Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,063cataloged exploits
31,617CVEs with public exploitation
0lab-tested
13,086 exploits
GitHub PoC
jomjosh17/Log4Shell-CVE-2021-44228-
CVE-2021-44228CRITICALunder attackransomware30 May 2026
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISK
open
GitHub PoC
Testing a List of IP address incase they are vulnerable to CVE-2024-3400
CVE-2024-3400CRITICALunder attackransomware30 May 2026
PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect
100RISK
open
GitHub PoC
Python POC, Exploit for CVE-2026-29000
CVE-2026-29000CRITICAL30 May 2026
pac4j-jwt JwtAuthenticator Authentication Bypass
48RISK
open
GitHub PoC
SourceCodester Pharmacy Sales and Inventory System 1.0 - Vulnerable source code for CVE-2026-7392 SQL Injection
CVE-2026-7392MEDIUM30 May 2026
SourceCodester Pharmacy Sales and Inventory System ajax.php delete_supplier sql injection
33RISK
open
GitHub PoC7
Notepad++ RCE via config.xml commandLineInterpreter
CVE-2026-48778HIGH30 May 2026
Notepad++: Arbitrary Code Execution via config.xml commandLineInterpreter
41RISK
open
GitHub PoC
kavin-jindal/CVE-2026-48778-PoC
CVE-2026-48778HIGH30 May 2026
Notepad++: Arbitrary Code Execution via config.xml commandLineInterpreter
41RISK
open
GitHub PoC
WP Maps Pro <= 6.1.0 - Unauthenticated Privilege Escalation via Administrator Account Creation
CVE-2026-8732CRITICAL30 May 2026
WP Maps Pro <= 6.1.0 - Unauthenticated Privilege Escalation via Administrator Account Creation to wpgmp_temp_access_ajax AJAX Action
48RISK
open
GitHub PoC3
CVE-2026-0257
CVE-2026-0257HIGHunder attack30 May 2026
PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities
100RISK
open
GitHub PoC
CVE-2026-39987 - Draft
CVE-2026-39987CRITICALunder attack30 May 2026
marimo Affected by Pre-Auth Remote Code Execution via Terminal WebSocket Authentication Bypass
100RISK
open
GitHub PoC
letsr00t/CVE-2026-43494-PinTheft-PoC
CVE-2026-43494HIGH30 May 2026
net/rds: reset op_nents when zerocopy page pin fails
41RISK
open
GitHub PoC
CVE-2026-0257 - PAN-OS
CVE-2026-0257HIGHunder attack30 May 2026
PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities
100RISK
open
GitHub PoC
HAERIN-L/poc_cve-2026-42208
CVE-2026-42208CRITICALunder attack30 May 2026
LiteLLM: SQL injection in Proxy API key verification
100RISK
open
GitHub PoC2
WP Maps Pro <= 6.1.0 - Unauthenticated Privilege Escalation via Administrator Account Creation to wpgmp_temp_access_ajax AJAX Action
CVE-2026-8732CRITICAL30 May 2026
WP Maps Pro <= 6.1.0 - Unauthenticated Privilege Escalation via Administrator Account Creation to wpgmp_temp_access_ajax AJAX Action
48RISK
open
GitHub PoC
HAERIN-L/POC_CVE-2026-46716
CVE-2026-46716CRITICAL30 May 2026
Nezha Monitoring: RoleMember can run shell on every server (cross-tenant RCE) via POST /api/v1/cron
48RISK
open
GitHub PoC2
CVE-2026-8732 | WP Maps Pro <= 6.1.0 | Unauthenticated Privilege Escalation
CVE-2026-8732CRITICAL30 May 2026
WP Maps Pro <= 6.1.0 - Unauthenticated Privilege Escalation via Administrator Account Creation to wpgmp_temp_access_ajax AJAX Action
48RISK
open
GitHub PoC
CVE-2025-10162 Exploit
CVE-2025-10162HIGH30 May 2026
OrderConvo < 14 - Unauthenticated Arbitrary File Read
56RISK
open
GitHub PoC
Auditoría de seguridad y análisis de vulnerabilidades (CVE-2014-3566 y CVE-2010-2333) en la infraestructura de red local y router residencial.
CVE-2010-233330 May 2026
LiteSpeed Technologies LiteSpeed Web Server 4.0.x before 4.0.15 allows remote attackers to read the source code of scrip
50RISK
open
GitHub PoC
PHP poc, exploit for CVE-2025-9074
CVE-2025-9074CRITICAL30 May 2026
Docker Desktop allows unauthenticated access to Docker Engine API from containers
48RISK
open
GitHub PoC7
CVE-2025-38352 kernel exploit for LG webOS Smart TVs (ARM64). Achieves persistent root on real consumer hardware with novel exploitation techniques. Responsibly disclosed to LG.
CVE-2025-38352HIGHunder attack30 May 2026
posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()
71RISK
open
GitHub PoC
Exploiting heap-based buffer overflow in sudo for privilege escalation
CVE-2021-3156HIGHunder attack30 May 2026
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege
100RISK
open
GitHub PoC
Dungsocool/CVE-2018-7600
CVE-2018-7600CRITICALunder attackransomware30 May 2026
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbi
100RISK
open
GitHub PoC1
POC_CVE-2026-42589
CVE-2026-42589CRITICAL30 May 2026
Gotenberg: Unauthenticated RCE via ExifTool Metadata Key Injection
63RISK
open
GitHub PoC1
Safely detect whether a UniFi Network Application controller is vulnerable to CVE-2026-22557
CVE-2026-22557CRITICAL29 May 2026
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in the UniFi Network App
68RISK
open
GitHub PoC
Exploit de Execução Remota de Código (RCE) no XWiki
CVE-2025-24893CRITICALunder attack29 May 2026
Remote code execution as guest via SolrSearchMacros request in xwiki
100RISK
open
GitHub PoC
Dungsocool/CVE-2017-12635_36
CVE-2017-1263529 May 2026
Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB be
60RISK
open
GitHub PoC
CVE-2026-40564: SSRF via FlinkSessionJob jarURI in apache/flink-kubernetes-operator. Self-contained reproducer that runs on a local kind cluster with one make command.
CVE-2026-40564MEDIUM29 May 2026
Apache Flink Kubernetes Operator: Server-Side Request Forgery and local file access in Kubernetes Operator
33RISK
open
GitHub PoC
Automated CVE-2022-26923 Exploitation (Certifried)
CVE-2022-26923HIGHunder attack29 May 2026
Active Directory Domain Services Elevation of Privilege Vulnerability
100RISK
open
GitHub PoC
P1 W8 S22 - Metasploit Samba CVE-2007-2447 Exploitation
CVE-2007-244729 May 2026
The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands
50RISK
open
GitHub PoC
Oracle REST Data Services (ORDS) Unauthenticated RCE (CVE-2026-46840)
CVE-2026-46840CRITICAL29 May 2026
Vulnerability in Oracle REST Data Services (component: Backend-as-a-Service). Supported versions that are affected are
48RISK
open
GitHub PoC
Professional TryHackMe Simple CTF walkthrough covering enumeration, CMS Made Simple SQL Injection (CVE-2019-9053), credential recovery, SSH access, privilege escalation via Vim, and root compromise.
CVE-2019-905329 May 2026
An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve
35RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.