Skip to content

feat(fetcher): add nuclei #293

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
MaineK00n merged 1 commit into from
Dec 15, 2025
Merged

feat(fetcher): add nuclei #293

MaineK00n merged 1 commit into from
Dec 15, 2025

Conversation

@MaineK00n
Copy link
Collaborator

@MaineK00n MaineK00n commented Dec 14, 2025

If this Pull Request is work in progress, Add a prefix of “[WIP]” in the title.

What did you implement:

add nuclei

Type of change

  • New feature (non-breaking change which adds functionality)

How Has This Been Tested?

$ go-exploitdb fetch nuclei
INFO[12-15|04:56:19] Fetching Nuclei Templates 
INFO[12-15|04:56:20] Nuclei Templates                         count=3628
INFO[12-15|04:56:20] Inserting Nuclei Templates into DB 
INFO[12-15|04:56:20] Inserting 3628 Exploits 
INFO[12-15|04:56:20] Inserting new Exploits 
3628 / 3628 [---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------] 100.00% ? p/s
INFO[12-15|04:56:20] No CveID Exploit Count                   count=0
INFO[12-15|04:56:20] CveID Exploit Count                      count=3628

$ go-exploitdb search --type CVE --param CVE-2025-49844

Results: 
---------------------------------------

[*]CVE-ExploitID Reference:
  CVE: CVE-2025-49844
  Exploit Type: Nuclei
  Exploit Unique ID: Nuclei-5e210979e211a5e6aa9bc35dff0d5f12
  URL: https://github.com/projectdiscovery/nuclei-templates/blob/main/javascript/cves/2025/CVE-2025-49844.yaml
  Description: Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2. To workaround this issue without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to restrict EVAL and EVALSHA commands.


[*]Exploit Detail Info: ---------------------------------------

Checklist:

You don't have to satisfy all of the following.

  • Write tests
  • Write documentation
  • Check that there aren't other open pull requests for the same issue/feature
  • Format your source code by make fmt
  • Pass the test by make test
  • Provide verification config / commands
  • Enable "Allow edits from maintainers" for this PR
  • Update the messages below

Is this ready for review?: YES

Reference

@MaineK00n MaineK00n self-assigned this Dec 14, 2025
@MaineK00n MaineK00n requested a review from shino December 14, 2025 20:49
shino
shino approved these changes Dec 15, 2025
View reviewed changes
Copy link
Contributor

@shino shino left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🍻

@MaineK00n MaineK00n merged commit 6ddff63 into master Dec 15, 2025
7 checks passed
@MaineK00n MaineK00n deleted the MaineK00n/nuclei branch December 15, 2025 08:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@shino shino shino approved these changes

Assignees

@MaineK00n MaineK00n

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@MaineK00n @shino