Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.114exploits catalogados
31.649CVEs con explotación pública
0probados en laboratorio
13.116 exploits
GitHub PoC
SSH posture helper for CVE-2026-31431 (Copy Fail): kernel and algif_aead inventory
CVE-2026-31431HIGHbajo ataque01 may 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
GitHub PoC
Exploitation of CVE-2023-44604. Using a Kali Linux VM (attacker) and a Debian 11 server VM (victim)
CVE-2023-46604CRITICALbajo ataqueransomware01 may 2026
Apache ActiveMQ, Apache ActiveMQ Legacy OpenWire Module: Unbounded deserialization causes ActiveMQ to be vulnerable to a remote code execution (RCE) attack
100RIESGO
abrir
GitHub PoC1
CVE-2026-31431 (copy.fail) — adapted for constrained Java execution environments via FFM syscall layer + javac annotation processor delivery
CVE-2026-31431HIGHbajo ataque01 may 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
GitHub PoC
CVE-2026-31431 mitigation (Copy Fail)
CVE-2026-31431HIGHbajo ataque01 may 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
GitHub PoC
对 CVE-2026-31431 的复现分析、C 改编的 exp。
CVE-2026-31431HIGHbajo ataque01 may 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
GitHub PoC2
cPanel CVE-2026-41940 nuclear.x86 Security Audit & Cleanup Script
CVE-2026-41940CRITICALbajo ataqueransomware01 may 2026
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RIESGO
abrir
GitHub PoC10
cPanel/WHM Authentication Bypass (Zero-Day Vulnerability)
CVE-2026-41940CRITICALbajo ataqueransomware01 may 2026
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RIESGO
abrir
GitHub PoC4
Bulk scanner and mass exploitation tool for CVE-2026-41940 on cPanel/WHM, built for automated target validation and high-speed multi-threaded execution.
CVE-2026-41940CRITICALbajo ataqueransomware01 may 2026
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RIESGO
abrir
GitHub PoC2
CVE-2026-31431 - Copy Fail | Linux LPE via authencesn page cache write. Unprivileged user to root on most distros since 2017. PoC in C and Python.
CVE-2026-31431HIGHbajo ataque01 may 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
GitHub PoC
CVE-2026-31431 Kernel Fix Script
CVE-2026-31431HIGHbajo ataque01 may 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
GitHub PoC20
CVE-2026-31431 (Copy Fail) PoC - Linux kernel page cache corruption via authencesn AF_ALG + splice()
CVE-2026-31431HIGHbajo ataque01 may 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
GitHub PoC3
Easy-to-understand version of CVE-2026-31431
CVE-2026-31431HIGHbajo ataque01 may 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
GitHub PoC
CVE-2026-31431 - Copy Fail - PoC exploit
CVE-2026-31431HIGHbajo ataque01 may 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
GitHub PoC2
george1-adel/CVE-2026-41940_exploit
CVE-2026-41940CRITICALbajo ataqueransomware01 may 2026
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RIESGO
abrir
GitHub PoC
My first hands-on Intel 471 threat hunting workshop experience investigating CVE-2023-46604 using Elastic SIEM, vulnerability intelligence, and post-exploitation detection.
CVE-2023-46604CRITICALbajo ataqueransomware30 abr 2026
Apache ActiveMQ, Apache ActiveMQ Legacy OpenWire Module: Unbounded deserialization causes ActiveMQ to be vulnerable to a remote code execution (RCE) attack
100RIESGO
abrir
GitHub PoC
CVE-2026-43500 / CVE-2026-31431 / CVE-2026-43284 golang hotfix
CVE-2026-43500HIGH30 abr 2026
rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present
78RIESGO
abrir
GitHub PoC2
Temporarily removes the root password using CVE-2026-31431
CVE-2026-31431HIGHbajo ataque30 abr 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
GitHub PoC31
BPF-LSM mitigation for CVE-2026-31431 (Copy Fail) — denies AF_ALG socket creation cluster-wide
CVE-2026-31431HIGHbajo ataque30 abr 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
GitHub PoC91
High fidelity scanner for CVE-2026-41940 (cPanel & WHM authentication bypass)
CVE-2026-41940CRITICALbajo ataqueransomware30 abr 2026
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RIESGO
abrir
GitHub PoC
Razielx64/CVE-2025-69606-GSVoIP-XSS
CVE-2025-69606MEDIUM30 abr 2026
Cross-Site Scripting (XSS) vulnerability was discovered in the GSVoIP web panel version 2.0.90. The `msg` parameter in t
33RIESGO
abrir
GitHub PoC13
Detection, mitigation, and reverse-engineering tooling for CVE-2026-41940 (SessionScribe): the cPanel/WHM unauthenticated session-forgery vulnerability disclosed 2026-04-28. Defense-in-depth active mitigation shim, ModSec rule pack, remote probe, on-host IOC scanner, and per-tier RE snapshot collector. GPL v2.
CVE-2026-41940CRITICALbajo ataqueransomware30 abr 2026
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RIESGO
abrir
GitHub PoC2
Detection rules for CVE-2026-31431 Linux LPE Vulnerability - Credit: (Copy Fail) https://copy.fail
CVE-2026-31431HIGHbajo ataque30 abr 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
GitHub PoC
ryan2929/CVE-2026-31431
CVE-2026-31431HIGHbajo ataque30 abr 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
GitHub PoC2
Temporarily removes the root password using CVE-2026-31431
CVE-2026-31431HIGHbajo ataque30 abr 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
GitHub PoC3
根据py版本,升级成了c和rust版本,带加密混淆、0依赖(仅技术学习与分享)
CVE-2026-31431HIGHbajo ataque30 abr 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
GitHub PoC
Wazuh SCA Linux hardening policy for Copy Fail (CVE-2026-31431)
CVE-2026-31431HIGHbajo ataque30 abr 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
GitHub PoC10
DaemonSet для митигации уязвимости CVE-2026-31431 (Copy Fail)
CVE-2026-31431HIGHbajo ataque30 abr 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
GitHub PoC14
Copy Fail - CVE-2026-31431
CVE-2026-31431HIGHbajo ataque30 abr 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
GitHub PoC
DaemonSet с реализацией временной меры для митигации уязвимости Copy Fail (CVE-2026-31431)
CVE-2026-31431HIGHbajo ataque30 abr 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
GitHub PoC1
CVE-2026-31431 - Copy Fail PoC (Python 3.10+)
CVE-2026-31431HIGHbajo ataque30 abr 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.