Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,062cataloged exploits
31,617CVEs with public exploitation
0lab-tested
AllExploit-DB 22,467Referência 19,791GitHub PoC 13,086VulnCheck XDB 8,069Nuclei 4,187Metasploit 3,462✓ verified onlyrecentpopularrisk
3,462 exploits
Metasploit600
Langflow AI RCE
Langflow < 1.3.0 Unauthenticated RCE via /api/v1/validate/code
100RISK
open ↗Metasploit600
BentoML's runner server RCE
Insecure Deserialization leads to RCE in BentoML's runner server
75RISK
open ↗Metasploit600
BentoML RCE
BentoML Allows Remote Code Execution (RCE) via Insecure Deserialization
75RISK
open ↗Metasploit500
Ivanti Connect Secure Unauthenticated Remote Code Execution via Stack-based Buffer Overflow
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7
100RISK
open ↗Metasploit600
pgAdmin Query Tool authenticated RCE (CVE-2025-2945)
pgAdmin 4: Remote Code Execution in Query Tool and Cloud Deployment
75RISK
open ↗Metasploit300
Gladinet CentreStack/Triofox Path Traversal
Gladinet CentreStack and TrioFox Local File Inclusion Flaw
100RISK
open ↗Metasploit600
Gladinet CentreStack/Triofox ASP.NET ViewState Deserialization
Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the
100RISK
open ↗Metasploit600
Appsmith RCE
An issue was discovered in Appsmith before 1.52. An incorrectly configured PostgreSQL instance in the Appsmith image lea
43RISK
open ↗Metasploit600
WP User Registration and Membership Unauthenticated Privilege Escalation (CVE-2025-2563)
User Registration & Membership < 4.1.2- Unauthenticated Privilege Escalation
68RISK
open ↗Metasploit300
Next.js Middleware Authorization Bypass Scanner
Authorization Bypass in Next.js Middleware
85RISK
open ↗Metasploit600
ICTBroadcast Unauthenticated Remote Code Execution
ICTBroadcast <= 7.4 Unauthenticated Session Cookie RCE
63RISK
open ↗Metasploit600
Pandora FMS authenticated command injection leading to RCE via chromium_path or phantomjs_bin
QuickShell Authenticated Command Injection
48RISK
open ↗Metasploit600
WordPress SureTriggers (aka OttoKit) Combined Auth Bypass (CVE-2025-3102, CVE-2025-27007)
WordPress SureTriggers <= 1.0.82 - Privilege Escalation Vulnerability
75RISK
open ↗Metasploit600
WordPress SureTriggers (aka OttoKit) Combined Auth Bypass (CVE-2025-3102, CVE-2025-27007)
SureTriggers <= 1.0.78 - Authorization Bypass due to Missing Empty Value Check to Unauthenticated Administrative User Creation
78RISK
open ↗Metasploit300
Sante PACS Server Path Traversal (CVE-2025-2264)
Santesoft Sante PACS Server Path Traversal Information Disclosure
48RISK
open ↗Metasploit300
GLPI Inventory Plugin Unauthenticated Blind Boolean SQLi
GLPI allows unauthenticated SQL injection through the inventory endpoint
78RISK
open ↗Metasploit600
Tomcat Partial PUT Java Deserialization
Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT
100RISK
open ↗Metasploit300
Xorcom CompletePBX Authenticated File Disclosure via Backup Download
Xorcom CompletePBX <= 5.2.35 Authenticated File Disclosure
28RISK
open ↗Metasploit600
Xorcom CompletePBX Authenticated Command Injection via Task Scheduler
Xorcom CompletePBX <= 5.2.35 Task Scheduler Authenticated Command Injection
36RISK
open ↗Metasploit300
Xorcom CompletePBX Arbitrary File Read and Deletion via systemDataFileName
Xorcom CompletePBX <= 5.2.35 Authenticated Path Traversal & File Deletion
36RISK
open ↗Metasploit600
Remote Code Execution Vulnerability in XWiki Platform (CVE-2025-24893)
Remote code execution as guest via SolrSearchMacros request in xwiki
100RISK
open ↗Metasploit600
SPIP Saisies Plugin Unauthenticated RCE
SPIP Saisies Plugin < 5.11.1 Remote Code Execution
63RISK
open ↗Metasploit300
mySCADA myPRO Manager Credential Harvester (CVE-2025-24865 and CVE-2025-22896)
mySCADA myPRO Manager Missing Authentication for Critical Function
43RISK
open ↗Metasploit300
mySCADA myPRO Manager Credential Harvester (CVE-2025-24865 and CVE-2025-22896)
mySCADA myPRO Manager Cleartext Storage of Sensitive Information
43RISK
open ↗Metasploit300
Audiobookshelf Unauthenticated API Authentication Bypass Scanner
Remote Authentication-Bypass can lead to server crash or limited information disclosure due to faulty pattern matching
36RISK
open ↗Metasploit600
Wazuh server remote code execution caused by an unsafe deserialization vulnerability.
Remote code execution in Wazuh server
100RISK
open ↗Metasploit600
InvokeAI RCE
Remote Code Execution via Model Deserialization in invoke-ai/invokeai
63RISK
open ↗Metasploit600
Unauthenticated RCE in NetAlertX
NetAlertX 23.01.14 through 24.x before 24.10.12 allows unauthenticated command injection via settings update because fun
75RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.