Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.062exploits catalogados
31.617CVEs con explotación pública
0probados en laboratorio
8069 exploits
VulnCheck XDB
local
CVE-2026-31431HIGHbajo ataque13 may 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
VulnCheck XDB
local
CVE-2026-31431HIGHbajo ataque13 may 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2021-3129CRITICALbajo ataqueransomware12 may 2026
Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitra
100RIESGO
abrir
VulnCheck XDB
local
CVE-2026-31431HIGHbajo ataque12 may 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-41940CRITICALbajo ataqueransomware12 may 2026
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RIESGO
abrir
VulnCheck XDB
info-leak
CVE-2023-27163MEDIUM12 may 2026
request-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baske
48RIESGO
abrir
VulnCheck XDB
client-side
CVE-2024-21413CRITICALbajo ataque12 may 2026
Microsoft Outlook Remote Code Execution Vulnerability
100RIESGO
abrir
VulnCheck XDB
local
CVE-2026-31431HIGHbajo ataque12 may 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2023-4220HIGH12 may 2026
Chamilo LMS Unauthenticated Big Upload File Remote Code Execution
78RIESGO
abrir
VulnCheck XDB
client-side
CVE-2026-34621HIGHbajo ataque12 may 2026
Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321)
71RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-2492CRITICAL12 may 2026
An improper authentication control vulnerability exists in AiCloud. This vulnerability can be triggered by a crafted req
48RIESGO
abrir
VulnCheck XDB
denial-of-service
CVE-2026-6664HIGH12 may 2026
PgBouncer integer overflow in PgBouncer network packet parsing
41RIESGO
abrir
VulnCheck XDB
local
CVE-2024-0582HIGH12 may 2026
Kernel: io_uring: page use-after-free vulnerability via buffer ring mmap
46RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-5718HIGH12 may 2026
Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.7 - Unauthenticated Arbitrary File Upload via Non-ASCII Filename Blacklist Bypass
56RIESGO
abrir
VulnCheck XDB
denial-of-service
CVE-2026-42945CRITICAL12 may 2026
NGINX ngx_http_rewrite_module vulnerability
60RIESGO
abrir
VulnCheck XDB
local
CVE-2026-31431HIGHbajo ataque11 may 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
VulnCheck XDB
local
CVE-2026-43284HIGH11 may 2026
xfrm: esp: avoid in-place decrypt on shared skb frags
78RIESGO
abrir
VulnCheck XDB
local
CVE-2026-31431HIGHbajo ataque11 may 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-41940CRITICALbajo ataqueransomware11 may 2026
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-0740CRITICAL11 may 2026
Ninja Forms - File Upload <= 3.3.26 - Unauthenticated Arbitrary File Upload
75RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-41940CRITICALbajo ataqueransomware11 may 2026
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RIESGO
abrir
VulnCheck XDB
local
CVE-2026-31431HIGHbajo ataque11 may 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
VulnCheck XDB
local
CVE-2026-31431HIGHbajo ataque11 may 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-54068CRITICALbajo ataque11 may 2026
Livewire vulnerable to remote command execution during property update hydration
100RIESGO
abrir
VulnCheck XDB
local
CVE-2026-31431HIGHbajo ataque11 may 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
VulnCheck XDB
info-leak
CVE-2026-42208CRITICALbajo ataque10 may 2026
LiteLLM: SQL injection in Proxy API key verification
100RIESGO
abrir
VulnCheck XDB
local
CVE-2026-43284HIGH10 may 2026
xfrm: esp: avoid in-place decrypt on shared skb frags
78RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2020-25213CRITICALbajo ataque10 may 2026
The File Manager (wp-file-manager) plugin before 6.9 for WordPress allows remote attackers to upload and execute arbitra
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-41940CRITICALbajo ataqueransomware10 may 2026
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-3844CRITICAL10 may 2026
Breeze Cache <= 2.4.4 - Unauthenticated Arbitrary File Upload via fetch_gravatar_from_remote
75RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.