Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,841GitHub PoC 13,140VulnCheck XDB 8,078Nuclei 4,190Metasploit 3,462✓ verified onlyrecentpopularrisk
13,140 exploits
GitHub PoC★ 1
Technical analysis and proof-of-concept for CVE-2024-1086, a Linux kernel nf_tables use-after-free vulnerability leading to local privilege escalation. Includes vulnerability breakdown, affected versions, exploitation methodology, and mitigation guidance for research and educational purposes.
Use-after-free in Linux kernel's netfilter: nf_tables component
76RISK
open ↗GitHub PoC★ 1
Faridi-m/CVE-2021-22911-RocketChat
A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenti
60RISK
open ↗GitHub PoC
arrhenius975/CVE-2024-38063-Exploit-Refactoring
Windows TCP/IP Remote Code Execution Vulnerability
70RISK
open ↗GitHub PoC
CVE-2025-32463
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled director
100RISK
open ↗GitHub PoC
CVE-2023-3452 exploit for WordPress Canto plugin RCE, HTTPS support included
Canto <= 3.0.4 - Unauthenticated Remote File Inclusion
63RISK
open ↗GitHub PoC
CVE-2024-23897: Jenkins Arbitrary File Read Lead to RCE
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an
100RISK
open ↗GitHub PoC★ 1
Demonstrate a proof-of-concept exploit for CVE-2026-2441, a high-risk Chrome use-after-free vulnerability in the Blink CSS engine.
Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside
76RISK
open ↗GitHub PoC
CVE-2025-68613 — n8n RCE via Expression Injection
n8n Vulnerable to Remote Code Execution via Expression Injection
100RISK
open ↗GitHub PoC★ 19
Dahua IP camera CVE research toolkit (CVE-2021-33044/33045, CVE-2025-31700/31701)
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can by
100RISK
open ↗GitHub PoC
CVE-2025-5777
NetScaler ADC and NetScaler Gateway - Insufficient input validation leading to memory overread
100RISK
open ↗GitHub PoC
Metasploit module to exploit CVE-2024-46987 - an authenticated path traversal vulnerability in Camaleon CMS versions 2.8.0 through 2.8.2 and 2.9.0
Arbitrary path traversal in Camaleon CMS
61RISK
open ↗GitHub PoC
Aryan20057/CVE-2023-4911
Glibc: buffer overflow in ld.so leading to privilege escalation
100RISK
open ↗GitHub PoC★ 9
gowonisgood/CVE-2025-62215-POC
Windows Kernel Elevation of Privilege Vulnerability
71RISK
open ↗GitHub PoC
PoC of CVE-2021-4034 (PwnKit) for personal training purposes.
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool
100RISK
open ↗GitHub PoC★ 1
CVE-2025-43529 Test
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.3 and
71RISK
open ↗GitHub PoC
Black box penetration test — WordPress exploitation, privilege escalation via CVE-2022-0847
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in cop
100RISK
open ↗GitHub PoC
Laravel-RCE: CVE-2017-9841
Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP c
100RISK
open ↗GitHub PoC
Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool
100RISK
open ↗GitHub PoC
Time-Based Blind SQL Injection Exploit for the OpenSIPs Control Panel (or my first CVE!)
A Time-Based Blind SQL Injection vulnerability in the alias_management module of OpenSIPS Control Panel (opensips-cp) pr
41RISK
open ↗GitHub PoC
CVE-2014-0160
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packe
100RISK
open ↗GitHub PoC
This repository provides production-ready detection engineering content for **CVE-2025-25257**, a pre-authentication SQL Injection vulnerability in Fortinet FortiWeb Fabric Connector versions 7.0 through 7.6.x. Successful exploitation can lead to Remote Code Execution without any prior authentication.
An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] vulnerabi
100RISK
open ↗GitHub PoC
CVE-2022-22965
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data b
100RISK
open ↗GitHub PoC
CVE-2017-9805 S2-052 PoC
The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with a
100RISK
open ↗GitHub PoC★ 2
Async RCE scanner for CVE-2025-55182 / CVE-2025-66478 — prototype-pollution → code execution via React Server Actions.
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open ↗GitHub PoC
Controlled penetration testing lab demonstrating CVE-2011-2523 exploitation and mitigation techniques.
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
60RISK
open ↗GitHub PoC
Metasploit exploit for the CVE-2025-50286.
A Remote Code Execution (RCE) vulnerability in Grav CMS v1.7.48 allows an authenticated admin to upload a malicious plug
56RISK
open ↗GitHub PoC★ 1
Authenticated remote code execution in Pluck CMS before 4.7.13.
A file upload restriction bypass vulnerability in Pluck CMS before 4.7.13 allows an admin privileged user to gain access
35RISK
open ↗GitHub PoC
GarethMSheldon/CVE-2025-60787-Detection-motionEye-RCE-via-Config-Injection
MotionEye v0.43.1b4 and before is vulnerable to OS Command Injection in configuration parameters such as image_file_name
61RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.