We research the 1-day

The interval between patch release and widespread exploitation - where defenders race to deploy and attackers reverse-engineer. We sit in the middle: analyzing, documenting, publishing.

1day-archive Technical deep-dives into recently disclosed CVEs — patch diffs, root cause, PoCs. github.com/1dayexploit/1day-archive advisories Vulnerabilities discovered and coordinated-disclosed by us. github.com/1dayexploit/advisories

Recent research view all →

2026-05-14	CVE-2026-42945	CVE-2026-42945: NGINX Heap Buffer Overflow	PoC
2026-05-06	CVE-2026-27960	CVE-2026-27960: OpenCTI Authentication Bypass via Hardcoded UUID	PoC
2026-05-04	CVE-2026-7482	CVE-2026-7482 - Ollama Heap Out-of-Bounds Read	PoC
2026-04-20		Welcome to 1dayexploit