LeakIX

picture

LeakIX is now available as a Metasploit module. Search, host lookups, subdomains, and leaks directly from msfconsole.

https://github.com/rapid7/metasploit-framework/pull/21002

picture

🚨 Plugin update: ZimbraPlugin (CVE-2025-68645).

Zimbra Collaboration Suite 10.0 and 10.1 affected by unauthenticated LFI vulnerability.

Results: https://leakix.net/search?q=%2Btags%3Acve-2025-68645&scope=leak

picture

🚨 New plugin: SmarterMailPlugin (CVE-2025-52691).

SmarterMail versions prior to Build 9413 affected by critical remote code execution vulnerability via arbitrary file upload.

Results: https://leakix.net/search?q=%2Bplugin%3ASmarterMailPlugin&scope=leak

picture

🚨 New plugin: MongoBleedPlugin (CVE-2025-14847).

MongoDB Memory Leak vulnerability detection.

Results: https://leakix.net/search?page=0&q=%2Bplugin%3AMongoBleedPlugin&scope=leak

picture

🚨 New plugin: N8nPlugin (CVE-2025-68613, CVE-2025-65964, CVE-2025-62726).

n8n Workflow Automation multiple vulnerabilities detection.

Results: https://leakix.net/search?q=%2Bplugin%3AN8nPlugin&scope=leak

picture

🚨 New plugin: GeoserverXxePlugin (CVE-2025-58360).

GeoServer XXE vulnerability detection - XML External Entity injection in WMS GetMap operation, added to CISA KEV catalog.

Results: https://leakix.net/search?q=%2Bplugin%3AGeoserverXxePlugin&scope=leak

picture

🚨 Plugin update: React2ShellPlugin (CVE-2025-55182).

Backdoor detection added - 16k+ Next.js servers detected with in-memory webshells allowing remote code execution.

Results: https://leakix.net/search?scope=leak&q=%2Bplugin%3AReact2ShellPlugin+%2Bdataset.infected%3Atrue

picture

🚨 New plugin: React2ShellPlugin (CVE-2025-55182).

React Server Components RCE vulnerability detection - Next.js applications affected by critical remote code execution vulnerabilities.

Results: https://leakix.net/search?page=0&q=%2Bplugin%3AReact2ShellPlugin&scope=leak

picture

🚨 New plugin: EzGED3Plugin (CVE-2025-51539).

EzGED3 pre-authentication arbitrary file read vulnerability detection - may lead to admin takeover.

Results: https://leakix.net/search?q=%2Bplugin%3AEzGED3Plugin&scope=leak

picture

🚨 New plugin: FreePBXPlugin (CVE-2025-57819).

FreePBX unauthenticated SQL injection vulnerability detection - may lead to RCE.

Results: https://leakix.net/search?q=%2Bplugin%3AFreePBXPlugin&scope=leak

picture

🚨 New plugin: TraccarPlugin (CVE-2025-61666).

Traccar local file inclusion vulnerability detection - may expose configuration files.

Results: https://leakix.net/search?q=%2Bplugin%3ATraccarPlugin&scope=leak

picture

🚨 New plugin: KestrelPlugin (CVE-2025-55315).

Kestrel HTTP request smuggling vulnerability detection.

Results: https://leakix.net/search?q=%2Bplugin%3AKestrelPlugin&scope=leak

picture

🚨 New plugin: XWikiPlugin (CVE-2025-24893, CVE-2025-32429, CVE-2025-52472, CVE-2025-55748).

XWiki multiple critical vulnerabilities detection - RCE, SQL/HQL injection, and path traversal.

Results: https://leakix.net/search?q=%2Bplugin%3AXWikiPlugin&scope=leak

picture

🚨 New plugin: FlowiseVersionPlugin.

Flowise vulnerability detection - detects 15+ CVEs including RCE, file upload, and SSRF vulnerabilities.

Results: https://leakix.net/search?q=%2Bplugin%3AFlowiseVersionPlugin&scope=leak

picture

🚨 New plugin: WazuhPlugin (CVE-2025-24016).

Wazuh default credentials and RCE vulnerability detection - RCE possible on multi-node configurations, versions 4.4.0 to 4.9.1 affected.

Results: https://leakix.net/search?q=%2Bplugin%3AWazuhPlugin&scope=leak

picture

🚨 New plugin: ICTBroadcastRcePlugin (CVE-2025-2611).

ICTBroadcast unauthenticated RCE vulnerability detection.

Results: https://leakix.net/search?q=%2Bplugin%3AICTBroadcastRcePlugin&scope=leak

picture

🚨 New plugin: SpipRcePlugin (CVE-2024-8517).

SPIP BigUp plugin pre-authentication RCE vulnerability detection.

Results: https://leakix.net/search?q=%2Bplugin%3ASpipRcePlugin&scope=leak

picture

🚨 New plugin: ViciboxVersionPlugin (CVE-2024-8503, CVE-2024-8504).

VICIdial outdated version detection - unauthenticated SQL injection and authenticated RCE, versions <= 2.14-917a affected.

Results: https://leakix.net/search?q=%2Bplugin%3AViciboxVersionPlugin&scope=leak

picture

🚨 New plugin: NCentralPlugin (CVE-2025-9316, CVE-2025-11700).

N-able N-Central session bypass and XXE vulnerability detection - XXE allows reading critical files.

Results: https://leakix.net/search?q=%2Bplugin%3ANCentralPlugin&scope=leak

picture

🚨 New plugin: MagentoXxePlugin (CVE-2024-34102, CosmicSting).

Magento XXE injection vulnerability detection - may expose sensitive files, RCE possible in some cases.

Results: https://leakix.net/search?q=%2Bplugin%3AMagentoXxePlugin&scope=leak

picture

🚨 Plugin update: PaloAltoPlugin (CVE-2024-3400, CVE-2025-0133).

PaloAlto PAN-OS XSS vulnerability detection added - GlobalProtect portal affected.

Results: https://leakix.net/search?q=%2Bplugin%3APaloAltoPlugin&scope=leak

picture

🚨 New plugin: GeoserverRcePlugin (CVE-2024-36401).

GeoServer RCE vulnerability detection via GetPropertyValue in WFS requests.

Results: https://leakix.net/search?q=%2Bplugin%3AGeoserverRcePlugin&scope=leak

picture

🚨 New plugin: SwaggerUIPlugin.

Swagger API documentation public exposure detection - may expose API endpoints, parameters, and data structures.

Results: https://leakix.net/search?q=%2Bplugin%3ASwaggerUIPlugin&scope=leak

picture

🚨 New plugin: PrometheusPlugin.

Prometheus server public exposure detection - may expose metrics, configuration, and infrastructure information.

Results: https://leakix.net/search?q=%2Bplugin%3APrometheusPlugin&scope=leak

picture

🚨 New plugin: GraphQLIntrospectionPlugin.

GraphQL introspection enabled detection - may expose sensitive schema information and database structures.

Results: https://leakix.net/search?q=%2Bplugin%3AGraphQLIntrospectionPlugin&scope=leak

picture

🚨 New plugin: WatchGuardFireboxPlugin (CVE-2025-59396).

WatchGuard Firebox default credentials allow administrative SSH access. CVE rejected by NVD: "Not a security vulnerability".

Results: https://leakix.net/search?q=%2Bplugin%3AWatchGuardFireboxPlugin&scope=leak

picture

🚨 New plugin: GladinetPlugin (CVE-2025-11371, CVE-2025-30406, CVE-2025-12480).

Gladinet CentreStack/Triofox LFI, RCE, and auth bypass vulnerability detection.

Results: https://leakix.net/search?q=%2Bplugin%3AGladinetPlugin&scope=leak

picture

🚨 New plugin: GLPIVersionPlugin.

GLPI vulnerability detection - detects 50+ CVEs including unauthenticated SQL injection, session hijacking, and account takeover.

Results: https://leakix.net/search?q=%2Bplugin%3AGLPIVersionPlugin&scope=leak

picture

🚨 New plugin: MonstaFtpVersionPlugin (CVE-2025-34299).

MonstaFTP RCE vulnerability detection - versions < 2.11.3 affected.

Results: https://leakix.net/search?scope=leak&q=%2Bplugin%3AMonstaFtpVersionPlugin

picture

🚨 New plugin: SessionReaperPlugin (CVE-2025-54236) added.

Multiple Adobe Commerce / Magento instances exposed. Patch ASAP.

Details: https://slcyber.io/assetnote-security-research-center/why-nested-deserialization-is-still-harmful-magento-rce-cve-2025-54236/

Query: +plugin:SessionReaperPlugin