// GitHubMEDIUM
A pseudonymous researcher published a GitHub repository called 'Exploitarium' containing over 30 proof-of-concept exploits for undisclosed zero-day vulnerabilities in open-source projects including Libssh2, FFmpeg, Gitea, MyBB, PHP, and others, without coordinating with maintainers. At least 12 exploits have been assigned CVE identifiers, with CVE-2026-55200 (libssh2 pre-auth RCE, CVSS 9.2) confirmed under active exploitation. The researcher justified the public disclosure approach as educational but acknowledged it enables malicious use.
// Get alerts for GitHub