Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.062exploits catalogados
31.617CVEs con explotación pública
0probados en laboratorio
13.086 exploits
GitHub PoC7
anyanything/CVE-2026-8461-PoC
CVE-2026-8461HIGH23 jun 2026
Heap out-of-bounds write via odd slice_height in FFmpeg MagicYUV decoder
41RIESGO
abrir
GitHub PoC
fuchiuebusi-lab/nginx-ui-CVE-2026-42221-CVE-2026-42238-
CVE-2026-42221HIGH23 jun 2026
nginx-ui: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim
41RIESGO
abrir
GitHub PoC
Public advisory for CVE-2026-39253, addressing an insecure deserialisation in Pivotal CRM 6.6.04.08 allowing remote code execution via unsafe BinaryFormatter usage in Smart Client and PBS components. Includes vulnerability details, affected versions, and remediation guidance.
CVE-2026-39253HIGH23 jun 2026
An issue in Pivotal CRM v.6.6.04.08 allows a remote attacker to execute arbitrary code via the Pivotal.Core.Common.dll a
41RIESGO
abrir
GitHub PoC10
CVE-2026-42978 — Use-After-Free race condition in Windows Push Notifications (WpnService). Patch diff, root cause analysis, TOCTOU lab, Sysmon/ETW detection rules.
CVE-2026-42978HIGH23 jun 2026
Windows Push Notifications Elevation of Privilege Vulnerability
41RIESGO
abrir
GitHub PoC10
CVE-2026-55200
CVE-2026-55200CRITICAL23 jun 2026
libssh2 - Out-of-Bounds Write via Unchecked packet_length in transport.c
48RIESGO
abrir
GitHub PoC
eliHiHo/portfolio-drupal-cve-2026-9082
CVE-2026-9082CRITICALbajo ataque23 jun 2026
Drupal core - Highly critical - SQL injection - SA-CORE-2026-004
100RIESGO
abrir
GitHub PoC1
CVE-2026-11837: local privilege escalation in the ansible.posix authorized_key module via symlink-following chown. Technical writeup; sibling of CVE-2024-9902.
CVE-2026-11837HIGH23 jun 2026
Ansible-collection-ansible-posix: ansible.posix authorized_key: local privilege escalation via symlink-following chown
41RIESGO
abrir
GitHub PoC1
A minimal PoC for CVE-2026-21018, demonstrating how it works
CVE-2026-21018MEDIUM23 jun 2026
Out-of-bounds write in SveService prior to SMR May-2026 Release 1 allows local privileged attackers to execute arbitrary
33RIESGO
abrir
GitHub PoC
Fuzzing the Microsoft Windows DNS client library. Inspired by CVE-2026-41096.
CVE-2026-41096CRITICAL23 jun 2026
Windows DNS Client Remote Code Execution Vulnerability
48RIESGO
abrir
GitHub PoC2
This repository contains the Proof of Concept (PoC) exploit script for CVE-2026-45156
CVE-2026-45156HIGH23 jun 2026
Nextcloud: Authentication Bypass in ID4me handling via Missing JWT Signature Verification in User OIDC
41RIESGO
abrir
GitHub PoC
mythicaltree/CVE-2019-2215
CVE-2019-2215HIGHbajo ataque23 jun 2026
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interacti
100RIESGO
abrir
GitHub PoC
s1lentf00thold/CVE-2020-11651-Poc
CVE-2020-11651CRITICALbajo ataque23 jun 2026
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs cla
100RIESGO
abrir
GitHub PoC
Prueba de concepto de CVE-2021-41773
CVE-2021-41773HIGHbajo ataqueransomware23 jun 2026
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
100RIESGO
abrir
GitHub PoC
Apache Tomcat CGI Servlet RCE (Windows) — Educational PoC
CVE-2019-023223 jun 2026
When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0
60RIESGO
abrir
GitHub PoC1
Ethical, network-isolated Docker lab reproducing CVE-2026-26030 — Semantic Kernel in-memory vector store filter eval() RCE (patched in 1.39.4)
CVE-2026-26030CRITICAL22 jun 2026
Microsoft Semantic Kernel InMemoryVectorStore filter functionality vulnerable to remote code execution
48RIESGO
abrir
GitHub PoC1
Technical analysis of CVE-2026-42945 (NGINX Rift), a critical heap buffer overflow in NGINX's rewrite engine caused by a state mismatch between length calculation and copy operations, enabling worker crashes and potential remote code execution.
CVE-2026-42945CRITICAL22 jun 2026
NGINX ngx_http_rewrite_module vulnerability
60RIESGO
abrir
GitHub PoC
CVE-2026-4020 - Draft
CVE-2026-4020HIGH22 jun 2026
Gravity SMTP <= 2.1.4 - Unauthenticated Sensitive Information Exposure via REST API
68RIESGO
abrir
GitHub PoC13
Unauthenticated RCE PoC for CVE-2026-48908 — SP Page Builder for Joomla (≤ 6.6.1): arbitrary file upload via asset.uploadCustomIcon. Self-cleaning, token-guarded. Authorized testing only.
CVE-2026-48908CRITICAL22 jun 2026
Joomla Extension - joomshaper.com - Remote Code Execution in SP Pagebuilder extension for Joomla < 6.6.2
48RIESGO
abrir
GitHub PoC2
Technical analysis of CVE-2026-46300 (Fragnesia), a Linux kernel page-cache write vulnerability that enables local privilege escalation through SKBFL_SHARED_FRAG invariant violations in the networking stack.
CVE-2026-46300HIGH22 jun 2026
net: skbuff: preserve shared-frag marker during coalescing
41RIESGO
abrir
GitHub PoC
CVE-2026-39031 — offline plaintext password recovery for Lansweeper lsrunase 2.0 / lsencrypt 2.0 via a hardcoded RC4 key. PoC + technical advisory.
CVE-2026-39031MEDIUM22 jun 2026
Lansweeper lsrunase 2.0 and lsencrypt 2.0 use RC4 encryption with a hardcoded 142-byte static key array to encrypt crede
33RIESGO
abrir
GitHub PoC
Vulnerability proof of concept reworked from https://github.com/utmost3/cve/issues/2 I take no credit for discovering the vulnerability. This is for educational and portfolio purposes only.
CVE-2026-6992HIGH22 jun 2026
Linksys MR9600 JNAP Action run_central2.sh BTRequestGetSmartConnectStatus os command injection
41RIESGO
abrir
GitHub PoC2
CVE-2025-48907 - Unauthenticated RCE exploit for Joomla JCE < 2.9.99.5
CVE-2026-48907CRITICALbajo ataque22 jun 2026
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RIESGO
abrir
GitHub PoC1
sec0x/CVE-2026-48907
CVE-2026-48907CRITICALbajo ataque22 jun 2026
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RIESGO
abrir
GitHub PoC
drolley919/joomla-cve-2015-8562-exploit-and-linux-forensic-analysis
CVE-2015-856222 jun 2026
Joomla! 1.5.x, 2.x, and 3.x before 3.4.6 allow remote attackers to conduct PHP object injection attacks and execute arbi
60RIESGO
abrir
GitHub PoC2
CVE-2026-49772 — The Events Calendar (WordPress) unauthenticated blind SQLi PoC
CVE-2026-49772CRITICAL22 jun 2026
WordPress The Events Calendar plugin 6.15.12-6.16.2 - SQL Injection vulnerability
48RIESGO
abrir
GitHub PoC
Detection & remediation toolkit for the Miasma / Shai-Hulud worm and CVE-2026-35603 (AI-agent/IDE config injection)
CVE-2026-35603MEDIUM22 jun 2026
Claude Code: Insecure System-Wide Configuration Loading Enables Local Privilege Escalation on Windows
33RIESGO
abrir
GitHub PoC
React2Shell POC
CVE-2025-55182CRITICALbajo ataqueransomware22 jun 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RIESGO
abrir
GitHub PoC1
El exploit para obtener root usado la vulnerabilidad del CVE-2021-4034 o tambien llamado PwnKit el cual permite teniendo un shell hacer una escalada de privilegios siempre y cuando la version de pkexec sea = o < que la v0.105
CVE-2021-4034HIGHbajo ataque22 jun 2026
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool
100RIESGO
abrir
GitHub PoC
Chaelsoo/CVE-2022-23131-Wrappers
CVE-2022-23131CRITICALbajo ataque22 jun 2026
Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML
100RIESGO
abrir
GitHub PoC5
Unauthenticated PHP Object Injection to RCE in WP Activity Log <= 5.6.3.1 (CVE-2026-54806)
CVE-2026-54806CRITICAL22 jun 2026
WordPress WP Activity Log plugin <= 5.6.3.1 - PHP Object Injection vulnerability
48RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.