Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.062exploits catalogados
31.617CVEs con explotación pública
0probados en laboratorio
8069 exploits
VulnCheck XDB
local
CVE-2026-31431HIGHbajo ataque21 may 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-29927CRITICAL20 may 2026
Authorization Bypass in Next.js Middleware
85RIESGO
abrir
VulnCheck XDB
local
CVE-2021-4034HIGHbajo ataque20 may 2026
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool
100RIESGO
abrir
VulnCheck XDB
local
CVE-2026-43500HIGH20 may 2026
rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present
78RIESGO
abrir
VulnCheck XDB
local
CVE-2021-4034HIGHbajo ataque20 may 2026
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool
100RIESGO
abrir
VulnCheck XDB
remote-with-credentials
CVE-2025-8110HIGHbajo ataque20 may 2026
File overwrite in file update API in Gogs
100RIESGO
abrir
VulnCheck XDB
info-leak
CVE-2018-14847CRITICALbajo ataque20 may 2026
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated
100RIESGO
abrir
VulnCheck XDB
local
CVE-2026-43500HIGH20 may 2026
rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present
78RIESGO
abrir
VulnCheck XDB
remote-with-credentials
CVE-2026-42271HIGHbajo ataque20 may 2026
LiteLLM: Authenticated command execution via MCP stdio test endpoints
100RIESGO
abrir
VulnCheck XDB
local
CVE-2024-37032HIGH19 may 2026
Ollama before 0.1.34 does not validate the format of the digest (sha256 with 64 hex digits) when getting the model path,
78RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-42945CRITICAL19 may 2026
NGINX ngx_http_rewrite_module vulnerability
60RIESGO
abrir
VulnCheck XDB
local
CVE-2026-43284HIGH19 may 2026
xfrm: esp: avoid in-place decrypt on shared skb frags
78RIESGO
abrir
VulnCheck XDB
denial-of-service
CVE-2026-42945CRITICAL19 may 2026
NGINX ngx_http_rewrite_module vulnerability
60RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALbajo ataqueransomware19 may 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RIESGO
abrir
VulnCheck XDB
remote-with-credentials
CVE-2026-34197HIGHbajo ataque18 may 2026
Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Authenticated users could perform RCE via Jolokia MBeans
100RIESGO
abrir
VulnCheck XDB
local
CVE-2020-17103HIGH18 may 2026
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
46RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALbajo ataqueransomware18 may 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RIESGO
abrir
VulnCheck XDB
local
CVE-2026-31431HIGHbajo ataque18 may 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
VulnCheck XDB
local
CVE-2026-31431HIGHbajo ataque18 may 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2024-27198CRITICALbajo ataqueransomware18 may 2026
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
100RIESGO
abrir
VulnCheck XDB
local
CVE-2021-4034HIGHbajo ataque18 may 2026
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-34197HIGHbajo ataque18 may 2026
Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Authenticated users could perform RCE via Jolokia MBeans
100RIESGO
abrir
VulnCheck XDB
local
CVE-2020-17103HIGH17 may 2026
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
46RIESGO
abrir
VulnCheck XDB
remote-with-credentials
CVE-2025-59528CRITICAL17 may 2026
Flowise has Remote Code Execution vulnerability
85RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-8181CRITICAL17 may 2026
Burst Statistics 3.4.0 - 3.4.1.1 - Authentication Bypass to Admin Account Takeover
68RIESGO
abrir
VulnCheck XDB
local
CVE-2026-31431HIGHbajo ataque17 may 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
VulnCheck XDB
local
CVE-2026-31431HIGHbajo ataque17 may 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
VulnCheck XDB
local
CVE-2026-31431HIGHbajo ataque16 may 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2023-26360HIGHbajo ataque16 may 2026
Adobe ColdFusion Improper Access Control Arbitrary code execution
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-6433HIGH16 may 2026
Custom CSS JS PHP <= 2.0.7 - Unauthenticated SQL Injection to RCE
56RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.