Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,163cataloged exploits
31,687CVEs with public exploitation
0lab-tested
13,134 exploits
GitHub PoC
CVE-2025-49113 – Roundcube ≤1.6.10 post-auth RCE via PHP object deserialization (HackTheBox CTF)
CVE-2025-49113CRITICALunder attack16 Apr 2026
Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the
100RISK
open
GitHub PoC1
CVE-2010-2075 exploit
CVE-2010-207516 Apr 2026
UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from November 2009 through June 2010, contains an externally
60RISK
open
GitHub PoC
CVE-2025-24893 – XWiki SSTI unauthenticated RCE exploit (HackTheBox CTF)
CVE-2025-24893CRITICALunder attack16 Apr 2026
Remote code execution as guest via SolrSearchMacros request in xwiki
100RISK
open
GitHub PoC2
Saku0512/CVE-2026-40176-poc
CVE-2026-40176HIGH16 Apr 2026
Composer is vulnerable to Command Injection via Malicious Perforce Repository
41RISK
open
GitHub PoC
A critical access control vulnerability in locally deployed Pro-Bit application in versions less than v1.77.4 allows unauthenticated attackers to directly access sensitive directory and its subdirectories.
CVE-2025-69428HIGH16 Apr 2026
An issue in Pro-Bit before v1.77.4 allows unauthenticated attackers to directly access sensitive directory and its subdi
41RISK
open
GitHub PoC1
ZaidArif47/CVE-2024-42009
CVE-2024-42009CRITICALunder attack16 Apr 2026
A Cross-Site Scripting vulnerability in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to stea
100RISK
open
GitHub PoC
Fixed CVE-2019-9053
CVE-2019-905315 Apr 2026
An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve
35RISK
open
GitHub PoC1
Unauthenticated password reset exploit for Flowise AI ≤ 3.0.5. Abuses the /api/v1/account/forgot-password endpoint to change any user's password without prior authentication. Includes a proof-of-concept script and mitigation guidelines.
CVE-2025-58434CRITICAL15 Apr 2026
Flowise Cloud and Local Deployments have Unauthenticated Password Reset Token Disclosure that Leads to Account Takeover
75RISK
open
GitHub PoC
Secured root-level access by identifying and exploiting misconfigurations and outdated software. Buffer overflow vulnerability in an outdated version of mod_ssl (CVE-2002-0082). Privilege escalation was subsequently achieved by exploiting a race condition in the Linux kernel's "ptrace" utility (CVE-2003-0127),
CVE-2003-012715 Apr 2026
The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root p
23RISK
open
GitHub PoC
Writeup och POC för CVE-2008-2992
CVE-2008-2992HIGHunder attackransomware15 Apr 2026
Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary c
100RISK
open
GitHub PoC
opsecramdan/react2shell-cve-2025-55182
CVE-2025-55182CRITICALunder attackransomware15 Apr 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
GitHub PoC
Secured root-level access by identifying and exploiting misconfigurations and outdated software. Buffer overflow vulnerability in an outdated version of mod_ssl (CVE-2002-0082). Privilege escalation was subsequently achieved by exploiting a race condition in the Linux kernel's "ptrace" utility (CVE-2003-0127),
CVE-2002-008215 Apr 2026
The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and Apache-SSL before 1.3.22+1.46, does not properly
28RISK
open
GitHub PoC
Gogs RCE PoC - CVE-2025-8110
CVE-2025-8110HIGHunder attack15 Apr 2026
File overwrite in file update API in Gogs
100RISK
open
GitHub PoC1
A simple python script to exploit CVE-2025-59528, this an Authenticated RCE vulnerability in Flowise application, a popular AI tool. That is also used in HTB seasonal challenge. The issue is present in version <= 3.0.5, for more details: https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-3gcm-f6qx-ff7p
CVE-2025-59528CRITICAL15 Apr 2026
Flowise has Remote Code Execution vulnerability
85RISK
open
GitHub PoC1
Authenticated Remote Code Execution (RCE) exploit for Flowise AI versions ≤ 3.0.4. Leverages a vulnerability in the /api/v1/node-load-method/customMCP endpoint to execute arbitrary system commands via Node.js child_process.execSync(). Includes full PoC script and remediation steps.
CVE-2025-59528CRITICAL15 Apr 2026
Flowise has Remote Code Execution vulnerability
85RISK
open
GitHub PoC
Ava-Vispilio/CVE-2024-3094
CVE-2024-3094CRITICAL15 Apr 2026
Xz: malicious code in distributed source
70RISK
open
GitHub PoC
A documented penetration testing lab built on Kali Linux and Metasploitable2, walking through a full attack chain from network traffic analysis and service enumeration through to exploiting the vsftpd 2.3.4 backdoor (CVE-2011-2523) and achieving root access. Includes blue team detection notes and MITRE ATT&CK mapping throughout.
CVE-2011-252315 Apr 2026
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
60RISK
open
GitHub PoC
This repository contains alternative payload approaches for the InvokeAI RCE vulnerability (CVE-2024-12029) when SSH key injection fails. The payloads are designed to test if pickle deserialization is actually occurring and provide alternative access methods.
CVE-2024-12029CRITICAL15 Apr 2026
Remote Code Execution via Model Deserialization in invoke-ai/invokeai
63RISK
open
GitHub PoC
Repositorio para la práctica de DEV sobre la vulnerabilidad CVE-2021-4034. Realizada únicamente con fines académicos.
CVE-2021-4034HIGHunder attack15 Apr 2026
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool
100RISK
open
GitHub PoC
canpilayda/n8n-RCE-CVE-2025-68613
CVE-2025-68613CRITICALunder attack14 Apr 2026
n8n Vulnerable to Remote Code Execution via Expression Injection
100RISK
open
GitHub PoC
FathanahHidayati/https-github.com-xaitax-CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability
CVE-2024-21413CRITICALunder attack14 Apr 2026
Microsoft Outlook Remote Code Execution Vulnerability
100RISK
open
GitHub PoC
Saku0512/CVE-2026-35585-poc
CVE-2026-35585HIGH14 Apr 2026
File Browser has a Command Injection via Hook Runner
41RISK
open
GitHub PoC1
f8al/PoC-CVE-2020-9715
CVE-2020-9715HIGHunder attack14 Apr 2026
Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.3
83RISK
open
GitHub PoC
CVE-2025-58434 Flowise <= 3.0.5 and earlier allows account takeover via unauthenticated forgot-password token. CVE-2025-59528 lowiseAI Custom MCP Node Remote Code Execution.
CVE-2025-58434CRITICAL14 Apr 2026
Flowise Cloud and Local Deployments have Unauthenticated Password Reset Token Disclosure that Leads to Account Takeover
75RISK
open
GitHub PoC
PierfrancescoConti/leaflet-cve-2025-69993
CVE-2025-69993MEDIUM14 Apr 2026
Leaflet versions up to and including 1.9.4 are vulnerable to Cross-Site Scripting (XSS) via the bindPopup() method. This
33RISK
open
GitHub PoC1
This repository contains a Proof of Concept (PoC) exploit for CVE-2023-6972.
CVE-2023-6972CRITICAL13 Apr 2026
Backup Migration <= 1.3.9 - Unauthenticated Path Traversal to Arbitrary File Deletion
48RISK
open
GitHub PoC
[First-Blood-XO] React Server Component endpoint vulnerable to CVE-2025-55182 (RCE) → enumerated SUID binaries → /usr/bin/perl had SUID set → used Perl's POSIX setuid(0) to escalate to root → read /root/flag.txt
CVE-2025-55182CRITICALunder attackransomware13 Apr 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
GitHub PoC
Gogs Symlink Traversal → RCE
CVE-2025-8110HIGHunder attack13 Apr 2026
File overwrite in file update API in Gogs
100RISK
open
GitHub PoC
This is a special panel that is used to send POC requests with the output of responses.
CVE-2025-55182CRITICALunder attackransomware13 Apr 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
GitHub PoC
Fork of gogs/gogs for reachability benchmark testing (CVE-2024-45337)
CVE-2024-45337CRITICAL13 Apr 2026
Misuse of connection.serverAuthenticate may cause authorization bypass in golang.org/x/crypto
48RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.