
// underground exploit database v2.0
// RECENT_POCS
VIEW_ALLCVE-2024-36991
In Splunk Enterprise on Windows below 9.2.2, 9.1.5 and 9.0.10, an unauthenticated attacker can perform a path traversal on the /modules/messaging/ endpoint to read arbitrary files.
CVE-2026-29000
The JwtAuthenticator in pac4j-jwt skips signature verification for JWE-wrapped PlainJWT (unsigned) tokens, letting an attacker forge valid authentication tokens using only the server's RSA public key.
CVE-2026-48778
Notepad++ through v8.9.6 allows remote code execution by abusing the commandLineInterpreter setting in config.xml, leading to arbitrary command execution.
CVE-2022-25012
Argus Surveillance DVR v4.0 employs weak password encryption
CVE-2025-25257
An improper neutralization of special elements used in an SQL command (SQLI) vulnerability [CWE-89] in Fortinet FortiWeb version 7.6.0
CVE-2025-3248
Langflow exposes a /api/v1/builder/execute_code endpoint that takes user-supplied Python code and passes it directly to exec() on the backend. Since there's no authentication or sandboxing, attackers can craft arbitrary payloads for code execution.