Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
13,140 exploits
GitHub PoC
CVE-2025-14847
CVE-2025-14847HIGHunder attack23 Feb 2026
Zlib compressed protocol header length confusion may allow memory read
100RISK
open
GitHub PoC
SonicWall security audit toolkit with vulnerable CTF lab (CVE-2021-20038, CVE-2024-53704)
CVE-2021-20038CRITICALunder attackransomware23 Feb 2026
A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows
100RISK
open
GitHub PoC
CVE-2025-55182
CVE-2025-55182CRITICALunder attackransomware23 Feb 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
GitHub PoC
SonicWall security audit toolkit with vulnerable CTF lab (CVE-2021-20038, CVE-2024-53704)
CVE-2024-53704HIGHunder attackransomware23 Feb 2026
An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authe
100RISK
open
GitHub PoC2
tempiltin/CVE-2025-10353-POC
CVE-2025-10353CRITICAL23 Feb 2026
Missing Authorization vulnerability in Melis Platform
63RISK
open
GitHub PoC
RCE for WingFTP v4.7.3
CVE-2025-47812CRITICALunder attack22 Feb 2026
In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection o
100RISK
open
GitHub PoC
Stored Cross-Site Scripting in "usememos" via SVG
CVE-2025-50738CRITICAL22 Feb 2026
The Memos application, up to version v0.24.3, allows for the embedding of markdown images with arbitrary URLs. When a us
48RISK
open
GitHub PoC3
CVE-2023-43208: Mirth Connect Pre-Auth RCE PoC
CVE-2023-43208CRITICALunder attackransomware22 Feb 2026
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that
100RISK
open
GitHub PoC1
PoC for Mirth Connect Remote Code Execution (RCE)
CVE-2023-43208CRITICALunder attackransomware22 Feb 2026
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that
100RISK
open
GitHub PoC1
Educational lab demonstrating CVE-2021-36934 (HiveNightmare) - Windows LPE via shadow copy ACL misconfiguration.
CVE-2021-36934HIGHunder attack22 Feb 2026
Windows Elevation of Privilege Vulnerability
98RISK
open
GitHub PoC
danilo1992-sys/CVE-2025-32463
CVE-2025-32463CRITICALunder attack22 Feb 2026
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled director
100RISK
open
GitHub PoC
PoC exploit for CVE-2024-46987 — Camaleon CMS arbitrary path traversal (file read)
CVE-2024-46987HIGH22 Feb 2026
Arbitrary path traversal in Camaleon CMS
61RISK
open
GitHub PoC
its970/CVE-2025-68645
CVE-2025-68645HIGHunder attack21 Feb 2026
A Local File Inclusion (LFI) vulnerability exists in the Webmail Classic UI of Zimbra Collaboration (ZCS) 10.0 and 10.1
98RISK
open
GitHub PoC1
Exploitation de CVE-2022-26923
CVE-2022-26923HIGHunder attack21 Feb 2026
Active Directory Domain Services Elevation of Privilege Vulnerability
100RISK
open
GitHub PoC
The flaw allows an attacker to execute arbitrary system commands on the server hosting the Pterodactyl Panel without any prior authentication.
CVE-2025-49132CRITICAL21 Feb 2026
Pterodactyl Panel Allows Unauthenticated Arbitrary Remote Code Execution
68RISK
open
GitHub PoC
Path traversal vulnerability in Python's tarfile.
CVE-2025-4517CRITICAL20 Feb 2026
Arbitrary writes via tarfile realpath overflow
48RISK
open
GitHub PoC
A proof of concept for CVE-2025-31161, using mangled HTTP header to perform unauthenticated impersonation of any user in Crush FTP server.
CVE-2025-31161CRITICALunder attackransomware20 Feb 2026
CrushFTP 10 before 10.8.4 and 11 before 11.3.1 allows authentication bypass and takeover of the crushadmin account (unle
100RISK
open
GitHub PoC
CVE-2022-37969 poc
CVE-2022-37969HIGHunder attack20 Feb 2026
Windows Common Log File System Driver Elevation of Privilege Vulnerability
76RISK
open
GitHub PoC
C reimplementation of chwoot PoC
CVE-2025-32463CRITICALunder attack20 Feb 2026
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled director
100RISK
open
GitHub PoC
A practical lab demonstrating the exploitation of a critical Remote Code Execution (RCE) vulnerability in Apache Struts2 (CVE-2017-5638) using Vulhub Docker environments. Includes setup instructions and commands to run the vulnerable container.
CVE-2017-5638CRITICALunder attackransomware20 Feb 2026
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception ha
100RISK
open
GitHub PoC
CVE-2014-6271 Exploit | by infrar3d
CVE-2014-6271CRITICALunder attack19 Feb 2026
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which
100RISK
open
GitHub PoC4
CVE-2025-71243 - SPIP Saisies Plugin RCE (Unauthenticated PHP Code Injection)
CVE-2025-71243CRITICAL19 Feb 2026
SPIP Saisies Plugin < 5.11.1 Remote Code Execution
63RISK
open
GitHub PoC
CVE-2022-24521 poc
CVE-2022-24521HIGHunder attackransomware19 Feb 2026
Windows Common Log File System Driver Elevation of Privilege Vulnerability
71RISK
open
GitHub PoC1
这是基于cve-2016-4437简单的漏洞复现代码
CVE-2016-4437CRITICALunder attack19 Feb 2026
Apache Shiro before 1.2.5, when a cipher key has not been configured for the "remember me" feature, allows remote attack
100RISK
open
GitHub PoC1
Unauthenticated remote code execution vulnerability in Wing FTP Server <= 7.4.3.
CVE-2025-47812CRITICALunder attack19 Feb 2026
In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection o
100RISK
open
GitHub PoC1
Command injection vulnerability in elFinder <= 2.1.47 via the PHP connector component. Allows unauthenticated remote code execution as the web server user.
CVE-2019-919418 Feb 2026
elFinder before 2.1.48 has a command injection vulnerability in the PHP connector.
60RISK
open
GitHub PoC1
orgito1015/CVE-2025-55182-Researching-process
CVE-2025-55182CRITICALunder attackransomware18 Feb 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
GitHub PoC
Unauthenticated remote code execution vulnerability in WordPress Bricks Builder <= 1.9.6. The template render endpoint accepts PHP code without authentication, allowing arbitrary command execution as the web server user.
CVE-2024-25600CRITICAL18 Feb 2026
WordPress Bricks Theme <= 1.9.6 - Unauthenticated Remote Code Execution (RCE) vulnerability
85RISK
open
GitHub PoC
Exploit for CVE-2024-6232 - Python Tarfile Realpath Overflow
CVE-2025-4517CRITICAL18 Feb 2026
Arbitrary writes via tarfile realpath overflow
48RISK
open
GitHub PoC
A deep-dive security analysis into the 2020 Virgin Mobile KSA data breach. This study dissects the exploitation of CVE-2020-0688, evaluates the impact of delayed patch management, and proposes a robust multi-layered defense architecture to prevent sophisticated exfiltration tactics.
CVE-2020-0688HIGHunder attackransomware18 Feb 2026
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle o
100RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.