atiilla

6 exploits Active since Oct 2025
CVE-2025-59536 GITHUB HIGH python WORKING POC
Claude Code < 1.0.111 - Code Injection via Startup Trust Dialog Bypass
Claude Code is an agentic coding tool. Versions before 1.0.111 were vulnerable to Code Injection due to a bug in the startup trust dialog implementation. Claude Code could be tricked to execute code contained in a project before the user accepted the startup trust dialog. Exploiting this requires a user to start Claude Code in an untrusted directory. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to the latest version. This issue is fixed in version 1.0.111.
2 stars
CVSS 8.8
CVE-2026-21852 NOMISEC HIGH WORKING POC
Claude Code < 2.0.65 - Unauthenticated API Key Exfiltration via Malicious Repository Settings
Claude Code is an agentic coding tool. Prior to version 2.0.65, vulnerability in Claude Code's project-load flow allowed malicious repositories to exfiltrate data including Anthropic API keys before users confirmed trust. An attacker-controlled repository could include a settings file that sets ANTHROPIC_BASE_URL to an attacker-controlled endpoint and when the repository was opened, Claude Code would read the configuration and immediately issue API requests before showing the trust prompt, potentially leaking the user's API keys. Users on standard Claude Code auto-update have received this fix already. Users performing manual updates are advised to update to version 2.0.65, which contains a patch, or to the latest version.
2 stars
CVSS 7.5
CVE-2026-20841 NOMISEC HIGH WORKING POC
Windows Notepad App - Command Injection
Improper neutralization of special elements used in a command ('command injection') in Windows Notepad App allows an unauthorized attacker to execute code locally.
2 stars
CVSS 7.8
CVE-2026-42897 NOMISEC HIGH WORKING POC
Microsoft Exchange Server Spoofing Vulnerability
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVSS 8.1
CVE-2026-2441 NOMISEC HIGH STUB
Google Chrome <145.0.7632.75 - Use After Free
Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVSS 8.8
CVE-2025-55182 NOMISEC CRITICAL
React Server Components <19.2.0 - RCE
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.
CVSS 10.0