Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,062cataloged exploits
31,617CVEs with public exploitation
0lab-tested
13,086 exploits
GitHub PoC5
CVE-2026-46331 — Linux Kernel Local Privilege Escalation TC pedit + IPsec TEE Page Cache Corruption · Affected kernels: ≤ 6.12.9
CVE-2026-46331HIGH28 Jun 2026
net/sched: fix pedit partial COW leading to page cache corruption
41RISK
open
GitHub PoC192
CVE-2026-41940 authentication bypass vulnerability proof-of-concept
CVE-2026-41940CRITICALunder attackransomware28 Jun 2026
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RISK
open
GitHub PoC
Why-Shell/CVE-2026-38751
CVE-2026-38751HIGH28 Jun 2026
OpenSTAManager version 2.10 and earlier contains an arbitrary file upload vulnerability in the module update functionali
41RISK
open
GitHub PoC1
CVE-2026-49048 — JoomCCK 6.4.0 Unauthenticated SQL Injection (CVSS 9.8)
CVE-2026-49048HIGH28 Jun 2026
Joomla Extension - joomcoder.com - Unauthenticated SQL Injection in JoomCCK extension for Joomla < 6.4.1
41RISK
open
GitHub PoC2
DirtyClone - local privilege escalation (LPE) proof-of-concept targeting a kernel/XFRM-related vulnerability described in the source as CVE-2026-43503
CVE-2026-43503HIGH28 Jun 2026
net: skbuff: propagate shared-frag marker through frag-transfer helpers
41RISK
open
GitHub PoC1
CVE-2026-12485
CVE-2026-12485CRITICAL28 Jun 2026
GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command
48RISK
open
GitHub PoC
Double-free in Apache httpd mod_http2 stream cleanup leading to pre-auth RCE
CVE-2026-23918HIGH28 Jun 2026
Apache HTTP Server: http2: double free and possible RCE on early reset
53RISK
open
GitHub PoC
Unauthenticated RCE PoC for CVE-2026-48908 SP Page Builder (Joomla) arbitrary file upload and remote code execution exploit with mass scaning support.
CVE-2026-48908CRITICAL28 Jun 2026
Joomla Extension - joomshaper.com - Remote Code Execution in SP Pagebuilder extension for Joomla < 6.6.2
48RISK
open
GitHub PoC2
Educational, defensive kit for two Linux page-cache-corruption LPEs (DirtyClone CVE-2026-43503, pedit COW CVE-2026-46331): hardening, detection, verification, seccomp + validation harness. Detection and prevention only — no exploit code. TLP:CLEAR.
CVE-2026-43503HIGH27 Jun 2026
net: skbuff: propagate shared-frag marker through frag-transfer helpers
41RISK
open
GitHub PoC
PoC for CVE-2026-5366: git argument injection in Prefect's GitRepository leading to RCE on the worker.
CVE-2026-5366CRITICAL27 Jun 2026
Git Argument Injection in prefecthq/prefect
48RISK
open
GitHub PoC
Hunt-Benito/traefik-stripprefix-auth-bypass-cve-2026-48020-path-normalization
CVE-2026-48020HIGH27 Jun 2026
Traefik StripPrefix Route-Level Auth Bypass via Path Normalization
41RISK
open
GitHub PoC
SugiB3o/CVE-2026-31431
CVE-2026-31431HIGHunder attack27 Jun 2026
crypto: algif_aead - Revert to operating out-of-place
100RISK
open
GitHub PoC
CVE-2026-46331 - Draft
CVE-2026-46331HIGH27 Jun 2026
net/sched: fix pedit partial COW leading to page cache corruption
41RISK
open
GitHub PoC
CVE-2026-48907 is a CVSS 10.0 pre-auth RCE in Joomla Content Editor affecting all versions ≤ 2.9.99.4. The Grayxploit team breaks down the 3-weakness chain — missing auth, no extension validation, and an unsafe upload flag — that lets attackers pop a shell in 3 HTTP requests.
CVE-2026-48907CRITICALunder attack27 Jun 2026
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RISK
open
GitHub PoC56
cve-2026-48907 scanner
CVE-2026-48907CRITICALunder attack27 Jun 2026
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RISK
open
GitHub PoC2
CVE-2026-0073-Android-ADBD-bypass-POC汉化版
CVE-2026-0073HIGH27 Jun 2026
In adbd_tls_verify_cert of auth.cpp, there is a possible bypass of wireless ADB mutual authentication due to a logic err
41RISK
open
GitHub PoC7
OpenSTAManager-RCE-Exploit-CVE-2026-38751
CVE-2026-38751HIGH27 Jun 2026
OpenSTAManager version 2.10 and earlier contains an arbitrary file upload vulnerability in the module update functionali
41RISK
open
GitHub PoC1
WP Full Stripe Free <= 8.4.3 - Missing Authorization
CVE-2026-12432MEDIUM27 Jun 2026
Stripe Payment Forms by WP Full Pay <= 8.4.3 - Missing Authorization to Unauthenticated Payment Record Manipulation via 'paymentIntentId' Parameter
33RISK
open
GitHub PoC
patched ffmpeg-tools for jellyfin to patch CVE-2026-8461 aka PixelSmash
CVE-2026-8461HIGH27 Jun 2026
Heap out-of-bounds write via odd slice_height in FFmpeg MagicYUV decoder
41RISK
open
GitHub PoC105
CVE-2026-43499 PoC
CVE-2026-43499HIGH27 Jun 2026
rtmutex: Use waiter::task instead of current in remove_waiter()
41RISK
open
GitHub PoC
sec0x/CVE-2026-43503
CVE-2026-43503HIGH26 Jun 2026
net: skbuff: propagate shared-frag marker through frag-transfer helpers
41RISK
open
GitHub PoC
The SSRF filter checked hostname text, but the actual destination was decided later by DNS. That gap let attacker-controlled Webhook URLs reach loopback, metadata, and private network targets.
CVE-2026-34207HIGH26 Jun 2026
TypeBot: SSRF Protection Bypass via DNS-Resolved Hostnames in Webhook / HTTP Request Validation
41RISK
open
GitHub PoC
fevar54/CVE-2026-20253-Splunk-Enterprise-Pre-Auth-RCE-
CVE-2026-20253CRITICALunder attack26 Jun 2026
Unauthenticated Arbitrary File Creation and Truncation in a PostgreSQL Sidecar Service Endpoint in Splunk Enterprise
100RISK
open
GitHub PoC3
CVE-2026-20251 — Splunk Secure Gateway jsonpickle deserialization RCE (CVSS 8.8) | ReactiveZero Security Research
CVE-2026-20251HIGH26 Jun 2026
Remote Code Execution through Deserialization of Untrusted Data in Splunk Secure Gateway
41RISK
open
GitHub PoC15
mooder1/dirtyclone-CVE-2026-43503
CVE-2026-43503HIGH26 Jun 2026
net: skbuff: propagate shared-frag marker through frag-transfer helpers
41RISK
open
GitHub PoC
CVE-2026-12415-or-CVE-2026-12416.py
CVE-2026-12415CRITICAL26 Jun 2026
Invoice Generator <= 1.0.0 - Unauthenticated Privilege Escalation via Account Takeover via 'user_id' Parameter
48RISK
open
GitHub PoC4
aexdyhaxor/CVE-2026-43503-DirtyClone
CVE-2026-43503HIGH26 Jun 2026
net: skbuff: propagate shared-frag marker through frag-transfer helpers
41RISK
open
GitHub PoC
e-corp-demo/CVE-2026-44788
CVE-2026-44788MEDIUM26 Jun 2026
SharpCompress: Directory traversal via directory entries in WriteToDirectory (zip slip variant)
33RISK
open
GitHub PoC
12hrformat/CVE-2026-35273-POC
CVE-2026-35273CRITICALunder attackransomware26 Jun 2026
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Mana
100RISK
open
GitHub PoC
Penpot's remote image import let an authenticated file editor turn a normal media convenience feature into backend-origin SSRF because attacker-controlled URLs crossed into a redirect-following server fetch path without destination filtering.
CVE-2026-45806HIGH26 Jun 2026
Penpot: Authenticated SSRF in remote image import via create-file-media-object-from-url
38RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.