Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,062cataloged exploits
31,617CVEs with public exploitation
0lab-tested
AllExploit-DB 22,467Referência 19,791GitHub PoC 13,086VulnCheck XDB 8,069Nuclei 4,187Metasploit 3,462✓ verified onlyrecentpopularrisk
71,062 exploits
VulnCheck XDB
remote-with-credentials
Redis Lua Use-After-Free may lead to remote code execution
85RISK
open ↗VulnCheck XDB
initial-access
User Authentication Bypass in VPN Remote Access and Mobile Access
100RISK
open ↗GitHub PoC
Saku0512/CVE-2026-54686-poc
Warp: DCS lifecycle hook spoofing can alter terminal session metadata
33RISK
open ↗GitHub PoC
0xdak/CVE-2026-44881_exploit
Portainer: Arbitrary File Read via Git Symlink Injection in Stack Auto-Update
41RISK
open ↗GitHub PoC
CVE-2026-20262 - Draft
Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability
63RISK
open ↗GitHub PoC★ 1
Mass Scanner For Drupal Exploit CVE-2026-9082
Drupal core - Highly critical - SQL injection - SA-CORE-2026-004
100RISK
open ↗GitHub PoC★ 1
PoC exploit for CVE-2025-55182 (React2Shell) — Pre-auth RCE in React Server Components | CVSS 10.0
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open ↗GitHub PoC
Penetration testing assessment of a vulnerable IIS 6.0 WebDAV server, demonstrating reconnaissance, enumeration, exploitation (CVE-2017-7269), and privilege escalation to SYSTEM, along with risk analysis and remediation strategies.
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in
100RISK
open ↗GitHub PoC
This is an exploit poc for CVE-2026-4480
Samba: samba: remote code execution in printing subsystem via unescaped job description
68RISK
open ↗VulnCheck XDB
info-leak
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an
100RISK
open ↗GitHub PoC
CVE-2026-50751 Mass Scanner
User Authentication Bypass in VPN Remote Access and Mobile Access
100RISK
open ↗GitHub PoC★ 4
Manage and recover BitLocker encrypted drives with this tool for Windows 11 recovery key management and educational study of CVE-2026-45585.
Windows BitLocker Security Feature Bypass Vulnerability
33RISK
open ↗GitHub PoC
CVE-2025-49844 exploit script
Redis Lua Use-After-Free may lead to remote code execution
85RISK
open ↗GitHub PoC★ 8
This is a Linux Kernel Local Privilege Escalation PoC code for CVE-2026-52943 a use-after-free in skbuff.c, my first 0day found by me in linux kernel
net: skbuff: fix missing zerocopy reference in pskb_carve helpers
41RISK
open ↗VulnCheck XDB
denial-of-service
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISK
open ↗GitHub PoC
TryHackMe SOC Level 1 — Follina CVE-2022-30190, Nim C2, Chisel, PrintSpoofer, backdoor accounts
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
100RISK
open ↗GitHub PoC★ 2
DylanZahedi/CVE-2026-9277
shell-quote `quote()` does not validate object-token shapes, allowing command injection via line terminators in `.op`
48RISK
open ↗GitHub PoC
CVE-2026-38812 RuoYi v4.8.2 SQL Injection
RuoYi v4.8.2 is vulnerable to SQL Injection via the /tool/gen/createTable endpoint. The issue affects the code generatio
48RISK
open ↗GitHub PoC★ 1
This repository documents CVE-2026-48849, a Stored Cross-Site Scripting (XSS), HTML Injection, and CSS Injection vulnerability discovered in Roundcube Webmai
In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1, an unsanitized subject field in the draft restored valu
33RISK
open ↗GitHub PoC
ElianGonzi00/CVE-2025-2783
Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allow
71RISK
open ↗GitHub PoC
webapp vulnerable to CVE-2021-44228
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISK
open ↗GitHub PoC
rootdirective-sec/CVE-2026-10795-Lab
UpdraftPlus: WP Backup & Migration Plugin <= 1.26.4 - Unauthenticated Authentication Bypass via UpdraftCentral udrpc
41RISK
open ↗VulnCheck XDB
client-side
Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allow
71RISK
open ↗GitHub PoC
ikarolaborda/CVE-2026-40176
Composer is vulnerable to Command Injection via Malicious Perforce Repository
41RISK
open ↗GitHub PoC★ 4
HTTP.sys Denial of Service Vulnerability & HTTP.sys Remote Code Execution Vulnerability
HTTP.sys Denial of Service Vulnerability
53RISK
open ↗GitHub PoC★ 3
PoC exploit for CVE-2026-53519.
Nezha Monitoring: Pre-auth path traversal via /dashboard.. prefix confusion leaks jwt_secret_key
48RISK
open ↗GitHub PoC
Research and analysis of the ServiceNow Virtual Agent vulnerability (CVE-2025-12420), including attack flow, MITRE ATT&CK mapping, detection strategies, and mitigation recommendations.
Unauthenticated Privilege Escalation in ServiceNow AI Platform
60RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.