Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,062cataloged exploits
31,617CVEs with public exploitation
0lab-tested
13,086 exploits
GitHub PoC1
GadaLuBau1337/CVE-2026-44578
CVE-2026-44578HIGH20 Jun 2026
Next.js: Server-side request forgery in applications using WebSocket upgrades
68RISK
open
GitHub PoC3
🔥 CVE-2026-41091 SolarFlare | Microsoft Defender LPE exploit. Low-privileged users gain NT AUTHORITY\SYSTEM via Cloud Files API + NTFS junction trickery. Forces Defender to write malicious payloads to System32 with SYSTEM rights. ⚠️ Actively exploited in wild. CVSS 7.8. Patch: Defender Engine 1.1.26040.8. 🛡️ Educational PoC only.
CVE-2026-41091HIGHunder attack20 Jun 2026
Microsoft Defender Elevation of Privilege Vulnerability
71RISK
open
GitHub PoC2
Missing Authorization to Unauthenticated File Modification
CVE-2026-11912HIGH20 Jun 2026
Simple File List <= 6.3.7 - Missing Authorization to Unauthenticated File Modification via simplefilelist_edit_job AJAX Action
41RISK
open
GitHub PoC
Time-Based Blind SQL Injection tool for MySQL - CVE-2019-9053
CVE-2019-905320 Jun 2026
An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve
35RISK
open
GitHub PoC
Technical analysis of Apache Tomcat CVE-2024-50379, covering root cause, exploitation conditions, detection strategies, and mitigation techniques.
CVE-2024-50379CRITICAL20 Jun 2026
Apache Tomcat: RCE due to TOCTOU issue in JSP compilation
60RISK
open
GitHub PoC
Повышение привилегий через race condition в polkit
CVE-2021-3560HIGHunder attack19 Jun 2026
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privile
91RISK
open
GitHub PoC
Saku0512/CVE-2026-54761-poc
CVE-2026-54761MEDIUM19 Jun 2026
Traefik: Kubernetes Gateway crossProviderNamespaces bypass allows HTTPRoute outside the allowlist to expose internal Traefik services
33RISK
open
GitHub PoC
xxconi/CVE-2026-4782
CVE-2026-4782MEDIUM19 Jun 2026
Avada Builder <= 3.15.2 - Authenticated (Subscriber+) Arbitrary File Read via 'custom_svg' Shortcode Parameter
33RISK
open
GitHub PoC2
POC for CVE-2026-25212
CVE-2026-25212CRITICAL19 Jun 2026
An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileg
48RISK
open
GitHub PoC6
PoC exploit for CVE-2023-6019 - Remote Code Execution via unauthenticated Ray Dashboard Jobs API.
CVE-2023-6019CRITICAL19 Jun 2026
Ray Command Injection in cpu_profile Parameter
85RISK
open
GitHub PoC2
CVE-2026-42530
CVE-2026-42530CRITICAL19 Jun 2026
NGINX Open-Source ngx_http_v3_module vulnerability
48RISK
open
GitHub PoC
CVE-2026-7515: BetterDocs Pro <= 3.8.0 - Unauthenticated Local File Inclusion TO RCE EXPLOİT
CVE-2026-7515CRITICAL19 Jun 2026
BetterDocs Pro <= 3.8.0 - Unauthenticated Local File Inclusion via doc_style
48RISK
open
GitHub PoC
PoC for CVE-2022-0543 – Redis Remote Code Execution (RCE)
CVE-2022-0543CRITICALunder attack19 Jun 2026
It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific
100RISK
open
GitHub PoC2
CVE-2026-10520 - CVE-2026-10523 - Ivanti Sentry
CVE-2026-10523CRITICAL19 Jun 2026
An Authentication Bypass vulnerability (CWE-288) in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allow
60RISK
open
GitHub PoC
CVE-2026-48611- authentication bypass in phpBB
CVE-2026-48611CRITICAL19 Jun 2026
Improper authentication checks in the OAuth implementation allow account hijacking even when OAuth is not configured or
63RISK
open
GitHub PoC
Exploitability PoC for CVE-2026-43515 (Apache Tomcat constraint bypass).
CVE-2026-43515CRITICAL19 Jun 2026
Apache Tomcat: Security constraints not correctly applied
48RISK
open
GitHub PoC
CVE-2026-42055 - Draft
CVE-2026-42055CRITICAL19 Jun 2026
NGINX ngx_http_proxy_v2_module and ngx_http_grpc_module vulnerability
48RISK
open
GitHub PoC1
Unauthenticated Privilege Escalation via Account Takeover
CVE-2026-11551CRITICAL19 Jun 2026
Branda – White Label & Branding, Free Login Page Customizer <= 3.4.29 - Unauthenticated Privilege Escalation via Account Takeover
48RISK
open
GitHub PoC
CVE-2026-11551: Branda Plugin - Unauthenticated Privilege Escalation via Account Takeover
CVE-2026-11551CRITICAL19 Jun 2026
Branda – White Label & Branding, Free Login Page Customizer <= 3.4.29 - Unauthenticated Privilege Escalation via Account Takeover
48RISK
open
GitHub PoC
CVE-2026-42530 - Draft
CVE-2026-42530CRITICAL19 Jun 2026
NGINX Open-Source ngx_http_v3_module vulnerability
48RISK
open
GitHub PoC4
Scanner PoC for CVE-2026-42530 -- nginx 1.31.0-1.31.1 HTTP/3 QPACK encoder stream Use-After-Free (CVSS 9.2)
CVE-2026-42530CRITICAL19 Jun 2026
NGINX Open-Source ngx_http_v3_module vulnerability
48RISK
open
GitHub PoC2
ptd200110/CVE-2024-27198-SOC-Lab
CVE-2024-27198CRITICALunder attackransomware19 Jun 2026
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
100RISK
open
GitHub PoC
AlexMihailEngineer/CVE-2026-11784-Optimole-CSRF
CVE-2026-11784MEDIUM19 Jun 2026
Optimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization <= 4.2.6 - Cross-Site Request Forgery via 'optml_replace_file' AJAX Action
33RISK
open
GitHub PoC
Root-Level RCE via OS Command Injection in Ivanti Sentry
CVE-2026-10520CRITICAL18 Jun 2026
An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote
85RISK
open
GitHub PoC1
CVE-2026-40369
CVE-2026-40369HIGH18 Jun 2026
Windows Kernel Elevation of Privilege Vulnerability
41RISK
open
GitHub PoC
A PoC/exploit written in python for the unauthenticated SQL injection vulnerability CVE-2026-3359 situated within Form Maker (version <= 1.15.42) by 10Web.
CVE-2026-3359HIGH18 Jun 2026
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder <= 1.15.42 - Unauthenticated SQL Injection via 'inputs'
41RISK
open
GitHub PoC
CVE-2025-6254 — Doctreat Core <= 1.6.8 — Unauthenticated Privilege Escalation
CVE-2025-6254CRITICAL18 Jun 2026
Doctreat Core <= 1.6.8 - Unauthenticated Privilege Escalation
48RISK
open
GitHub PoC
A vulnerability in LiteSpeed cPanel Plugin before 2.4.8 and WHM Plugin before 5.3.2.0 mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS.
CVE-2026-54420HIGHunder attack18 Jun 2026
LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provide
71RISK
open
GitHub PoC1
Defensive lab validation and SOC detection guidance for CVE-2026-48907 in Joomla JCE <= 2.9.99.4, including Apache/Joomla/auditd telemetry, webshell artifacts, Sigma rules, MITRE ATT&CK mapping and mitigation recommendations.
CVE-2026-48907CRITICALunder attack18 Jun 2026
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RISK
open
GitHub PoC
HTTP2-Bomb
CVE-2026-49975HIGH18 Jun 2026
Apache HTTP Server: mod_http2 denial of service
46RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.