CVE-2025-4664

This repository contains a Python-based exploit for CVE-2025-4664, targeting Firefox ESR 115.11 via arbitrary JavaScript execution in PDF.js. The exploit generates a malicious PDF file that triggers the vulnerability when opened.

This PoC demonstrates CVE-2025-4664, a vulnerability in Chromium-based browsers where sensitive URL parameters are leaked through Link header preload requests. The exploit involves a malicious server that logs leaked tokens via a crafted Link header with referrerpolicy=unsafe-url.

This repository contains a proof-of-concept for CVE-2025-4664, a vulnerability in Google Chrome's Loader component that allows cross-origin data leakage via manipulated `referrer-policy` directives in HTML link tags. The PoC includes a Flask-based attacker server to capture leaked referrer headers.

This repository contains functional exploit code for CVE-2025-32433, an Erlang OTP SSH vulnerability, demonstrating pre-authentication remote command execution via crafted SSH packets. The PoC includes a Dockerized vulnerable environment and a Python script to trigger the exploit.

The repository contains a functional proof-of-concept for CVE-2025-4664, demonstrating how Google Chrome's improper handling of the `referrer-policy` directive in HTTP Link headers can lead to cross-origin data leakage. The PoC includes a Python-based attacker server and an HTML file to simulate the exploit.