Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,062cataloged exploits
31,617CVEs with public exploitation
0lab-tested
13,086 exploits
GitHub PoC
bayu06802/CVE-2026-48908
CVE-2026-48908CRITICAL05 Jul 2026
Joomla Extension - joomshaper.com - Remote Code Execution in SP Pagebuilder extension for Joomla < 6.6.2
48RISK
open
GitHub PoC
MESLIMOHAMEDM22005188/path-traversal-CVE-2026-14628
CVE-2026-14628MEDIUM05 Jul 2026
NousResearch hermes-agent Live Webhook Endpoint base.py extract_media path traversal
33RISK
open
GitHub PoC1
QNAP password reset URL injection writeup + PoC.
CVE-2025-59382LOW05 Jul 2026
QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances)
28RISK
open
GitHub PoC5
Epson Printer RAW Protocol Exploit Framework
CVE-2026-39047HIGH05 Jul 2026
Buffer Overflow vulnerability in EPSON L14150 FL27PB allows a remote attacker to execute arbitrary code via the RAW Prin
41RISK
open
GitHub PoC1
PoC for CVE-2026-53360: guest-triggered heap out-of-bounds read/write in KVM SEV-SNP Page State Change (PSC) handling.
CVE-2026-5336004 Jul 2026
KVM: SEV: Require in-GHCB scratch area if GHCB v2+ is in use
23RISK
open
GitHub PoC17
CVE-2026-46242
CVE-2026-46242HIGH04 Jul 2026
eventpoll: fix ep_remove struct eventpoll / struct file UAF
41RISK
open
GitHub PoC3
📤 Mass exploitation framework for CVE-2026-56290 — Page Builder CK Joomla unauthenticated file upload to RCE
CVE-2026-56290CRITICAL04 Jul 2026
Joomla Extension - joomlack.fr - Unauthenticated file upload in Page Builder CK extension < 3.6.0
48RISK
open
GitHub PoC3
Read-only vulnerability scanner for CVE-2026-49049 — Helix3 Joomla plugin unauthenticated AJAX handler
CVE-2026-49049HIGH04 Jul 2026
Joomla Extension - joomshaper.com - Unauthenticated access to Helix3 template ajax handler
41RISK
open
GitHub PoC3
PoC for CVE-2026-54415 — Azuriom CMS (<1.2.11) Broken Access Control → account takeover
CVE-2026-54415HIGH04 Jul 2026
Broken Access Control in Azuriom CMS Server Routes Allows Account Takeover
41RISK
open
GitHub PoC
Python & template nuclei
CVE-2026-48907CRITICALunder attack04 Jul 2026
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RISK
open
GitHub PoC2
caterscam/CVE-2026-5524-PoC
CVE-2026-5524CRITICAL04 Jul 2026
Divi Form Builder <= 5.1.8 - Unauthenticated Arbitrary File Upload Leading to Remote Code Execution via 'acceptFileTypes' Parameter
48RISK
open
GitHub PoC
Static config scanner that flags nginx configs vulnerable to the complex_value two-pass capture-clobbering bug (regex map + regex capture → heap overflow / info leak).
CVE-2026-42533CRITICAL04 Jul 2026
NGINX Map directive and Regex matching vulnerability
45RISK
open
GitHub PoC1
CVE-2026-34038: Authenticated Remote Command Injection in Coolify
CVE-2026-34038CRITICAL04 Jul 2026
Coolify authenticated remote command injection leading to RCE and secret exfiltration
48RISK
open
GitHub PoC
Technical troubleshooting repository for fixing infinite rendering vulnerability loops and resource exhaustion threats under CVE-2026-23869 cleanly.
CVE-2026-23869HIGH04 Jul 2026
A denial of service vulnerability exists in React Server Components, affecting the following packages: react-server-dom-
41RISK
open
GitHub PoC
CVE-2026-22874 writeup: incomplete SSRF allow-list in Gitea webhook/migration (IPv6 transition and cloud metadata). Fixed in Gitea 1.26.3.
CVE-2026-22874CRITICAL04 Jul 2026
Gitea webhook and migration allow-list filtering permits SSRF
48RISK
open
GitHub PoC
💉 Blind SQL Injection → RCE exploit for Control Web Panel (CWP) ≤ 0.9.8.1224 — userRes POST → INTO DUMPFILE → cwpsvc shell
CVE-2026-57517CRITICAL04 Jul 2026
Control Web Panel < 0.9.8.1225 Blind SQL Injection via userRes Parameter
48RISK
open
GitHub PoC
Casdoor version 2.362.0
CVE-2026-9090CRITICAL04 Jul 2026
CVE-2026-9090
28RISK
open
GitHub PoC3
CVE-2026-54998 RCE Exploit
CVE-2026-54998HIGH04 Jul 2026
Microsoft Exchange Online Elevation of Privilege Vulnerability
41RISK
open
GitHub PoC5
Apache ActiveMQ Classic RCE research: CVE-2026-34197 / CVE-2026-42588 bypass chain + hardened-6.2.6 audit findings + Crowdfense comparison
CVE-2026-34197HIGHunder attack04 Jul 2026
Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Authenticated users could perform RCE via Jolokia MBeans
100RISK
open
GitHub PoC
Pardus Software Local Privilege Escalation PoC - affected from <= 1.0.4
CVE-2026-14459HIGH03 Jul 2026
Argument Injection in TUBITAK BILGEM's pardus-software
41RISK
open
GitHub PoC
Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.7, the _safe_eval_expression() function in the computed fields feature uses an AST validator that only blocks attributes starting with underscore.
CVE-2026-53753CRITICAL03 Jul 2026
Crawl4AI: AST Sandbox Escape via gi_frame.f_back Chain - Pre-Auth RCE in Docker API
48RISK
open
GitHub PoC1
# CVE-2026-28995 Proof of Concept for CVE-2026-28995 — Path Traversal vulnerability in App Intents on iOS 26.4.2 and below.
CVE-2026-28995HIGH03 Jul 2026
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 an
41RISK
open
GitHub PoC
CVE-2026-49468 — LiteLLM (<1.84.0) unauthenticated auth bypass via Host-header route confusion. PoC + docker lab.
CVE-2026-49468CRITICAL03 Jul 2026
LiteLLM: Authentication Bypass via Host Header Injection
48RISK
open
GitHub PoC1
Page Builder CK for Joomla - Unauthenticated SSRF / Remote File Write leading to PHP execution Exploiter
CVE-2026-56290CRITICAL03 Jul 2026
Joomla Extension - joomlack.fr - Unauthenticated file upload in Page Builder CK extension < 3.6.0
48RISK
open
GitHub PoC5
☄️ Mass reconnaissance & exploitation framework for Apache Solr CVE-2026-44825 — Velocity template injection to RCE
CVE-2026-44825HIGH03 Jul 2026
Apache Solr: Enabling BasicAuth using bin/solr CLI configures additional insecure users
41RISK
open
GitHub PoC2
CVE-2026-8451
CVE-2026-8451HIGH03 Jul 2026
Insufficient input validation leading to memory overread
41RISK
open
GitHub PoC1
1beelze/CVE-2026-11387
CVE-2026-11387CRITICAL03 Jul 2026
SMS Alert <= 3.9.5 - Unauthenticated Privilege Escalation via Arbitrary Password Reset
48RISK
open
GitHub PoC
CVE-2026-55726: Publicly Listable Azure Blob Storage Container (device logs) - Gardyn (ICSA-26-183-03)
CVE-2026-55726MEDIUM02 Jul 2026
Gardyn IoT Hub Exposure of Sensitive System Information to an Unauthorized Control Sphere
33RISK
open
GitHub PoC
CVE-2026-54477: Admin Panel Missing Security Headers (clickjacking/XSS) - Gardyn (ICSA-26-183-03)
CVE-2026-54477MEDIUM02 Jul 2026
Gardyn IoT Hub Improper Neutralization of HTTP Headers for Scripting Syntax
33RISK
open
GitHub PoC
FzRsLLaSheR/CVE-2026-12166_CVE-2026-12167_CVE-2026-12168
CVE-2026-12166MEDIUM02 Jul 2026
CVE-2026-12166
33RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.