Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,841GitHub PoC 13,140VulnCheck XDB 8,078Nuclei 4,190Metasploit 3,462✓ verified onlyrecentpopularrisk
13,140 exploits
GitHub PoC
Public advisory and technical analysis for CVE-2026-36590, a NanoMQ v0.24.9 denial-of-service vulnerability.
An issue in EMQ NanoMQ v.0.24.9 allows a remote attacker to cause a denial of service via the nni_qos_db_set function in
41RISK
open ↗GitHub PoC
CVE-2017-9805 S2-052 PoC
The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with a
100RISK
open ↗GitHub PoC
Metasploit exploit for the CVE-2025-50286.
A Remote Code Execution (RCE) vulnerability in Grav CMS v1.7.48 allows an authenticated admin to upload a malicious plug
56RISK
open ↗GitHub PoC★ 5
Exploit for CVE-2022-21445 of Oracle Weblogic 12.2.1.X
Vulnerability in the Oracle Application Development Framework (ADF) product of Oracle Fusion Middleware (component: ADF
90RISK
open ↗GitHub PoC
ArthurHendrich/CVE-2022-42475-POC
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0
100RISK
open ↗GitHub PoC★ 7
CVE-2024-35250 demonstrates that HVCI is not a defense against data-only kernel exploits. As long as a driver bug provides an arbitrary R/W primitive, token swap remains a universal SYSTEM elevation technique — no code execution required.
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
91RISK
open ↗GitHub PoC
CVE-2021-44228
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISK
open ↗GitHub PoC
Security Advisory & PoC for CVE-2025-70994 (Yadea T5 CWE-1390). Details on EV1527 RF replay vulnerabilities, coordinated with CISA.
Yadea T5 Electric Bicycles (models manufactured in/after 2024) have a weak authentication mechanism in their keyless ent
41RISK
open ↗GitHub PoC
Full-chain reproduction of CVE-2022-36804 (Bitbucket RCE). Includes a Dockerized laboratory, pspy64 monitoring for null-byte injection verification, and a custom Bash exploit script. Based on Assetnote research.
Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 bef
100RISK
open ↗GitHub PoC★ 2
Python implementation of CVE-2023-43208 Mirth Connect RCE (Unauth XStream)
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that
100RISK
open ↗GitHub PoC
Confluence Unauth RCE (CVE-2022-26134)
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an un
100RISK
open ↗GitHub PoC
CVE-2024-23692 | HFS 2.3m/2.4-RC07 RCE vulnerability fix
Rejetto HTTP File Server 2.3m Unauthenticated RCE
100RISK
open ↗GitHub PoC★ 2
CVE-2025-32433 PoC – SSH Protocol Python-based PoC for controlled lab testing of SSH message handling, channel operations, and pre-auth interactions. Designed for safe security research and analysis.
Erlang/OTP SSH Vulnerable to Pre-Authentication RCE
100RISK
open ↗GitHub PoC
A lightweight orchestrator and worker scanner setup for running large/continuous scans across split input files. This repository contains orchestration scripts, a Docker-based worker image, and helper scripts to run scans repeatedly and collect results.
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open ↗GitHub PoC
Lab with PoC
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open ↗GitHub PoC
Threat intelligence and incident response case study on LockBit ransomware exploiting CVE-2023-4966 (Citrix Bleed).
Unauthenticated sensitive information disclosure
100RISK
open ↗GitHub PoC
mirth-connect-rce-poc
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that
100RISK
open ↗GitHub PoC
Unauthenticated command injection vulnerability in Magnus Billing v7.3.0.
Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary com
85RISK
open ↗GitHub PoC
glutton-su/CVE-2021-22555
Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE
100RISK
open ↗GitHub PoC★ 1
PoC for CVE-2023-43208 RCE exploitation.
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that
100RISK
open ↗GitHub PoC★ 190
RSC Detect CVE 2025 55182
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open ↗GitHub PoC
TeneBrae93/RocketChat-NoSQLi-Chain-CVE-2021-22911
A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenti
60RISK
open ↗GitHub PoC
Research and proof-of-concept for CVE-2022-0185 Linux kernel heap overflow vulnerability.
A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functio
76RISK
open ↗GitHub PoC★ 2
CVE-2025-69985: FUXA ≤1.2.8 Auth Bypass + RCE via /api/runscript
FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Execution (RCE). The vulnera
48RISK
open ↗GitHub PoC★ 1
0xjuarez/CVE-2025-47812
In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection o
100RISK
open ↗GitHub PoC★ 2
The official Sentinel Edition v7.11 - Hypervisor Detection & Kernel Memory Audit Suite for Honor Magic V2. Investigating CVE-2025-38352 and EL2 RKP defenses.
posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()
71RISK
open ↗GitHub PoC
carlosalbertotuma/CVE-2025-32433
Erlang/OTP SSH Vulnerable to Pre-Authentication RCE
100RISK
open ↗GitHub PoC
Unauthenticated remote code execution vulnerability in SPIP before 4.2.1.
SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. T
85RISK
open ↗GitHub PoC★ 3
A proof-of-concept exploit for CVE-2023-43208, a remote code execution vulnerability in Mirth Connect before version 4.4.1.
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that
100RISK
open ↗GitHub PoC
CVE-2025-55182
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.