2026

• 09 Jun Unrestricted File Upload Leads to Remote Code Execution | Calliope Gallery
• 09 Jun XXE Injection via Envelope Import Leads to Arbitrary File Read | Foldmark
• 09 Jun Local File Inclusion via Template Router | CostThis
• 08 Jun IDOR in Password Reset API Leads to Administrator Account Takeover | TheForms
• 08 Jun JWT Algorithm Confusion Leads to Privilege Escalation | Halftone Studio
• 07 Jun Password Change IDOR Leads to Administrator Account Takeover | Noted
• 07 Jun NoSQL Injection Leads to Treasury Account Takeover | Coined
• 06 Jun Multi-Step Access Control Bypass Leads to Administrative Compromise | Tamper Temple
• 06 Jun Autovation Unsafe Yaml Deserialization
• 05 Jun Blind Remote Code Execution via ExifTool CVE-2021-22204 | The Oak
• 04 Jun Local File Inclusion via Language Cookie Leads to Arbitrary File Read | Flagged
• 04 Jun Exposed Git Repository Leads to Administrative Credential Disclosure | Fault Banking
• 03 Jun NoSQL Injection via Search Filter Object Leads to Hidden Rental Disclosure | SwiftSearch Hotels
• 03 Jun GraphQL Role Parameter Abuse Leads to Restricted Medical Note Disclosure | Clearance
• 03 Jun Authentication Bypass – Direct Dashboard Access | Pivot HR
• 02 Jun SQL Injection in Voucher Search Leads to Executive Voucher Disclosure | Voucher Vault
• 02 Jun SQL Injection via Issue Identifier Parameter | Trace Control
• 01 Jun OS Command Injection via Archive Export Filename | Parchive
• 01 Jun IDOR – Unauthorized Grant Approval via Workflow Manipulation | Briarcliff Foundation
• 01 Jun Next.js Middleware Authorization Bypass (CVE-2025-29927) | BugVault
• 31 May Authentication Bypass via Forged Remember-Me Cookie | Skein
• 30 May Cross-Site Scripting (XSS) – Inadequate Input Filter Bypass | Palisade
• 30 May Local File Inclusion – Arbitrary File Read | Traverse
• 30 May Information Disclosure – Sensitive Resource Exposure via robots.txt | Sundial Observatory
• 30 May Information Disclosure – Redirect Debug Comment Exposure | Redirect Run
• 30 May Information Disclosure – Sensitive HTML Comment Exposure | Vellichor Press
• 30 May Cross-Site Scripting (XSS) – HTML Tag Breakout | Rivet & Tack
• 29 May Cross-Site Scripting (XSS) – HTML Comment Breakout | Fermata
• 29 May Privilege Escalation – Unsigned Session Token Tampering | Spindrift Workspace
• 29 May Privilege Escalation – Client-Side Role Cookie Tampering | Session Swap
• 29 May Privilege Escalation – JWT None Algorithm Abuse | Stargate Atlas
• 29 May Information Disclosure – Debug Branch Receipt Exposure | Quikpay Receipts
• 28 May NoSQL Injection Authentication Bypass | Herbalist Remedies
• 28 May Weak Credentials – Member Account Compromise | Pinegrass Library Co-op
• 28 May Cross-Site Scripting (XSS) – Attribute Breakout | Sandpiper Stationery
• 28 May Cross-Site Scripting (XSS) – Reflected Search Injection | Ember Kettle
• 28 May Information Disclosure – Client-Side Analytics Exposure | Pebble & Pine
• 27 May Exposed Git Repository Information Disclosure | Loop & Roam Records
• 27 May Default Credentials Authentication Weakness | Lake Forks Permits
• 27 May Local File Inclusion via Double URL Encoding | Mirage
• 27 May Unrestricted File Upload – Remote Code Execution | Hollow Run Bedding
• 27 May Mass Assignment – Role Escalation | Salt Brook Pilates
• 26 May Arbitrary File Read – image Parameter Leading to file:// Injection | Suited
• 26 May IDOR – Account Export Data Disclosure | Remittance
• 26 May GraphQL Information Disclosure – System Configuration Exposure | Schematic
• 25 May SQL Injection & File Upload Abuse – Admin Bypass Leading to RCE | Candy
• 24 May SQL Injection – Full Database Extraction via UNION Attack | Versed
• 23 May OS Command Injection – Remote Command Execution via Legacy CGI Endpoint | Slash & Sons
• 23 May OS Command Injection in Network Diagnostics | Netcheck
• 23 May SSRF – Internal Service Discovery Through Monitor Preview Feature | Statuscraft
• 22 May X-Forwarded-For Spoofing – Internal Staff Portal Access Control Bypass | Brackish Brewing Co.
• 22 May SSRF Blocklist Bypass – Internal File Disclosure via Localhost Filtering Evasion | CutCorner
• 21 May Missing Access Control – Unrestricted Staff Portal Exposure | Coltsfoot Community Center
• 21 May SQL Injection – Secret Extraction from Internal Logs Console | Vibed
• 20 May Sensitive Information Disclosure – Secrets Exposed in Base64 Session Cookie | Cookie Cutter
• 19 May Client-Side Price Manipulation – Discount Abuse via Cookie Tampering | Snooker
• 19 May Weak Password Reset – Brute Force of 4-Digit Reset Token Leading to Account Takeover | Heartwood Outfitters
• 19 May Information Disclosure – Sensitive Debug Header Leakage via Response Metadata | Header Hunt
• 18 May Workflow Access Control Bypass – Admin Privilege Escalation | Lazy Human Resources
• 18 May Stored XSS – Internal Endpoint Enumeration Through Comment Injection | Crate & Sleeve
• 18 May Weak Credentials – Authentication Compromise via Password Brute Force | Halftrack Model Railroad Club
• 18 May SQL Injection – Authentication Bypass on Employee Portal | Gatekeeper
• 18 May Unrestricted File Upload – Remote Code Execution via PHP Extension Bypass | Crosswind
• 17 May SQL Injection to Admin Access – Hidden Identity Exposure | The Caretaker
• 16 May IDOR via WebSocket Subscription – Cross-Order Data Exposure | JoyStick
• 15 May LDAP Injection – Hidden Registrar Archive Disclosure | Saint Croix University
• 15 May GraphQL BOLA via Introspection & Insecure Resolver Access | Slate Quarry
• 15 May Command Injection & Broken Function Level Authorization | NewsForge
• 15 May Local File Inclusion via PHP Stream Wrappers | DocketHive
• 14 May Mass Assignment Leading to Admin Account Creation | Trellis
• 14 May JWT Secret Cracking & Privilege Escalation via Forged Tokens | Tally
• 14 May Command Injection via Filename Parameter Leading to Remote Code Execution | Quotin
• 13 May XXE Injection – Arbitrary File Disclosure via XML Import | Holloway
• 12 May Server-Side Template Injection Leading to Remote Code Execution | Outbox
• 12 May XInclude Injection to Arbitrary File Read | Tanuki
• 12 May Local File Inclusion (LFI) to Sensitive File Disclosure | Mapleton
• 11 May NoSQL Injection Authentication Bypass – Admin Panel Access | SnickerDoodle
• 11 May IDOR via Sequential Order IDs | Cheesy Does It
• 11 May IDOR in Order Access – Unauthorized Order Data Exposure | Hartwood
• 10 May Race Condition in Cart and Checkout Flow – Multi-Item Purchase for Single Charge | Cafe Club
• 10 May JWT alg:none Authentication Bypass to Admin Access | EverGreen
• 09 May GraphQL Introspection and Sensitive Data Exposure | Ottergram
• 09 May UUID-Based IDOR Through Member API | Apex
• 08 May Predictable Time-Based Auth Token Leading to Authentication Bypass | Sokudo
• 08 May Jinja2 SSTI to Remote Code Execution | SunnySide
• 07 May Weak Session Token Design – Predictable MD5-Based Session Hijacking | CopyPasta
• 06 May XML External Entity (XXE) via Deck Import Feature | Tanuki
• 05 May OTP Bypass & Brute Force – Admin Account Takeover via Password Reset | Cheesy Does it
• 04 May File Extension Blacklist Bypass – Unrestricted Upload to RCE | Hackviser Lab
• 04 May File Signature Bypass – Polyglot File Upload to RCE | Hackviser Lab
• 04 May MIME Type Filter Bypass – Unrestricted File Upload to RCE | Hackviser Lab
• 04 May Unrestricted File Upload – RCE Leading to Database Credential Disclosure | Hackviser Lab
• 03 May Predictable Token Enumeration – Gift Card Redemption Abuse | BugForge Lab
• 02 May SQL Injection – UNION-Based Credential Extraction via Profile API | Ottergram
• 02 May SQL Injection – Database Extraction via Boolean-Based Blind Technique | Stock Check Lab
• 02 May SQL Injection – Credential Extraction via UNION Attack | Search Functionality Lab
• 02 May Path Traversal – Arbitrary File Read via Image Endpoint | Ottergram
• 01 May IDOR – Unauthorized Access to Borrower Records | Overdue
• 01 May Local File Inclusion – Arbitrary File Read Leading to Flag Disclosure | Corridor
• 01 May Broken Authentication – Predictable Timestamp Token Leads to Admin Account Takeover | Sokudo
• 30 Apr SQL Injection – Full Database Extraction via Search Function | Flower
• 30 Apr Broken Access Control – Admin Access Token Brute Force Leads to Unauthorized Admin Access | Gift List
• 28 Apr Broken Access Control – Role Manipulation via User Registration | Tanuki
• 26 Apr Command Injection – Remote Code Execution via rollOptions Parameter | Diceforge
• 25 Apr File Inclusion – Arbitrary File Read via Image Endpoint | Ottergram
• 24 Apr IDOR – Unauthorized Access to Shared Notes via Base64 ID Manipulation | BugForge
• 23 Apr Broken Access Control – Unauthorized Stats Modification via HTTP Method Manipulation | BugForge
• 11 Apr Information Disclosure – Sensitive Data Exposure via Source Code, Headers & Public Files | Hidden in Plain Sight
• 07 Apr SMB Exploit (MS17-010 EternalBlue) – Remote Code Execution & Privilege Escalation | Blue
• 07 Apr SQL Injection – Authentication Bypass & Privilege Escalation | Simple CTF
• 07 Apr Broken Access Control – Credential Leakage to Privilege Escalation | Silver Platter
• 05 Apr Remote Code Execution – Exploiting FuelCMS (CVE-2018-16763) | Vulnerability Capstone
• 31 Mar Remote Code Execution – Nostromo Exploit to Root via Dirty Pipe | Glitch
• 31 Mar Remote Code Execution – Supervisor Exploit to Root via SUID Python | Super Process
• 30 Mar Remote Code Execution – GLPI Exploit to Root & ZIP Password Cracking | Find and Crack
• 29 Mar Server-Side Template Injection – Remote Code Execution & Data Exposure | Leaf
• 29 Mar Weak Authentication – SSH Brute Force Leading to Unauthorized Access | Discover Lernaean
• 29 Mar Unauthenticated Access – MySQL Misconfiguration Leading to Data Exposure | Query Gate
• 29 Mar Default Credentials – SSH Misconfiguration Leading to Root Access | Secure Command
• 29 Mar Anonymous Access – FTP Misconfiguration Leading to Credential Disclosure | File Hunter
• 29 Mar Default Credentials – Telnet Misconfiguration Leading to Root Access | Arrow
• 29 Mar IDOR – Password Disclosure via Insecure Direct Object Reference | User ID Controlled by Request Parameter
• 29 Mar IDOR – Unauthorized Access via Predictable Identifier Manipulation | User ID Controlled by Request Parameter
• 29 Mar Local File Inclusion – Log Poisoning to Remote Code Execution | Venomous
• 29 Mar Server-Side Template Injection – Remote Code Execution via Twig & Bind Shell | Leaf
• 29 Mar File Path Traversal Simple Case
• 28 Mar Broken Access Control – Privilege Escalation via Client-Controlled Cookie | Privilege Escalation via Client-Controlled Cookie
• 28 Mar Broken Access Control – Unprotected Admin Panel via Unpredictable URL Leading to Privilege Escalation | Unprotected Admin Panel
• 28 Mar Broken Access Control – Unprotected Admin Functionality Leading to Privilege Escalation | Unprotected Admin Functionality
• 26 Mar Weak Authentication – FTP Brute Force Leading to Unauthorized Access | Net Sec Challenge