N3k0t

6 exploits Active since Aug 2025
CVE-2025-59287 GITHUB CRITICAL WORKING POC
Windows Server 2012, 2016, 2019, 2022, 2025 - Unauthenticated RCE via Deserialization
Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.
1 stars
CVSS 9.8
CVE-2025-8941 GITHUB HIGH WORKING POC
Red Hat Enterprise Linux 7 Extended Lifecycle Support - Privilege Escalation via pam_namespace Symlink Attack
A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.
1 stars
CVSS 7.8
CVE-2025-59287 GITHUB CRITICAL python WORKING POC
Windows Server 2012, 2016, 2019, 2022, 2025 - Unauthenticated RCE via Deserialization
Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.
1 stars
CVSS 9.8
CVE-2025-8941 GITHUB HIGH python WORKING POC
Red Hat Enterprise Linux 7 Extended Lifecycle Support - Privilege Escalation via pam_namespace Symlink Attack
A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.
1 stars
CVSS 7.8
CVE-2025-11953 NOMISEC CRITICAL WORKING POC
react-native-community/cli < 20.0.0 - Unauthenticated OS Command Injection via Metro Development Server
The Metro Development Server, which is opened by the React Native Community CLI, binds to external interfaces by default. The server exposes an endpoint that is vulnerable to OS command injection. This allows unauthenticated network attackers to send a POST request to the server and run arbitrary executables. On Windows, the attackers can also execute arbitrary shell commands with fully controlled arguments.
1 stars
CVSS 9.8
CVE-2025-11953 NOMISEC CRITICAL WORKING POC
react-native-community/cli < 20.0.0 - Unauthenticated OS Command Injection via Metro Development Server
The Metro Development Server, which is opened by the React Native Community CLI, binds to external interfaces by default. The server exposes an endpoint that is vulnerable to OS command injection. This allows unauthenticated network attackers to send a POST request to the server and run arbitrary executables. On Windows, the attackers can also execute arbitrary shell commands with fully controlled arguments.
CVSS 9.8