Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.180exploits catalogados
31.691CVEs con explotación pública
0probados en laboratorio
13.140 exploits
GitHub PoC
Vulnerable Docker lab and exploit for Apache HTTP Server 2.4.49 path traversal vulnerability (CVE‑2021‑41773)
CVE-2021-41773HIGHbajo ataqueransomware16 mar 2026
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
100RIESGO
abrir
GitHub PoC
12-test-12/CVE-2025-3248
CVE-2025-3248CRITICALbajo ataqueransomware16 mar 2026
Langflow < 1.3.0 Unauthenticated RCE via /api/v1/validate/code
100RIESGO
abrir
GitHub PoC
luisyapura/Analisis-y-Explotacion-de-CVE-2025-5548
CVE-2025-5548MEDIUM16 mar 2026
FreeFloat FTP Server NOOP Command buffer overflow
38RIESGO
abrir
GitHub PoC
jgs-developer/CVE-2025-5548
CVE-2025-5548MEDIUM16 mar 2026
FreeFloat FTP Server NOOP Command buffer overflow
38RIESGO
abrir
GitHub PoC
Binary exploitation laboratory: Environment setup and step-by-step walkthrough for exploiting CVE-2025-5548 using Ghidra, Immunity Debugger, and Python.
CVE-2025-5548MEDIUM16 mar 2026
FreeFloat FTP Server NOOP Command buffer overflow
38RIESGO
abrir
GitHub PoC
POC for log4shll Vulnerablity (CVE-2021-44228)
CVE-2021-44228CRITICALbajo ataqueransomware15 mar 2026
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RIESGO
abrir
GitHub PoC2
Security research and technical analysis of CVE-2025-5548, a buffer overflow vulnerability affecting FreeFloat FTP Server 1.0. This repository documents vulnerability behavior, attack surface, controlled proof of concept testing, and defensive insights within a structured research environment for cybersecurity learning and analysis.
CVE-2025-5548MEDIUM15 mar 2026
FreeFloat FTP Server NOOP Command buffer overflow
38RIESGO
abrir
GitHub PoC
Victor875/CVE-2025-5548
CVE-2025-5548MEDIUM15 mar 2026
FreeFloat FTP Server NOOP Command buffer overflow
38RIESGO
abrir
GitHub PoC
Laboratorio de análisis y explotación de la vulnerabilidad CVE-2025-5548 en FreeFloat FTP Server 1.0
CVE-2025-5548MEDIUM15 mar 2026
FreeFloat FTP Server NOOP Command buffer overflow
38RIESGO
abrir
GitHub PoC
Apache ActiveMQ OpenWire 역직렬화 RCE 취약점 기술 분석
CVE-2023-46604CRITICALbajo ataqueransomware15 mar 2026
Apache ActiveMQ, Apache ActiveMQ Legacy OpenWire Module: Unbounded deserialization causes ActiveMQ to be vulnerable to a remote code execution (RCE) attack
100RIESGO
abrir
GitHub PoC
exploit para a CVE-2021-41773:Path Traversal cgi-bin
CVE-2021-41773HIGHbajo ataqueransomware15 mar 2026
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
100RIESGO
abrir
GitHub PoC
sumaiyafathima-code/CVE-2023-27524
CVE-2023-27524HIGHbajo ataque15 mar 2026
Apache Superset: Session validation vulnerability when using provided default SECRET_KEY
100RIESGO
abrir
GitHub PoC
LorenzoPorrasDuque/CVE-2025-5548-POC
CVE-2025-5548MEDIUM14 mar 2026
FreeFloat FTP Server NOOP Command buffer overflow
38RIESGO
abrir
GitHub PoC
CVE-2018-6606
CVE-2018-660614 mar 2026
An issue was discovered in MalwareFox AntiMalware 2.74.0.150. Improper access control in zam32.sys and zam64.sys allows
23RIESGO
abrir
GitHub PoC
Script and node.proto for exploit CVE-2025-68926
CVE-2025-68926CRITICAL14 mar 2026
RustFS has a gRPC Hardcoded Token Authentication Bypass
53RIESGO
abrir
GitHub PoC
MotionEye v0.43.1b4 OS Command Injection
CVE-2025-60787HIGH14 mar 2026
MotionEye v0.43.1b4 and before is vulnerable to OS Command Injection in configuration parameters such as image_file_name
61RIESGO
abrir
GitHub PoC
Explotación de la vulnerabilidad CVE-2025-5548, paso a paso
CVE-2025-5548MEDIUM14 mar 2026
FreeFloat FTP Server NOOP Command buffer overflow
38RIESGO
abrir
GitHub PoC
Análisis técnico, preparación de entorno de laboratorio y desarrollo de exploit (RCE) para la vulnerabilidad CVE-2025-5548 en FreeFloat FTP Server.
CVE-2025-5548MEDIUM14 mar 2026
FreeFloat FTP Server NOOP Command buffer overflow
38RIESGO
abrir
GitHub PoC
Heap Buffer Overflow in CVE-2025-5548
CVE-2025-5548MEDIUM14 mar 2026
FreeFloat FTP Server NOOP Command buffer overflow
38RIESGO
abrir
GitHub PoC
anasrami12/CVE-2025-5548
CVE-2025-5548MEDIUM14 mar 2026
FreeFloat FTP Server NOOP Command buffer overflow
38RIESGO
abrir
GitHub PoC
charlyrr/CVE-2025-5548
CVE-2025-5548MEDIUM13 mar 2026
FreeFloat FTP Server NOOP Command buffer overflow
38RIESGO
abrir
GitHub PoC
Research of CVE-2024-3094 vulnerability.
CVE-2024-3094CRITICAL13 mar 2026
Xz: malicious code in distributed source
70RIESGO
abrir
GitHub PoC
0xTerror/CVE-2025-6934
CVE-2025-6934CRITICAL13 mar 2026
Opal Estate Pro <= 1.7.5 - Unauthenticated Privilege Escalation via 'on_regiser_user'
68RIESGO
abrir
GitHub PoC1
Proof‑of‑concept Python script demonstrating CVE‑2023‑43208 in Mirth Connect, allowing version checks and command execution on vulnerable instances.
CVE-2023-43208CRITICALbajo ataqueransomware13 mar 2026
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that
100RIESGO
abrir
GitHub PoC
d3vn0mi/CVE-2025-60787-POC
CVE-2025-60787HIGH13 mar 2026
MotionEye v0.43.1b4 and before is vulnerable to OS Command Injection in configuration parameters such as image_file_name
61RIESGO
abrir
GitHub PoC1
CVE-2025-49844
CVE-2025-49844CRITICAL13 mar 2026
Redis Lua Use-After-Free may lead to remote code execution
85RIESGO
abrir
GitHub PoC10
Adaptation of Cassowary CVE-2024-23222 for Linux x86_64
CVE-2024-23222HIGHbajo ataque13 mar 2026
A type confusion issue was addressed with improved checks. This issue is fixed in Safari 17.3, iOS 15.8.7 and iPadOS 15.
76RIESGO
abrir
GitHub PoC
Entorno y explotación de la vulnerabilidad CVE-2025-5548
CVE-2025-5548MEDIUM13 mar 2026
FreeFloat FTP Server NOOP Command buffer overflow
38RIESGO
abrir
GitHub PoC
Basic Proof of Concept (Poc) Exploit for React RSC - CVE-2025-55182
CVE-2025-55182CRITICALbajo ataqueransomware12 mar 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RIESGO
abrir
GitHub PoC1
Educational lab demonstrating CVE-2018-7600 (Drupalgeddon2) Remote Code Execution using a Docker-based vulnerable Drupal 7.56 environment.
CVE-2018-7600CRITICALbajo ataqueransomware12 mar 2026
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbi
100RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.