Zeroc00i News & Tricks
16:46 · May 30, 2026 · Sat
Fiz um PR no repositório do nuclei sobre aquela CVE do strapi
https://github.com/projectdiscovery/nuclei-templates/pull/16304
GitHub
Add CVE-2026-27886: Strapi <=5.36.x Unauthenticated Admin Credential Enumeration by zeroc00I · Pull Request #16304 · projectdiscovery/nuclei…
Summary
Adds detection + exploitation template for CVE-2026-27886 (Strapi ≤5.36.x)
Strapi exposes raw Knex where[] parameters on public collection endpoints without sanitisation
Any unauthenticate...
Home
Powered by
BroadcastChannel
&
Sepia
