Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,062cataloged exploits
31,617CVEs with public exploitation
0lab-tested
AllExploit-DB 22,467Referência 19,791GitHub PoC 13,086VulnCheck XDB 8,069Nuclei 4,187Metasploit 3,462✓ verified onlyrecentpopularrisk
13,086 exploits
GitHub PoC
12hrformat/CVE-2026-35273-POC
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Mana
100RISK
open ↗GitHub PoC
Penpot's remote image import let an authenticated file editor turn a normal media convenience feature into backend-origin SSRF because attacker-controlled URLs crossed into a redirect-following server fetch path without destination filtering.
Penpot: Authenticated SSRF in remote image import via create-file-media-object-from-url
38RISK
open ↗GitHub PoC
fevar54/CVE-2026-20253-Splunk-Enterprise-Pre-Auth-RCE-
Unauthenticated Arbitrary File Creation and Truncation in a PostgreSQL Sidecar Service Endpoint in Splunk Enterprise
100RISK
open ↗GitHub PoC
A local package installation helper trusted caller-supplied package names too much. In yeoman-environment, missing generators could be installed without user confirmation, turning attacker-controlled project metadata into a package-install and code-execution path.
yeoman-environment Vulnerable to Arbitrary Package Installation without User Confirmation
41RISK
open ↗GitHub PoC
The SSRF filter checked hostname text, but the actual destination was decided later by DNS. That gap let attacker-controlled Webhook URLs reach loopback, metadata, and private network targets.
TypeBot: SSRF Protection Bypass via DNS-Resolved Hostnames in Webhook / HTTP Request Validation
41RISK
open ↗GitHub PoC
sec0x/CVE-2026-43503
net: skbuff: propagate shared-frag marker through frag-transfer helpers
41RISK
open ↗GitHub PoC★ 4
aexdyhaxor/CVE-2026-43503-DirtyClone
net: skbuff: propagate shared-frag marker through frag-transfer helpers
41RISK
open ↗GitHub PoC★ 15
mooder1/dirtyclone-CVE-2026-43503
net: skbuff: propagate shared-frag marker through frag-transfer helpers
41RISK
open ↗GitHub PoC★ 26
CVE-2026-46331
net/sched: fix pedit partial COW leading to page cache corruption
41RISK
open ↗GitHub PoC
CVE-2026-54807 WooCommerce Privilege Escalation ║ ║ Unauthenticated Admin Role Assignment via Reg. Form
WordPress Registration Form for WooCommerce plugin <= 1.0.9 - Privilege Escalation vulnerability
48RISK
open ↗GitHub PoC★ 4
CVE-2026-8461
Heap out-of-bounds write via odd slice_height in FFmpeg MagicYUV decoder
41RISK
open ↗GitHub PoC
7whyex/CVE-2026-45321-Tanstack
Malware in 42 @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys
78RISK
open ↗GitHub PoC
POC of CVE-2026-53075
ppp: require CAP_NET_ADMIN in target netns for unattached ioctls
41RISK
open ↗GitHub PoC
Squamity/CVE-2026-8181-PoC
Burst Statistics 3.4.0 - 3.4.1.1 - Authentication Bypass to Admin Account Takeover
68RISK
open ↗GitHub PoC★ 1
CVE-2026-7574
Anthropic Claude Desktop Cowork VM Image Contents Not Validated Before Use
41RISK
open ↗GitHub PoC★ 1
W5M1n9/Cisco-Unified-Communications-Manager-Server-Side-Forgery-Request-Vulnerability-CVE-2026-20230
Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability
53RISK
open ↗GitHub PoC★ 24
CVE-2026-43503
net: skbuff: propagate shared-frag marker through frag-transfer helpers
41RISK
open ↗GitHub PoC★ 1
Proof of concept for CVE-2026-56111, an out-of-bounds write in the M421 G-code handler of Marlin Firmware
Marlin Firmware 2.1.2.7 Out-of-Bounds Write via M421 G-code Handler
41RISK
open ↗GitHub PoC★ 13
Y5neKO/CVE-2026-8461-EXP
Heap out-of-bounds write via odd slice_height in FFmpeg MagicYUV decoder
41RISK
open ↗GitHub PoC★ 60
CVE-2026-45504 Microsoft Exchange File Read
Microsoft Exchange Server Elevation of Privilege Vulnerability
41RISK
open ↗GitHub PoC
CVE-2026-49777, CVE-2026-10735 - Draft
WordPress Product Slider Pro for WooCommerce plugin < 3.5.4 - Backdoor vulnerability
63RISK
open ↗GitHub PoC
CVE-2026-31431 getroot from a Turkish Cryptominer
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC★ 1
Unauthenticated Account Takeover via Weak Password Reset Validation via 'reset_user_id' Parameter | Unauthenticated Privilege Escalation via Weak Password Reset Validation via 'reset_activation_code' Leading to Account Takeover
Invoice Generator <= 1.0.0 - Unauthenticated Account Takeover via Weak Password Reset Validation via 'reset_user_id' Parameter
48RISK
open ↗GitHub PoC
CVE-2026-48908 - SP Page Builder Joomla Unauthenticated RCE
Joomla Extension - joomshaper.com - Remote Code Execution in SP Pagebuilder extension for Joomla < 6.6.2
48RISK
open ↗GitHub PoC
Unauthenticated RCE PoC for CVE-2026-48908 SP Page Builder (Joomla) arbitrary file upload and remote code execution exploit with mass scaning support.
Joomla Extension - joomshaper.com - Remote Code Execution in SP Pagebuilder extension for Joomla < 6.6.2
48RISK
open ↗GitHub PoC★ 1
CVE-2026-48908
Joomla Extension - joomshaper.com - Remote Code Execution in SP Pagebuilder extension for Joomla < 6.6.2
48RISK
open ↗GitHub PoC★ 1
CVE-2026-8461 - Draft
Heap out-of-bounds write via odd slice_height in FFmpeg MagicYUV decoder
41RISK
open ↗GitHub PoC
Proof of Concept of CVE-2026-38526 in Krayin CRM <= v2.2.x. Arbitrary File Upload leading to Remote Code Execution
An authenticated arbitrary file upload vulnerability in the /admin/tinymce/upload endpoint of Webkul Krayin CRM v2.2.x a
48RISK
open ↗GitHub PoC
Prueba de concepto de CVE-2021-41773
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
100RISK
open ↗GitHub PoC★ 7
anyanything/CVE-2026-8461-PoC
Heap out-of-bounds write via odd slice_height in FFmpeg MagicYUV decoder
41RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.