Dylan Pindur

8 exploits Active since Oct 2023
CVE-2025-55182 NOMISEC CRITICAL SCANNER
React Server Components <19.2.0 - RCE
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.
2,397 stars
CVSS 10.0
CVE-2025-66478 GITLAB SCANNER
Rejected
Rejected reason: This CVE is a duplicate of CVE-2025-55182.
CVE-2025-55182 GITLAB CRITICAL SCANNER
React Server Components <19.2.0 - RCE
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.
CVSS 10.0
CVE-2023-4966 METASPLOIT CRITICAL ruby SCANNER
Citrix Netscaler Application Delivery Controller - Memory Corruption
Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA  virtual server.
CVSS 9.4
CVE-2025-27218 METASPLOIT MEDIUM ruby WORKING POC
Sitecore Experience Manager (XM)/Experience Platform (XP) 10.4 - Insecure Deserialization
Sitecore Experience Manager (XM) and Experience Platform (XP) 10.4 before KB1002844 allow remote code execution through insecure deserialization.
CVSS 5.3
EIP-2026-112578 EXPLOITDB python WORKING POC
TeamCity Agent XML-RPC 10.0 - Remote Code Execution
EIP-2026-104101 EXPLOITDB ruby WORKING POC
TeamCity Agent - XML-RPC Command Execution (Metasploit)
EIP-2026-104102 EXPLOITDB ruby WORKING POC
TeamCity Agent - XML-RPC Command Execution (Metasploit)