Double-free in Apache httpd mod_http2 stream cleanup leading to pre-auth RCE.
☆31May 11, 2026Updated 2 months ago
Alternatives and similar repositories for CVE-2026-23918
Users that are interested in CVE-2026-23918 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- EncryptInterceptor fail-open bypass in Apache Tomcat Tribes clustering leading to unauthenticated RCE via Java deserialization.☆69May 11, 2026Updated 2 months ago
- 基于协程并发的Web敏感文件扫描器,精准探测备份文件、配置泄露及版本控制目录暴露风险,为渗透测试与安全防护提供专业级资产测绘方案。☆12Mar 6, 2025Updated last year
- Fortinet FortiClientEMS improper access control☆35Apr 20, 2026Updated 2 months ago
- Sh3ller is a lightweight C2 framework in its simplest form.☆33Sep 5, 2025Updated 10 months ago
- CVE-2025-3248 Langflow RCE Exploit☆17Jun 17, 2025Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Hessian UTF-8 Overlong Encoding☆21Mar 9, 2024Updated 2 years ago
- Scripts for Analysis of a RCE in Moodle Calculated Questions (CVE-2024-43425)☆19Aug 23, 2024Updated last year
- ☆53Feb 4, 2025Updated last year
- hiding in plain sight: part 2☆47Jul 11, 2024Updated 2 years ago
- Fairy Law - Compromise or disable EDR security solutions☆79Dec 1, 2025Updated 7 months ago
- Interactive Shells like PsExec, but in Go☆16Apr 30, 2025Updated last year
- 禅道认证绕过后台命令执行Getshell☆13Jan 8, 2025Updated last year
- 一款基于 AI 大模型的 WebShell 自动生成工具,支持自动迭代优化,集成河马查杀和阿里云伏魔平台检测。☆17Feb 5, 2026Updated 5 months ago
- CSharp4Pentesters☆11Mar 5, 2022Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- This tool, programmed in C#, allows for the fast discovery and exploitation of vulnerabilities in MSSQL servers☆55Jun 19, 2024Updated 2 years ago
- ☆13Jan 27, 2024Updated 2 years ago
- ☆23Jan 29, 2026Updated 5 months ago
- ☆79Nov 22, 2024Updated last year
- Notion C2 Profile for Mythic☆47Apr 30, 2026Updated 2 months ago
- geoserver后台漏洞检测一键化工具☆38Jun 29, 2024Updated 2 years ago
- load arbitrary dlls, call any exported function, calls execute inside g0 as normal syscalls do from the traditional route, no syscall or …☆31May 4, 2026Updated 2 months ago
- Memory API proxy via signed mozglue.dll☆40Jun 25, 2026Updated 2 weeks ago
- Combining KslDump and GhostKatz to dump LSASS using no-fix KslD.sys memory read to bypass PPL. Extracts MSV1_0 NT hashes and WDigest clea…☆45Mar 27, 2026Updated 3 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Memory protection and randomization tests (not limited to PaX enabled kernels)☆13Mar 5, 2024Updated 2 years ago
- CVE-2026-41089 PoC — Netlogon CLDAP stack buffer overflow (CVSS 9.8 CRITICAL)☆207Jun 2, 2026Updated last month
- Burp-plugin☆17Jul 18, 2024Updated last year
- Proof-of-Concept exploit for CVE-2026-23918 (Apache mod_http2 double-free). Features multi-mode DoS (Rapid-RST, Slow-Drip) and passive RC…☆22May 6, 2026Updated 2 months ago
- Windows绕过EDR实现DumpHash☆245May 10, 2026Updated 2 months ago
- GhidraMCP for headless☆57Updated this week
- CVE-2026-31431 容器逃逸☆20May 2, 2026Updated 2 months ago
- Metabase Pre-auth RCE (CVE-2023-38646)!!☆15Jul 29, 2023Updated 2 years ago
- Opengraph-Compatible JSON Generator for BloodHound☆29Mar 30, 2026Updated 3 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Maintains backlink structure among interlinked Markdown notes☆11Dec 28, 2020Updated 5 years ago
- ☆159Jul 10, 2024Updated 2 years ago
- 一个缝合的Zend批量解密脚本。☆16Jul 31, 2023Updated 2 years ago
- 用 AI 来操作JYso,并在AI遇到反序列化和JNDI注入情况自动调用☆26Jun 1, 2026Updated last month
- A PoC exploit for CVE-2023-23752 - Joomla Improper Access Check in Versions 4.0.0 through 4.2.7☆16Feb 1, 2026Updated 5 months ago
- Much resources. So log. Wow.☆24May 17, 2014Updated 12 years ago
- arm64/aarch64 port of V4bel/dirtyfrag (CVE-2026-43284). ESP-only - rxrpc path kernel-oopses on arm64 due to flush_dcache_page☆27May 13, 2026Updated 2 months ago