (RCE)

GUnet OpenEclass E-learning platform < 4.

T1190

Exploit Database →

Exploit Database Vulnerability Disclosure Apr 29

[webapps] JuzaWeb CMS 3.4.2 - Authenticated Remote Code Execution

JuzaWeb CMS 3.4.

T1190

Exploit Database →

Exploit Database Vulnerability Disclosure Apr 29

[webapps] FacturaScripts 2025.43 - XSS

FacturaScripts 2025.

Exploit Database →

Exploit Database Vulnerability Disclosure Apr 29

[webapps] Xibo CMS 4.3.0 - RCE via SSTI

Xibo CMS 4.3.

Exploit Database →

Exploit Database Vulnerability Disclosure Apr 29

[local] Fedora - Local Privilege Escalation

Fedora - Local Privilege Escalation

T1548 T1068

Exploit Database →

Exploit Database Vulnerability Disclosure Apr 29

[webapps] LangChain Core 1.2.4 - SSTI/RCE

LangChain Core 1.2.

Exploit Database →

Cisco Advisories Vulnerability Disclosure Cisco Apr 28

Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote atta...

T1190

Cisco Advisories →

CISA Advisories Vulnerability Disclosure Apr 28

NSA GRASSMARLIN

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to disclose sensitive information. The following versions of NSA GRAS...

CISA Advisories →

Zero Day Initiative Vulnerability Disclosure Oracle Apr 28

ZDI-26-305: (0Day) OpenAI Codex Sandbox Escape Vulnerability

This vulnerability allows remote attackers to bypass the sandbox on affected installations of OpenAI Codex. User interaction is required to exploit this vuln...

Zero Day Initiative →

Tenable Blog Vulnerability Disclosure Tenable Intel Apr 27

As the NVD scales back CVE enrichment, here’s what Tenable customers need to know

NIST’s shift toward selective CVE enrichment creates significant visibility gaps for teams relying solely on the National Vulnerability Database. As AI accel...

Tenable Blog →

Rapid7 Blog Vulnerability Disclosure Rapid7 Apr 24

Metasploit Wrap-Up 04/25/2026

Check Method Visibility Metasploit has supported check methods for many years now. It’s not always desirable to jump straight into exploiting a vulnerability...

Rapid7 Blog →