Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,062cataloged exploits
31,617CVEs with public exploitation
0lab-tested
AllExploit-DB 22,467Referência 19,791GitHub PoC 13,086VulnCheck XDB 8,069Nuclei 4,187Metasploit 3,462✓ verified onlyrecentpopularrisk
13,086 exploits
GitHub PoC
Dependency-free interactive Python exploit for the vsftpd 2.3.4 backdoor (CVE-2011-2523).
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
60RISK
open ↗GitHub PoC★ 19
TheCyberGeek/CVE-2026-4480-PoC
Samba: samba: remote code execution in printing subsystem via unescaped job description
68RISK
open ↗GitHub PoC
t1ckprivate/CVE-2026-43284-Dirty-Frag
xfrm: esp: avoid in-place decrypt on shared skb frags
78RISK
open ↗GitHub PoC★ 4
CVE-2026-49975 HTTP/2 Stream Amplification — Docker PoC with Web Console
Apache HTTP Server: mod_http2 denial of service
46RISK
open ↗GitHub PoC
Technical writeup and penetration testing report for CVE-2010-2075, demonstrating UnrealIRCd backdoor exploitation and remediation.
UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from November 2009 through June 2010, contains an externally
60RISK
open ↗GitHub PoC
This Python proof-of-concept targets a vulnerable MCP (Model Context Protocol) service exposed by the target application. The vulnerability allows an attacker to supply arbitrary server configuration parameters through the /api/mcp/connect endpoint.
REC in MCPJam inspector due to HTTP Endpoint exposes
75RISK
open ↗GitHub PoC
yurahshell/CVE-2026-41940
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RISK
open ↗GitHub PoC
react CVE-2025-55182
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open ↗GitHub PoC
yurahshell/CVE-2025-55182
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open ↗GitHub PoC
react2shell - CVE-2025-55182 (Next.js: CVE-2025-66478) - Unauthenticated RCE in React Server Components (Flight Protocol) - PoC Exploit
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open ↗GitHub PoC
cve-2026-23744 python exploit
REC in MCPJam inspector due to HTTP Endpoint exposes
75RISK
open ↗GitHub PoC
yurahshell/CVE-2025-49132
Pterodactyl Panel Allows Unauthenticated Arbitrary Remote Code Execution
68RISK
open ↗GitHub PoC
Exploit for Copy-Fail Vulnerability - Python3 Version
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC★ 1
CVE-2026-48866 — Gravity Forms <= 2.10.0.1 Arbitrary File Deletion via Path Traversal (CVSS 9.6)
WordPress Gravity Forms plugin <= 2.10.0.1 - Arbitrary File Deletion vulnerability
48RISK
open ↗GitHub PoC
PoC for CVE-2026-26179 / ZDI-26-276, my very own Secure Kernel bug
Windows Kernel Elevation of Privilege Vulnerability
41RISK
open ↗GitHub PoC
Hands-on lab for CVE-2026-40072 — SSRF vulnerability in web3.py via CCIP Read (EIP-3668)
web3.py affected by SSRF via CCIP Read (EIP-3668) OffchainLookup URL handling
28RISK
open ↗GitHub PoC★ 1
CVE-2026-20230 - Cisco Unified CM
Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability
53RISK
open ↗GitHub PoC
rootdirective-sec/CVE-2026-8206-Lab
Kirki 6.0.0 - 6.0.6 - Unauthenticated Privilege Escalation via 'handle_forgot_password'
48RISK
open ↗GitHub PoC
Piotnet Forms Pro <= 2.1.40 - Unauthenticated Arbitrary File Upload → RCE
Piotnet Forms <= 2.1.40 - Unauthenticated Arbitrary File Upload via Form File Upload
48RISK
open ↗GitHub PoC
CVE-2026-35904 / CVE-2026-35905 / CVE-2026-35906 — Unauth RCE, Hardcoded Root Creds & Telnet Enable in T3 Technology CPE
Incorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, an
48RISK
open ↗GitHub PoC★ 1
Detect-only scanner for CVE-2026-42945 (NGINX Rift), a heap overflow in ngx_http_rewrite_module. Version detection + nginx.conf pattern analysis. Python 3 stdlib-only, no network calls.
NGINX ngx_http_rewrite_module vulnerability
60RISK
open ↗GitHub PoC
Dhananjayasj/CVE-2024-1698-NotificationX-WordPress-Plugin-SQL-Injection-to-Admin-Credential-Extraction
NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With Elementor <= 2.8.2 - Unauthenticated SQL Injection
85RISK
open ↗GitHub PoC
0-Click RCE Android Adb TLS Wireless Debugging
In adbd_tls_verify_cert of auth.cpp, there is a possible bypass of wireless ADB mutual authentication due to a logic err
41RISK
open ↗GitHub PoC
YellowKey | BitLocker Bypass Vulnerability (CVE-2026-45585)
Windows BitLocker Security Feature Bypass Vulnerability
33RISK
open ↗GitHub PoC★ 13
Attack surface in the real-world environment of CVE-2026-41096
Windows DNS Client Remote Code Execution Vulnerability
48RISK
open ↗GitHub PoC
PoC CVE-2026-8732 (WP Maps Pro <= 6.1.0)
WP Maps Pro <= 6.1.0 - Unauthenticated Privilege Escalation via Administrator Account Creation to wpgmp_temp_access_ajax AJAX Action
48RISK
open ↗GitHub PoC
HTB Facts is a Easy Linux box featuring Camaleon CMS and MinIO. Gain admin access via open registration and a mass assignment vulnerability, then extract MinIO credentials from admin settings. Use CVE-2024-46987 path traversal to steal an SSH private key, crack its passphrase, and escalate to root by abusing sudo permissions on facter via GTFOBins.
Arbitrary path traversal in Camaleon CMS
61RISK
open ↗GitHub PoC
CVE-2026-23631-Draft
redis-server Lua use-after-free may allow remote code execution
33RISK
open ↗GitHub PoC★ 2
Proof of Concept (PoC) exploit for CVE-2026-6815: Authenticated Path Traversal & Arbitrary File Write in Casdoor (< 3.54.1) leading to RCE/DoS.
CVE-2026-6815
33RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.