Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
13,086 exploits
GitHub PoC
permite a un atacante remoto no autenticado leer archivos arbitrarios del sistema afectado mediante una inyección de XML External Entity (XXE)
CVE-2026-20224HIGH15 May 2026
Cisco Catalyst SD-WAN Manager XML External Entity Injection Vulnerability
41RISK
open
GitHub PoC5
CVE-2026-8181 - Burst Statistics 3.4.0-3.4.1.1 Unauthenticated Authentication Bypass to Admin Account Takeover | Proof of Concept
CVE-2026-8181CRITICAL14 May 2026
Burst Statistics 3.4.0 - 3.4.1.1 - Authentication Bypass to Admin Account Takeover
68RISK
open
GitHub PoC
User Registration & Membership <= 5.1.5 - Unauthenticated Missing Authorization to Admin Approval Bypass via 'action' Parameter
CVE-2026-6145MEDIUM14 May 2026
User Registration & Membership <= 5.1.5 - Unauthenticated Missing Authorization to Admin Approval Bypass via 'action' Parameter
33RISK
open
GitHub PoC46
exploit for CVE-2026-42945
CVE-2026-42945CRITICAL14 May 2026
NGINX ngx_http_rewrite_module vulnerability
60RISK
open
GitHub PoC1
Proof of concept exploit for CVE-2026-46391
CVE-2026-46391HIGH14 May 2026
HAX open-apis: Credential Theft via Server-Side Request Forgery (SSRF) in open-apis
41RISK
open
GitHub PoC1
CVE-2026-44403-WingFTP-v8.1.2-POC-Exploit
CVE-2026-44403HIGH14 May 2026
Wing FTP Server < 8.1.3 Authenticated Remote Code Execution via Session Serialization
41RISK
open
GitHub PoC
Test repo: simulates CVE-2025-30066 style compromised GitHub Action (for security research/testing chainradar)
CVE-2025-30066HIGHunder attack14 May 2026
tj-actions changed-files before 46 allows remote attackers to discover secrets by reading actions logs. (The tags v1 thr
83RISK
open
GitHub PoC2
nanwinata/nginxrift-CVE-2026-42945
CVE-2026-42945CRITICAL14 May 2026
NGINX ngx_http_rewrite_module vulnerability
60RISK
open
GitHub PoC
ChamsBouzaiene/ai-vuln-rediscovery-nginx-cve-2026-42945
CVE-2026-42945CRITICAL14 May 2026
NGINX ngx_http_rewrite_module vulnerability
60RISK
open
GitHub PoC1
Scan your NGINX configuration to determine whether it is affected by CVE-2026-42945.
CVE-2026-42945CRITICAL14 May 2026
NGINX ngx_http_rewrite_module vulnerability
60RISK
open
GitHub PoC15
p3Nt3st3r-sTAr/CVE-2026-42945-POC
CVE-2026-42945CRITICAL14 May 2026
NGINX ngx_http_rewrite_module vulnerability
60RISK
open
GitHub PoC33
Nginx Rewrite CVE Scan(CVE-2026-42945 nginx-rift CVE-2026-9256)
CVE-2026-42945CRITICAL14 May 2026
NGINX ngx_http_rewrite_module vulnerability
60RISK
open
GitHub PoC2
CVE-2026-42945
CVE-2026-42945CRITICAL14 May 2026
NGINX ngx_http_rewrite_module vulnerability
60RISK
open
GitHub PoC19
NGINX Rift 漏洞分析与复现
CVE-2026-42945CRITICAL14 May 2026
NGINX ngx_http_rewrite_module vulnerability
60RISK
open
GitHub PoC
These detection scripts are property of the SECPlayground Platform. Two safe detection scripts. Neither drives the close_notify-mid-BDAT trigger, so they will not crash the daemon or leave panic-log entries. Both verdicts are "likely vulnerable" — distinguishing GnuTLS from OpenSSL builds remotely is not reliable without exploitation.
CVE-2026-45185CRITICAL14 May 2026
Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing p
48RISK
open
GitHub PoC
ydking0911/CVE-2026-4060-PoC
CVE-2026-4060HIGH14 May 2026
Geo Mashup <= 1.13.18 - Unauthenticated Time-Based SQL Injection via 'sort' Parameter
41RISK
open
GitHub PoC
A CopyFail CVE-2026-31431 implementation in python that isnt slop! Bring your own payload
CVE-2026-31431HIGHunder attack14 May 2026
crypto: algif_aead - Revert to operating out-of-place
100RISK
open
GitHub PoC
0xFuffM3/CVE-2026-31431-CopyFail
CVE-2026-31431HIGHunder attack14 May 2026
crypto: algif_aead - Revert to operating out-of-place
100RISK
open
GitHub PoC
A comprehensive full-lifecycle penetration testing project on Joomla 4.2.5 exploiting CVE-2023-23752 inside a Dockerized lab environment
CVE-2023-23752MEDIUMunder attack14 May 2026
[20230201] - Core - Improper access check in webservice endpoints
100RISK
open
GitHub PoC
mbanyamer/CVE-2026-22553-InSAT-MasterSCADA-BUK-TS-MMadmServ
CVE-2026-22553CRITICAL14 May 2026
InSAT MasterSCADA BUK-TS OS Command Injection
48RISK
open
GitHub PoC
Snort 3 IDS → IPS lab on Kali. Custom detection rules + iptables enforcement against ICMP recon, Nmap SYN scans, Hydra FTP brute force, and vsftpd 2.3.4 backdoor (CVE-2011-2523).
CVE-2011-252314 May 2026
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
60RISK
open
GitHub PoC1
Sentebale/CVE-2026-46300
CVE-2026-46300HIGH14 May 2026
net: skbuff: preserve shared-frag marker during coalescing
41RISK
open
GitHub PoC1
CVE-2026-46300
CVE-2026-46300HIGH14 May 2026
net: skbuff: preserve shared-frag marker during coalescing
41RISK
open
GitHub PoC
SessionReaper-CVE-2025-54236
CVE-2025-54236CRITICALunder attack13 May 2026
Adobe Commerce | Improper Input Validation (CWE-20)
100RISK
open
GitHub PoC1
First CTF successfully completed! This repo documents my walkthrough of TryHackMe's Simple CTF. It covers network reconnaissance (Nmap), web exploitation (CVE-2019-9053), and credential cracking. As a dev, it was great to pivot from SQLi to a Root shell by leveraging Sudo misconfigurations. Educational purposes only.
CVE-2019-905313 May 2026
An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve
35RISK
open
GitHub PoC
rootdirective-sec/CVE-2026-33626-Lab
CVE-2026-33626HIGH13 May 2026
LMDeploy Vulnerable to Server-Side Request Forgery (SSRF) via Vision-Language Image Loading
68RISK
open
GitHub PoC
pixelotes/lab-cve-2023-4863
CVE-2023-4863HIGHunder attack13 May 2026
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to
93RISK
open
GitHub PoC
Checker and fixer for all 13 vulnerabilities in the Next.js May 2026 security release (CVE-2026-23870)
CVE-2026-23870HIGH13 May 2026
A denial of service vulnerability could be triggered by sending specially crafted HTTP requests to server function endpo
41RISK
open
GitHub PoC3
masjadaan/CVE-2025-29338
CVE-2025-29338MEDIUM13 May 2026
NXP moal.ko Wi-Fi driver 5.1.7.10 FW version from v17.92.1.p149.43 To v17.92.1.p149.157 was discovered to contain a buff
33RISK
open
GitHub PoC1
Analísis - POC - Mitigación
CVE-2026-31431HIGHunder attack13 May 2026
crypto: algif_aead - Revert to operating out-of-place
100RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.