Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,250cataloged exploits
31,733CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,880GitHub PoC 13,170VulnCheck XDB 8,078Nuclei 4,191Metasploit 3,462✓ verified onlyrecentpopularrisk
71,251 exploits
Exploit-DB
Apache HTTP Server 2.4.66 - 'mod_http2' Double-Free Denial of Service
Apache HTTP Server: http2: double free and possible RCE on early reset
53RISK
open ↗Exploit-DB
Wordpress Temporary Login Plugin 1.0.0 - 'temp-login-token' Authentication Bypass to Account Takeover
Temporary Login <= 1.0.0 - Authentication Bypass to Account Takeover
48RISK
open ↗GitHub PoC
CVE-2026-5718: Unauthenticated File Upload To RCE in DnD Upload CF7 Plugin
Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.7 - Unauthenticated Arbitrary File Upload via Non-ASCII Filename Blacklist Bypass
56RISK
open ↗Exploit-DB
Grav CMS 2.0.0-beta.2 - Remote Code Execution
Grav: Remote Code Execution (RCE) via Malicious Plugin ZIP Upload in Direct Install Feature
48RISK
open ↗GitHub PoC
CVE-2026-48095
GHSL-2026-140_7-Zip: 7-Zip has a heap buffer overflow via NTFS compressed stream buffer under-allocation
41RISK
open ↗GitHub PoC
xxconi/CVE-2026-6271
Career Section <= 1.7 - Unauthenticated Arbitrary File Upload
48RISK
open ↗GitHub PoC★ 1
Cisco Catalyst SD-WAN Peering Authentication Bypass
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
100RISK
open ↗GitHub PoC
CVE-2026-5229: Form Notify Auth Bypass via LINE OAuth Callback (CVSS 9.8)
Receive Notifications After Form Submitting – Form Notify for Any Forms <= 1.1.10 - Unauthenticated Authentication Bypass via LINE OAuth Callback
48RISK
open ↗VulnCheck XDB
initial-access
Drupal core - Highly critical - SQL injection - SA-CORE-2026-004
100RISK
open ↗GitHub PoC★ 10
ambionics/cve-2026-9082-drupal-postgresql-rce
Drupal core - Highly critical - SQL injection - SA-CORE-2026-004
100RISK
open ↗GitHub PoC★ 1
Working exploit for ssrf issue reported in CVE-2026–45401
Open WebUI: SSRF Bypass via HTTP Redirect Following in Web-Fetch and Image-Load Endpoints
41RISK
open ↗VulnCheck XDB
initial-access
Everest Forms <= 3.4.3 - Unauthenticated PHP Object Injection via Form Entry Metadata
48RISK
open ↗VulnCheck XDB
initial-access
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open ↗VulnCheck XDB
initial-access
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
100RISK
open ↗GitHub PoC
xxconi/CVE-2026-2942
ProSolution WP Client <= 1.9.9 - Unauthenticated Arbitrary File Upload via proSol_fileUploadProcess
48RISK
open ↗Exploit-DB
cPanel - CRLF Injection
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RISK
open ↗GitHub PoC
Dungsocool/CVE-2017-5638
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception ha
100RISK
open ↗GitHub PoC
xl337x/CVE-2023-31902
RPA Technology Mobile Mouse 3.6.0.4 is vulnerable to Remote Code Execution (RCE).
63RISK
open ↗GitHub PoC
Critical vulnerability in Siemens RuggedCom ROS devices allowing attackers to derive a hidden factory account password from the device MAC address and gain unauthorized administrative access via TELNET, rsh, or serial interfaces. Affects ROS 3.10.x and earlier.
RuggedCom Rugged Operating System (ROS) 3.10.x and earlier has a factory account with a password derived from the MAC Ad
50RISK
open ↗GitHub PoC
translating original python exploit to C
In adbd_tls_verify_cert of auth.cpp, there is a possible bypass of wireless ADB mutual authentication due to a logic err
41RISK
open ↗GitHub PoC
Educational laboratory for studying CVE-2014-0160 (Heartbleed) and framing inconsistencies in TLS heartbeat handling.
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packe
100RISK
open ↗GitHub PoC★ 2
CVE-2026-36239 | Authenticated RCE in PbootCMS ≤3.2.12
PbootCMS v.3.2.11 contains a code injection vulnerability in its site configuration functionality
33RISK
open ↗GitHub PoC★ 1
Repository for studying the CVE-2026-42945 vulnerability in nginx < 1.30
NGINX ngx_http_rewrite_module vulnerability
60RISK
open ↗VulnCheck XDB
info-leak
When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomc
100RISK
open ↗GitHub PoC
CVE-2026-38422 — Remote Code Execution via Combined Buffer Overflows in Tasmota fetch_jpg() (Tasmota <= 15.3.0.3)
Buffer Overflow vulnerability in arendst Tasmota v.15.3.0.3 and before allows a remote attacker to execute arbitrary cod
41RISK
open ↗GitHub PoC★ 45
PoC for CVE-2026-28990, an ImageIO bug patched in iOS/macOS 26.5
The issue was addressed with improved memory handling. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15
41RISK
open ↗GitHub PoC★ 29
CVE-2026-0091, play with an issue in android window management to perform arbitrary code execution in Launcher process from adb
In multiple locations, there is a possible way to execute code in the launcher process due to an over-privileged shell u
41RISK
open ↗GitHub PoC
CVE-2026-38427 — Integer Wraparound → Heap Buffer Overflow in Tasmota fetch_jpg() uint16_t (Tasmota <= 15.3.0.3)
An issue in fetch_jpg() in xdrv_10_scripter.ino in Tasmota through 15.3.0.3 allows a remote attacker to cause heap buffe
41RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.