ninjazan420

4 exploits Active since Dec 2025
CVE-2026-1529 NOMISEC HIGH WORKING POC
Org.keycloak Keycloak-services - Signature Verification Bypass
A flaw was found in Keycloak. An attacker can exploit this vulnerability by modifying the organization ID and target email within a legitimate invitation token's JSON Web Token (JWT) payload. This lack of cryptographic signature verification allows the attacker to successfully self-register into an unauthorized organization, leading to unauthorized access.
3 stars
CVSS 8.1
CVE-2026-1729 NOMISEC CRITICAL WORKING POC
AdForest theme <6.0.12 - Auth Bypass
The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 6.0.12. This is due to the plugin not properly verifying a user's identity prior to authenticating them through the 'sb_login_user_with_otp_fun' function. This makes it possible for unauthenticated attackers to log in as arbitrary users, including administrators.
1 stars
CVSS 9.8
CVE-2025-52691 NOMISEC CRITICAL WORKING POC
Smartertools Smartermail < 100.0.9413 - Unrestricted File Upload
Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution.
1 stars
CVSS 10.0
CVE-2025-60021 NOMISEC CRITICAL WRITEUP
Apache Brpc < 1.15.0 - Command Injection
Remote command injection vulnerability in heap profiler builtin service in Apache bRPC ((all versions < 1.15.0)) on all platforms allows attacker to inject remote command. Root Cause: The bRPC heap profiler built-in service (/pprof/heap) does not validate the user-provided extra_options parameter and executes it as a command-line argument. Attackers can execute remote commands using the extra_options parameter.. Affected scenarios: Use the built-in bRPC heap profiler service to perform jemalloc memory profiling. How to Fix: we provide two methods, you can choose one of them: 1. Upgrade bRPC to version 1.15.0. 2. Apply this patch ( https://github.com/apache/brpc/pull/3101 ) manually.
CVSS 9.8