Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
8,069 exploits
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware05 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware05 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware05 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware05 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware05 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware05 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware05 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware05 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware05 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware05 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware05 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware05 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware05 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware05 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware05 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2021-300705 Dec 2025
Laminas Project laminas-http before 2.14.2, and Zend Framework 3.0.0, has a deserialization vulnerability that can lead
60RISK
open
VulnCheck XDB
initial-access
CVE-2022-26134CRITICALunder attackransomware05 Dec 2025
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an un
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-13486CRITICAL05 Dec 2025
Advanced Custom Fields: Extended 0.9.0.5 - 0.9.1.1 - Unauthenticated Remote Code Execution in prepare_form
85RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware05 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware04 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
infoleak
CVE-2025-55182CRITICALunder attackransomware04 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-13486CRITICAL04 Dec 2025
Advanced Custom Fields: Extended 0.9.0.5 - 0.9.1.1 - Unauthenticated Remote Code Execution in prepare_form
85RISK
open
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALunder attackransomware04 Dec 2025
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
VulnCheck XDB
initial-access
CVE-2021-26855CRITICALunder attackransomware04 Dec 2025
Microsoft Exchange Server Remote Code Execution Vulnerability
100RISK
open
VulnCheck XDB
initial-access
CVE-2023-2646903 Dec 2025
In Jorani 1.0.0, an attacker could leverage path traversal to access files and execute code on the server.
60RISK
open
VulnCheck XDB
local
CVE-2019-10149CRITICALunder attack03 Dec 2025
A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message(
100RISK
open
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALunder attack03 Dec 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RISK
open
VulnCheck XDB
initial-access
CVE-2023-46747CRITICALunder attackransomware03 Dec 2025
BIG-IP Configuration utility unauthenticated remote code execution vulnerability
100RISK
open
VulnCheck XDB
local
CVE-2021-21551HIGHunder attack02 Dec 2025
Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privile
98RISK
open
VulnCheck XDB
client-side
CVE-2025-43300CRITICALunder attack02 Dec 2025
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 1
83RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.