Initial Access Intelligence
The "Initial Access Intelligence" module is a vital tool for cybersecurity, designed to scan GitHub repositories for the latest exploit and proof-of-concept codes for new vulnerabilities. It provides users with crucial updates on potential security threats, enabling proactive defense measures. This module helps close the gap between vulnerability discovery and patching, significantly enhancing system security.
-
June 15, 2026, 10:15 a.m.
Incorrect access control in /vfm-admin/ajax/streamvid.php in Veno File Manager Project in 4.4.9 allows an authenticated attacker to read any uploaded files by other users as long as it knows the path and filename via a specially crafted GET request to the affected endpoint.
Shell
Updated: 4 days, 23 hours ago0 stars 0 fork 0 watcherBorn at : June 15, 2026, 9:55 a.m. This repo has been linked 0 different CVEs too. -
June 15, 2026, 12:25 p.m.
None
Updated: 4 days, 20 hours ago1 stars 0 fork 0 watcherBorn at : June 15, 2026, 9:53 a.m. This repo has been linked 1 different CVEs too. -
June 15, 2026, 10:16 a.m.
Absolute Path Disclosure in /vfm-admin/assets/zipstream/grandt/relativepath/RelativePath.Example1.php in Veno File Manager Project 4.4.9 allows an unauthenticated attacker to know in which system directory the application code is running by sending a GET request to the endpoint.
Shell
Updated: 4 days, 23 hours ago0 stars 0 fork 0 watcherBorn at : June 15, 2026, 9:45 a.m. This repo has been linked 0 different CVEs too. -
June 16, 2026, 6:56 a.m.
None
Java
Updated: 4 days, 2 hours ago0 stars 0 fork 0 watcherBorn at : June 15, 2026, 9:40 a.m. This repo has been linked 1 different CVEs too. -
June 16, 2026, 6:56 a.m.
None
JavaScript
Updated: 4 days, 2 hours ago0 stars 0 fork 0 watcherBorn at : June 15, 2026, 9:39 a.m. This repo has been linked 1 different CVEs too. -
June 16, 2026, 6:56 a.m.
None
Python
Updated: 4 days, 2 hours ago0 stars 0 fork 0 watcherBorn at : June 15, 2026, 9:39 a.m. This repo has been linked 1 different CVEs too. -
June 15, 2026, 10:17 a.m.
Arbitrary file write in /vfm-admin/index.php?section=translations&action=update in Veno File Manager Project 4.4.9 allows an authenticated user with the role of super administrator to overwrite any php file in the application via a specially crafted POST request to the affected endpoint.
Shell
Updated: 4 days, 23 hours ago0 stars 0 fork 0 watcherBorn at : June 15, 2026, 9:38 a.m. This repo has been linked 0 different CVEs too. -
June 15, 2026, 10:18 a.m.
Incorrect access control in /vfm-admin/admin-panel/view/save-cvs.php in Veno File Manager Project 4.4.9 allows an unauthenticated attacker to extract all application logs from a desired date forwards via a specially crafted POST request.
Shell
Updated: 4 days, 23 hours ago0 stars 0 fork 0 watcherBorn at : June 15, 2026, 9:34 a.m. This repo has been linked 0 different CVEs too. -
June 18, 2026, 1:36 p.m.
None
Updated: 1 day, 19 hours ago0 stars 0 fork 0 watcherBorn at : June 15, 2026, 9:30 a.m. This repo has been linked 16 different CVEs too. -
June 15, 2026, 10:20 a.m.
Path traversal leading to Arbitrary File Read in /vfm-admin/index.php and /vfm-admin/ajax/streamvid.php in Veno File Manager Project 4.4.9 allows and authenticated attacker with super administrator role to disclose sensitive information via two specially crafted http requests (POST and GET) to the affected endpoints.
Shell
Updated: 4 days, 23 hours ago0 stars 0 fork 0 watcherBorn at : June 15, 2026, 9:30 a.m. This repo has been linked 0 different CVEs too.
