Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,841GitHub PoC 13,140VulnCheck XDB 8,078Nuclei 4,190Metasploit 3,462✓ verified onlyrecentpopularrisk
13,140 exploits
GitHub PoC
VX Search Enterprise v10.1.12 Remote Buffer Overflow
Flexense VX Search Enterprise 10.1.12 is vulnerable to a buffer overflow via an empty POST request to a long URI beginni
23RISK
open ↗GitHub PoC
libssh Authentication Bypass (CVE-2018-10933) Lab
A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client coul
85RISK
open ↗GitHub PoC
demo application showing off SQL Injection exploit in django 5.2.7
Potential SQL injection via _connector keyword argument in QuerySet and Q objects
53RISK
open ↗GitHub PoC
0axz-tools/CVE-2025-6440
WooCommerce Designer Pro <= 1.9.26 - Unauthenticated Arbitrary File Upload
60RISK
open ↗GitHub PoC
A demo and explanation of CVE-2026-31431
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC
gustavorobertux/cisco-cve-2023-20198-checker
Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS
100RISK
open ↗GitHub PoC
ZoneMinder Time-Based SQL Injection (CVE-2024-51482) Exploit POC
Boolean-based SQL Injection in ZoneMinder v1.37.* <= 1.37.64
75RISK
open ↗GitHub PoC★ 2
lil0xplorer/CVE-2025-60787_PoC
MotionEye v0.43.1b4 and before is vulnerable to OS Command Injection in configuration parameters such as image_file_name
61RISK
open ↗GitHub PoC
An automated, high-precision zero-shot evaluation pipeline for OpenAI's CLIP model on CIFAR-10. Features 88.80% accuracy, Safetensors security mitigation (CVE-2025-32434), and AI Native (Trae) workflow.
PyTorch: `torch.load` with `weights_only=True` leads to remote code execution
48RISK
open ↗GitHub PoC★ 3
CVE-2023-38831 is a Zero-day WinRAR vulnerability that lets attackers disguise malicious files in archives, tricking users into executing harmful content.
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a
100RISK
open ↗GitHub PoC★ 202
CVE-2026-24061 exploit PoC
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment
100RISK
open ↗GitHub PoC
Penetration testing lab demonstrating CVE-2024-21413 moniker link exploitation for NTLM credential theft, including attack execution, hash cracking, and defensive countermeasures
Microsoft Outlook Remote Code Execution Vulnerability
100RISK
open ↗GitHub PoC★ 8
ZenoMinder Blind SQL Injection PoC
Boolean-based SQL Injection in ZoneMinder v1.37.* <= 1.37.64
75RISK
open ↗GitHub PoC
Dockerized vulnerable lab demonstrating CVE-2024-2083 in ZenML, a path traversal vulnerability in the step logs API allowing arbitrary file read.
Directory Traversal in zenml-io/zenml
60RISK
open ↗GitHub PoC★ 10
PoC for CVE-2025-60787 - Authenticated RCE in motionEye for all versions up to 0.43.1b4 (included)
MotionEye v0.43.1b4 and before is vulnerable to OS Command Injection in configuration parameters such as image_file_name
61RISK
open ↗GitHub PoC★ 1
Professional PoC for CVE-2025-60787: Remote Code Execution in MotionEye (<= 0.43.1b4). This exploit demonstrates an OS Command Injection vulnerability through client-side validation bypass, allowing attackers to execute arbitrary commands via configuration files.
MotionEye v0.43.1b4 and before is vulnerable to OS Command Injection in configuration parameters such as image_file_name
61RISK
open ↗GitHub PoC
Exploit for CVE-2023-27372 with interactiev shell
SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. T
85RISK
open ↗GitHub PoC★ 2
Go PoC for CVE-2025-32433 — unauthenticated RCE in Erlang/OTP SSH.
Erlang/OTP SSH Vulnerable to Pre-Authentication RCE
100RISK
open ↗GitHub PoC★ 14
Authenticated time-based blind SQL injection PoC for ZoneMinder CVE-2024-51482 (v1.37.* <= 1.37.64)
Boolean-based SQL Injection in ZoneMinder v1.37.* <= 1.37.64
75RISK
open ↗GitHub PoC
CVE-2020-1350的PoC
A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle req
100RISK
open ↗GitHub PoC
CVE-2014-6271
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which
100RISK
open ↗GitHub PoC
this is a metasploit exploit module for CVE-2024-25096 and CVE-2023-3452
Canto <= 3.0.4 - Unauthenticated Remote File Inclusion
63RISK
open ↗GitHub PoC
Full-cycle Pentest on Metasploitable (VMware/Kali). Scanned services (Apache Tomcat/8180), researched CVE-2002-0936 via Exploit-DB, and gained access using default creds (Metasploit). Performed local enumeration for SUID misconfigs, exploiting a legacy Nmap binary to escalate privileges to Root.
The Java Server Pages (JSP) engine in Tomcat allows web page owners to cause a denial of service (engine crash) on the w
28RISK
open ↗GitHub PoC
luoqichen/CVE-2025-55182-POC
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open ↗GitHub PoC
Asus Router Arbitrary File Write to Remote Code Execution PoC - Fk Mirai
ASUS Router - Upload arbitrary firmware
48RISK
open ↗GitHub PoC
shakyanayann/CVE-2022-0185
A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functio
76RISK
open ↗GitHub PoC★ 2
yonathanpy/CVE-2025-32462-CVE-2025-32463-PoC-Lab
Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allo
28RISK
open ↗GitHub PoC
prabeershakya/CVE-2022-0185-POC
A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functio
76RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.