Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
8,069 exploits
VulnCheck XDB
local
CVE-2021-4034HIGHunder attack01 Mar 2026
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool
100RISK
open
VulnCheck XDB
initial-access
CVE-2026-3395MEDIUM01 Mar 2026
MaxSite CMS MarkItUp Preview AJAX Endpoint preview-ajax.php eval code injection
33RISK
open
VulnCheck XDB
denial-of-service
CVE-2026-2441HIGHunder attack01 Mar 2026
Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside
76RISK
open
VulnCheck XDB
initial-access
CVE-2026-21902CRITICAL28 Feb 2026
Junos OS Evolved: PTX Series: A vulnerability allows a unauthenticated, network-based attacker to execute code as root
53RISK
open
VulnCheck XDB
client-side
CVE-2022-30190HIGHunder attackransomware28 Feb 2026
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
100RISK
open
VulnCheck XDB
local
CVE-2024-21626HIGH28 Feb 2026
runc container breakout through process.cwd trickery and leaked fds
61RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware28 Feb 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
remote-with-credentials
CVE-2017-9805HIGHunder attack28 Feb 2026
The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with a
100RISK
open
VulnCheck XDB
local
CVE-2024-35250HIGHunder attack27 Feb 2026
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
91RISK
open
VulnCheck XDB
initial-access
CVE-2022-21445CRITICALunder attack27 Feb 2026
Vulnerability in the Oracle Application Development Framework (ADF) product of Oracle Fusion Middleware (component: ADF
90RISK
open
VulnCheck XDB
info-leak
CVE-2026-1581HIGH27 Feb 2026
wpForo Forum <= 2.4.14 - Unauthenticated Time-Based SQL Injection
56RISK
open
VulnCheck XDB
initial-access
CVE-2022-42475CRITICALunder attackransomware27 Feb 2026
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0
100RISK
open
VulnCheck XDB
local
CVE-2022-36804HIGHunder attack26 Feb 2026
Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 bef
100RISK
open
VulnCheck XDB
remote-with-credentials
CVE-2025-32433CRITICALunder attack26 Feb 2026
Erlang/OTP SSH Vulnerable to Pre-Authentication RCE
100RISK
open
VulnCheck XDB
client-side
CVE-2022-26134CRITICALunder attackransomware26 Feb 2026
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an un
100RISK
open
VulnCheck XDB
initial-access
CVE-2023-43208CRITICALunder attackransomware26 Feb 2026
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that
100RISK
open
VulnCheck XDB
initial-access
CVE-2026-27174CRITICAL26 Feb 2026
MajorDoMo Unauthenticated Remote Code Execution via Admin Console Eval
63RISK
open
VulnCheck XDB
initial-access
CVE-2026-23550CRITICAL26 Feb 2026
WordPress Modular DS plugin <= 2.5.1 - Privilege Escalation vulnerability
68RISK
open
VulnCheck XDB
remote-with-credentials
CVE-2026-1357CRITICAL25 Feb 2026
Migration, Backup, Staging <= 0.9.123 - Unauthenticated Arbitrary File Upload
75RISK
open
VulnCheck XDB
local
CVE-2021-22555HIGHunder attack25 Feb 2026
Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE
100RISK
open
VulnCheck XDB
remote-with-credentials
CVE-2025-69985CRITICAL25 Feb 2026
FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Execution (RCE). The vulnera
48RISK
open
VulnCheck XDB
local
CVE-2022-24481HIGH25 Feb 2026
Windows Common Log File System Driver Elevation of Privilege Vulnerability
46RISK
open
VulnCheck XDB
info-leak
CVE-2021-2291125 Feb 2026
A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenti
60RISK
open
VulnCheck XDB
remote-with-credentials
CVE-2023-30258CRITICAL25 Feb 2026
Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary com
85RISK
open
VulnCheck XDB
initial-access
CVE-2023-43208CRITICALunder attackransomware25 Feb 2026
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that
100RISK
open
VulnCheck XDB
local
CVE-2021-3493HIGHunder attack25 Feb 2026
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting o
98RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware25 Feb 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2023-43208CRITICALunder attackransomware25 Feb 2026
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that
100RISK
open
VulnCheck XDB
denial-of-service
CVE-2025-47812CRITICALunder attack24 Feb 2026
In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection o
100RISK
open
VulnCheck XDB
initial-access
CVE-2023-43208CRITICALunder attackransomware24 Feb 2026
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that
100RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.