PoC-in-GitHub/2026/CVE-2026-21509.json

[
    {
        "id": 1143294637,
        "name": "Ashwesker-CVE-2026-21509",
        "full_name": "kimstars\/Ashwesker-CVE-2026-21509",
        "owner": {
            "login": "kimstars",
            "id": 23279002,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23279002?v=4",
            "html_url": "https:\/\/github.com\/kimstars",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/kimstars\/Ashwesker-CVE-2026-21509",
        "description": "CVE-2026-21509",
        "fork": false,
        "created_at": "2026-01-27T12:03:20Z",
        "updated_at": "2026-02-02T14:42:38Z",
        "pushed_at": "2026-01-27T09:42:58Z",
        "stargazers_count": 1,
        "watchers_count": 1,
        "has_discussions": false,
        "forks_count": 12,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [],
        "visibility": "public",
        "forks": 12,
        "watchers": 1,
        "score": 0,
        "subscribers_count": 0
    },
    {
        "id": 1144709571,
        "name": "CVE-2026-21509-PoC",
        "full_name": "gavz\/CVE-2026-21509-PoC",
        "owner": {
            "login": "gavz",
            "id": 1969988,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1969988?v=4",
            "html_url": "https:\/\/github.com\/gavz",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/gavz\/CVE-2026-21509-PoC",
        "description": "Educational PoC for CVE‑2026‑21509 (Microsoft Office security feature bypass). Generates a harmless DOCX with dummy OLE artifacts to study EDR\/AV visibility. Not an exploit. For isolated labs only; see README for 7‑Zip inspection steps and mitigation references.",
        "fork": false,
        "created_at": "2026-01-29T00:51:18Z",
        "updated_at": "2026-02-02T16:01:12Z",
        "pushed_at": "2026-01-28T20:33:28Z",
        "stargazers_count": 3,
        "watchers_count": 3,
        "has_discussions": false,
        "forks_count": 2,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [],
        "visibility": "public",
        "forks": 2,
        "watchers": 3,
        "score": 0,
        "subscribers_count": 0
    },
    {
        "id": 1145070024,
        "name": "KSK-ITDK-CVE-2026-21509-Mitigation",
        "full_name": "ksk-itdk\/KSK-ITDK-CVE-2026-21509-Mitigation",
        "owner": {
            "login": "ksk-itdk",
            "id": 61273209,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61273209?v=4",
            "html_url": "https:\/\/github.com\/ksk-itdk",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/ksk-itdk\/KSK-ITDK-CVE-2026-21509-Mitigation",
        "description": "Powershell script with Detection and Remediation for CVE-2026-21509",
        "fork": false,
        "created_at": "2026-01-29T11:40:30Z",
        "updated_at": "2026-02-02T15:46:51Z",
        "pushed_at": "2026-01-29T11:49:04Z",
        "stargazers_count": 1,
        "watchers_count": 1,
        "has_discussions": false,
        "forks_count": 1,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [],
        "visibility": "public",
        "forks": 1,
        "watchers": 1,
        "score": 0,
        "subscribers_count": 0
    },
    {
        "id": 1146434087,
        "name": "CTT-NFS-Vortex-RCE",
        "full_name": "SimoesCTT\/CTT-NFS-Vortex-RCE",
        "owner": {
            "login": "SimoesCTT",
            "id": 94452709,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94452709?v=4",
            "html_url": "https:\/\/github.com\/SimoesCTT",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/SimoesCTT\/CTT-NFS-Vortex-RCE",
        "description": "New Physics Disclosure This repository contains a full weaponized exploit for **CVE-2026-21509**, targeting the Windows Network File System (NFSv4.1) kernel-mode driver (`nfssvr.sys`). ",
        "fork": false,
        "created_at": "2026-01-31T04:52:13Z",
        "updated_at": "2026-01-31T16:05:07Z",
        "pushed_at": "2026-01-31T04:57:20Z",
        "stargazers_count": 2,
        "watchers_count": 2,
        "has_discussions": false,
        "forks_count": 0,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [],
        "visibility": "public",
        "forks": 0,
        "watchers": 2,
        "score": 0,
        "subscribers_count": 0
    },
    {
        "id": 1146561861,
        "name": "SCTT-2026-33-0007-The-OLE-Vortex-Laminar-Bypass-",
        "full_name": "SimoesCTT\/SCTT-2026-33-0007-The-OLE-Vortex-Laminar-Bypass-",
        "owner": {
            "login": "SimoesCTT",
            "id": 94452709,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94452709?v=4",
            "html_url": "https:\/\/github.com\/SimoesCTT",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/SimoesCTT\/SCTT-2026-33-0007-The-OLE-Vortex-Laminar-Bypass-",
        "description": "Microsoft just released emergency patches for CVE-2026-21509, a zero-day in the Office Suite that bypasses OLE\/COM mitigations when a user simply opens a file. They think their \"Service-side change\" for Office 2021+ is a solid wall. ",
        "fork": false,
        "created_at": "2026-01-31T09:50:23Z",
        "updated_at": "2026-01-31T16:08:36Z",
        "pushed_at": "2026-01-31T09:58:19Z",
        "stargazers_count": 1,
        "watchers_count": 1,
        "has_discussions": false,
        "forks_count": 0,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [],
        "visibility": "public",
        "forks": 0,
        "watchers": 1,
        "score": 0,
        "subscribers_count": 0
    },
    {
        "id": 1147401424,
        "name": "CTT-MICROSOFT-OFFICE-OLE-MANIFOLD-BYPASS-CVE-2026-21509",
        "full_name": "SimoesCTT\/CTT-MICROSOFT-OFFICE-OLE-MANIFOLD-BYPASS-CVE-2026-21509",
        "owner": {
            "login": "SimoesCTT",
            "id": 94452709,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94452709?v=4",
            "html_url": "https:\/\/github.com\/SimoesCTT",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/SimoesCTT\/CTT-MICROSOFT-OFFICE-OLE-MANIFOLD-BYPASS-CVE-2026-21509",
        "description": "CVE-2026-21509 is a critical bypass in the Microsoft Office OLE (Object Linking and Embedding) validation engine. While standard \"laminar\" exploits attempt to manipulate static COM objects, this repository utilizes Theorem 4.2 to achieve a speculative race-condition bypass of the Object Definition Rule (ODR).",
        "fork": false,
        "created_at": "2026-02-01T17:31:24Z",
        "updated_at": "2026-02-01T17:41:32Z",
        "pushed_at": "2026-02-01T17:41:29Z",
        "stargazers_count": 0,
        "watchers_count": 0,
        "has_discussions": false,
        "forks_count": 0,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [],
        "visibility": "public",
        "forks": 0,
        "watchers": 0,
        "score": 0,
        "subscribers_count": 0
    }
]