Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,002cataloged exploits
31,582CVEs with public exploitation
3,462 exploits
Metasploit600
MajorDoMo Remote Command Injection via cycle_execs Race Condition
CVE-2026-27175CRITICAL18 Feb 2026
MajorDoMo Command Injection in rc/index.php via Race Condition
43RISK
open
Metasploit600
BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) unauthenticated Remote Code Execution
CVE-2026-1731CRITICALunder attackransomware06 Feb 2026
Remote code execution vulnerability in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)
100RISK
open
Metasploit600
Tactical RMM Jinja2 SSTI Remote Code Execution
CVE-2025-69516HIGH29 Jan 2026
A Server-Side Template Injection (SSTI) vulnerability in the /reporting/templates/preview/ endpoint of Amidaware Tactica
36RISK
open
Metasploit600
Ivanti Endpoint Manager Mobile (EPMM) unauthenticated RCE
CVE-2026-1340CRITICALunder attack29 Jan 2026
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.
100RISK
open
Metasploit600
Ivanti Endpoint Manager Mobile (EPMM) unauthenticated RCE
CVE-2026-1281CRITICALunder attack29 Jan 2026
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.
100RISK
open
Metasploit500
SolarWinds Web Help Desk unauthenticated RCE
CVE-2025-40551CRITICALunder attack28 Jan 2026
SolarWinds Web Help Desk Deserialization of Untrusted Data Remote Code Execution Vulnerability
95RISK
open
Metasploit500
SolarWinds Web Help Desk unauthenticated RCE
CVE-2025-40536HIGHunder attack28 Jan 2026
SolarWinds Web Help Desk Security Control Bypass Vulnerability
100RISK
open
Metasploit500
HUSTOJ Admin users can zip-slip problem_import_qduoj.php, planting PHP files in webroot for RCE
CVE-2026-24479CRITICAL26 Jan 2026
HUSTOJ has Arbitrary File Write (Zip Slip) in Problem Import Modules that leads to RCE
63RISK
open
Metasploit500
GNU Inetutils Telnet Authentication Bypass Exploit CVE-2026-24061
CVE-2026-24061CRITICALunder attack26 Jan 2026
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment
100RISK
open
Metasploit300
osTicket Arbitrary File Read via PHP Filter Chains in mPDF
CVE-2026-22200HIGH13 Jan 2026
osTicket (1.18.x < 1.18.3, 1.17.x < 1.17.7) PDF Export Arbitrary File Read
58RISK
open
Metasploit600
AVideo notify.ffmpeg.json.php Unauthenticated RCE via Salt Discovery
CVE-2025-34442MEDIUM19 Dec 2025
AVideo < 20.1 System Path Disclosure via Public API
28RISK
open
Metasploit300
MongoDB Memory Disclosure (CVE-2025-14847) - Mongobleed
CVE-2025-14847HIGHunder attack19 Dec 2025
Zlib compressed protocol header length confusion may allow memory read
100RISK
open
Metasploit600
AVideo notify.ffmpeg.json.php Unauthenticated RCE via Salt Discovery
CVE-2025-34441MEDIUM19 Dec 2025
AVideo < 20.1 User Information Disclosure via Public API
28RISK
open
Metasploit600
AVideo notify.ffmpeg.json.php Unauthenticated RCE via Salt Discovery
CVE-2025-34433CRITICAL19 Dec 2025
AVideo < 20.1 Unauthenticated RCE via Predictable Installation Salt
63RISK
open
Metasploit300
ChurchCRM Database Restore RCE 6.2.0
CVE-2025-68109CRITICAL17 Dec 2025
ChurchCRM vulnerable to RCE with database restore functionality
43RISK
open
Metasploit600
ChurchCRM Unauthenticated RCE via Setup Page
CVE-2025-62521CRITICAL17 Dec 2025
ChurchCRM has unauthenticated RCE in its Install Wizard
43RISK
open
Metasploit600
FreeBSD rtsold/rtsol DNSSL Command Injection
CVE-2025-14558HIGH16 Dec 2025
Remote code execution via ND6 Router Advertisements
56RISK
open
Metasploit600
HPE OneView unauthenticated RCE
CVE-2025-37164CRITICALunder attack16 Dec 2025
A remote code execution issue exists in HPE OneView.
100RISK
open
Metasploit600
Control Web Panel /admin/index.php Unauthenticated RCE
CVE-2025-67888HIGH16 Dec 2025
An issue was discovered in Control Web Panel (CWP) before 0.9.8.1209. User input passed via the "key" GET parameter to /
56RISK
open
Metasploit600
FreePBX firmware file upload
CVE-2025-66039CRITICAL11 Dec 2025
FreePBX Endpoint Manager Allows Unauthenticated Logins to Administrator Control Panel via Forged Basic Auth Header
63RISK
open
Metasploit600
FreePBX endpoint SQLi to RCE
CVE-2025-61675HIGH11 Dec 2025
FreePBX Endpoint Manager vulnerable to authenticated SQL injection in multiple configuration parameters
48RISK
open
Metasploit300
FreePBX Custom Extension SQL Injection
CVE-2025-61675HIGH11 Dec 2025
FreePBX Endpoint Manager vulnerable to authenticated SQL injection in multiple configuration parameters
48RISK
open
Metasploit300
FreePBX Custom Extension SQL Injection
CVE-2025-66039CRITICAL11 Dec 2025
FreePBX Endpoint Manager Allows Unauthenticated Logins to Administrator Control Panel via Forged Basic Auth Header
63RISK
open
Metasploit600
FreePBX endpoint SQLi to RCE
CVE-2025-66039CRITICAL11 Dec 2025
FreePBX Endpoint Manager Allows Unauthenticated Logins to Administrator Control Panel via Forged Basic Auth Header
63RISK
open
Metasploit600
FreePBX firmware file upload
CVE-2025-61678HIGH11 Dec 2025
FreePBX Endpoint Manager vulnerable to authenticated arbitrary file upload via fwbrand parameter
48RISK
open
Metasploit300
Gladinet CentreStack/Triofox Access Ticket Forge
CVE-2025-14611HIGHunder attack10 Dec 2025
Gladinet CentreStack and TrioFox Hard Coded AES Keys
98RISK
open
Metasploit600
Unauthenticated RCE in React Server Components (React2Shell)
CVE-2025-6647803 Dec 2025
15RISK
open
Metasploit600
Unauthenticated RCE in React Server Components (React2Shell)
CVE-2025-55182CRITICALunder attackransomware03 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
Metasploit600
WordPress ACF Extended Unauthenticated RCE via prepare_form()
CVE-2025-13486CRITICAL02 Dec 2025
Advanced Custom Fields: Extended 0.9.0.5 - 0.9.1.1 - Unauthenticated Remote Code Execution in prepare_form
85RISK
open
Metasploit600
Eclipse Che machine-exec Unauthenticated RCE
CVE-2025-12548CRITICAL01 Dec 2025
Github.com/che-incubator/che-code: eclipse che — unauthenticated rce and secret exfiltration via tcp/3333
43RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.