Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
8,069 exploits
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware16 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware15 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware15 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2017-5638CRITICALunder attackransomware15 Dec 2025
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception ha
100RISK
open
VulnCheck XDB
client-side
CVE-2025-6218HIGHunder attack15 Dec 2025
RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability
93RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware15 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware15 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALunder attack15 Dec 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware14 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware14 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware14 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware14 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware14 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
local
CVE-2025-6019HIGH14 Dec 2025
Libblockdev: lpe from allow_active to root in libblockdev via udisks
41RISK
open
VulnCheck XDB
denial-of-service
CVE-2023-44487HIGHunder attack14 Dec 2025
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many
93RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware14 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
denial-of-service
CVE-2025-55184HIGH14 Dec 2025
A pre-authentication denial of service vulnerability exists in React Server Components versions 19.0.0, 19.0.1 19.1.0, 1
68RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware13 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware13 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware13 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware13 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware13 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware13 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware13 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware13 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
denial-of-service
CVE-2025-55184HIGH13 Dec 2025
A pre-authentication denial of service vulnerability exists in React Server Components versions 19.0.0, 19.0.1 19.1.0, 1
68RISK
open
VulnCheck XDB
initial-access
CVE-2024-10914CRITICAL13 Dec 2025
D-Link DNS-320/DNS-320LW/DNS-325/DNS-340L account_mgr.cgi cgi_user_add os command injection
85RISK
open
VulnCheck XDB
denial-of-service
CVE-2025-55184HIGH13 Dec 2025
A pre-authentication denial of service vulnerability exists in React Server Components versions 19.0.0, 19.0.1 19.1.0, 1
68RISK
open
VulnCheck XDB
remote-with-credentials
CVE-2025-8110HIGHunder attack13 Dec 2025
File overwrite in file update API in Gogs
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware13 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.