CVE-2026-45091

May 15, 2026 ยท View on GitHub

๐Ÿ“Œ Purpose of This Repository

This repository is provided strictly for educational, academic, and authorized cybersecurity research purposes only.

It is intended to support understanding of:

  • Security vulnerabilities and exploitation concepts in controlled environments
  • Sandbox isolation mechanisms and their limitations
  • Secure software design and defensive security practices

๐Ÿšซ Authorized Use Only

This repository must only be used in environments where explicit permission has been granted, such as:

  • Personal or controlled virtual machines
  • Docker or isolated lab environments
  • Authorized penetration testing engagements
  • Academic or cybersecurity training setups

Any use outside of authorized environments is strictly prohibited.


โš–๏ธ No Responsibility / No Liability

The author and contributors of this repository are not responsible, liable, or accountable for any misuse, damage, loss, or legal consequences arising from the use, misuse, or distribution of this project or its contents.

By using this repository, you acknowledge that:

  • You are solely responsible for your actions
  • You assume full legal responsibility for any use or misuse
  • The author provides no warranty or guarantee of any kind, expressed or implied
  • Any illegal, unethical, or unauthorized use is strictly at your own risk

๐Ÿšจ Illegal Use Disclaimer

The author explicitly disclaims any responsibility for illegal, malicious, or unauthorized use of this repository or its contents.

Any such use is:

  • Not endorsed
  • Not supported
  • Not encouraged
  • Entirely outside the scope of this project

๐Ÿ›ก๏ธ Ethical Use Statement

This project is intended solely for:

  • Defensive security research
  • Vulnerability education and awareness
  • Secure coding and system hardening research
  • Academic and professional cybersecurity learning

It follows the principles of responsible disclosure and ethical security research.


๐Ÿ“Œ Final Reminder

Security research must always be conducted with:

  • โœ” Proper legal authorization
  • โœ” Ethical intent
  • โœ” Isolated and controlled environments
  • โœ” Compliance with applicable laws and policies

๐Ÿ“ง Contact

For responsible disclosure or research collaboration, please contact the repository maintainer via GitHub.

Credit or reference

Usage

chmod +x poc-cve-2026-45091.sh

# Run with a captured token
./poc-cve-2026-45091.sh "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b3RwU2VjcmV0IjoiSldJU0hJVEUyM0FCTEMyM0RFRkciLCJleHAiOjE3MTAwMDAwMDB9.signature"
const token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b3RwU2VjcmV0IjoiSldJU0hJVEUyM0FCTEMyM0RFRkci...";
node extract-totp.js