Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,062cataloged exploits
31,617CVEs with public exploitation
0lab-tested
AllExploit-DB 22,467Referência 19,791GitHub PoC 13,086VulnCheck XDB 8,069Nuclei 4,187Metasploit 3,462✓ verified onlyrecentpopularrisk
13,086 exploits
GitHub PoC
CVE-2026-0273 - Draft
PAN-OS: Authenticated Admin Command Injection Vulnerability via CLI or Web UI
33RISK
open ↗GitHub PoC★ 1
CVE-2026-50751 — Check Point IKEv1 Authentication Bypass
User Authentication Bypass in VPN Remote Access and Mobile Access
100RISK
open ↗GitHub PoC
CVE-2026-49777 - ShapedPlugin Product Slider Pro for WooCommerce Backdoor RCE
WordPress Product Slider Pro for WooCommerce plugin < 3.5.4 - Backdoor vulnerability
63RISK
open ↗GitHub PoC★ 2
CVE-2026-25089
A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet F
53RISK
open ↗GitHub PoC★ 1
FOSSBilling CVE-2026-53647 & CVE-2026-53646 PoC — Unauthenticated API key disclosure & password reset token reuse
FOSSBilling vulnerable to unauthenticated API key configuration disclosure via guest Serviceapikey get_info endpoint
33RISK
open ↗GitHub PoC
Cisco Unified Communications Manager (Unified CM) deployments affected by CVE-2026-20230.
Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability
53RISK
open ↗GitHub PoC★ 2
Safely detect whether a SolarWinds Serv-U host is vulnerable to CVE-2026-28318
SolarWinds Serv-U Unauthenticated Denial of Service Vulnerability
76RISK
open ↗GitHub PoC★ 3
CVE-2026-48907
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RISK
open ↗GitHub PoC★ 1
CVE-2026-35273
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Mana
100RISK
open ↗GitHub PoC★ 4
CVE-2026-35273
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Mana
100RISK
open ↗GitHub PoC★ 3
Toolkit for CVE-2025-55182, also known as React2Shell.
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open ↗GitHub PoC
rootdirective-sec/CVE-2026-46645-Analysis-Lab
SQLAdmin: Authorization Bypass on `ajax_lookup`
33RISK
open ↗GitHub PoC★ 9
An offensive security researcher + an AI vs. a fresh n-day: building the first public PoC for CVE-2026-53435 in one Friday night. Raw 8h20m log inside.
In Jenkins 2.567 and earlier, LTS 2.555.2 and earlier, it is possible for attackers to have Jenkins deserialize arbitrar
46RISK
open ↗GitHub PoC
This project simulates a real-world attack-and-defend scenario across two virtual machines. You will exploit a critical pre-authentication RCE vulnerability (CVE-2025-32433) in an Erlang/OTP SSH server, crack extracted password hashes, and then harden the victim machine with firewall rules and patching.
Erlang/OTP SSH Vulnerable to Pre-Authentication RCE
100RISK
open ↗GitHub PoC
Chains CVE-2025-57819 (stacked query SQL injection) and CVE-2025-61678 (authenticated file upload in FreePBX Endpoint Manager) to achieve Remote Code Execution (RCE). For educational use only.
FreePBX Affected by Authentication Bypass Leading to SQL Injection and RCE
100RISK
open ↗GitHub PoC★ 39
A demonstration of read write using cve-2025-43529 on iOS 26.1
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.3 and
71RISK
open ↗GitHub PoC
anirudhmakkar/cve-2026-7665
Essential Addons for Elementor <= 6.6.4 - Missing Authorization to Unauthenticated Information Exposure via 'load_more' AJAX Handler
33RISK
open ↗GitHub PoC
This repository contains a lab validation report and detection artefacts for DirtyFrag CVE-2026-43284, a Linux local privilege escalation issue related to the XFRM/ESP page-cache write path. The focus is on auditd telemetry, event correlation, and SOC-oriented detection logic.
xfrm: esp: avoid in-place decrypt on shared skb frags
78RISK
open ↗GitHub PoC
leehunkoo/cve-2013-4660_PoC
The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, whic
43RISK
open ↗GitHub PoC★ 4
CVE-2026-10520
An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote
85RISK
open ↗GitHub PoC
byte16384/CVE-2026-49492-PoC
Markdown Preview Enhanced OS Command Injection in External File and Link Opening
41RISK
open ↗GitHub PoC
Lab + writeup for CVE-2026-44166: PocketBase OAuth2 account pre-hijacking via unvalidated createData.email
Pocketbase: Account pre-hijacking via OAuth2 unverfied->verified autolinking upgrade
33RISK
open ↗GitHub PoC
Cyber-DarkNay/CVE-2025-6440
WooCommerce Designer Pro <= 1.9.26 - Unauthenticated Arbitrary File Upload
60RISK
open ↗GitHub PoC★ 1
CVE-2026-11645
Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitra
71RISK
open ↗GitHub PoC★ 3
CVE-2026-36213 | Local Privilege Escalation in MEmu Android Emulator 9.2.7.0 via Insecure Service Binary Permissions | Patched in 9.3.2
An issue in Microvirt MEmu Android Emulator 9.2.7.0 allows a local attacker to escalate privileges via the MemuService.e
41RISK
open ↗GitHub PoC
This repository contains a lab validation report and detection artefacts for DirtyFrag CVE-2026-43284, a Linux local privilege escalation issue related to the XFRM/ESP page-cache write path. The focus is on auditd telemetry, event correlation, and SOC-oriented detection logic.
xfrm: esp: avoid in-place decrypt on shared skb frags
78RISK
open ↗GitHub PoC
CVE-2026-5027 - Draft
Langflow - Path Traversal Arbitrary File Write via upload_user_file
68RISK
open ↗GitHub PoC
CVE-2026-10795 The UpdraftPlus POC
UpdraftPlus: WP Backup & Migration Plugin <= 1.26.4 - Unauthenticated Authentication Bypass via UpdraftCentral udrpc
41RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.