Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.044exploits catalogados
31.616CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.467Referência 19.791GitHub PoC 13.077VulnCheck XDB 8.060Nuclei 4.187Metasploit 3.462✓ só verificadosrecentespopularesrisco
13.079 exploits
GitHub PoC
Reproducer for CVE-2026-46585: Apache Camel camel-lucene QUERY header injection enabling authorization bypass / index data exfiltration (fixed in 4.14.8/4.18.3/4.21.0)
Apache Camel Lucene: The query control headers used non-Camel-prefixed names (QUERY, RETURN_LUCENE_DOCS) that bypass the HTTP header filter, allowing an HTTP client to inject the full-text search query
41RISCO
abrir ↗GitHub PoC
Reproducer for CVE-2026-46587: Apache Camel camel-couchbase CCB_* header injection enabling document disclosure, tampering, and TTL-forced data destruction (fixed in 4.14.8/4.18.3/4.21.0)
Apache Camel: Couchbase: Non-Camel-prefixed Exchange headers bypass HeaderFilterStrategy allowing operation override from untrusted input
41RISCO
abrir ↗GitHub PoC
Reproducer for CVE-2026-46591: Apache Camel camel-neo4j Cypher injection via property names in CamelNeo4jMatchProperties, enabling authorization bypass / cross-label data exfiltration (fixed in 4.14.8/4.18.3/4.21.0)
Apache Camel: Camel-Neo4j: JSON property names from the CamelNeo4jMatchProperties header are interpolated into the Cypher WHERE clause without validation, allowing Cypher injection (incomplete remediation of CVE-2025-66169)
41RISCO
abrir ↗GitHub PoC
A 16-year-old bug in the Linux kernel lets a rented VM break out and attack the host it runs on. Intel and AMD alike. Januscape is a use-after-free vulnerability in the KVM code that has been sitting there since 2010.
KVM: x86: Fix shadow paging use-after-free due to unexpected role
23RISCO
abrir ↗GitHub PoC
Reproducer for CVE-2026-46588: Apache Camel camel-couchdb CouchDb* header injection (operation confusion) subverting a write-only endpoint into read + delete of arbitrary documents (fixed in 4.14.8/4.18.3/4.21.0)
Apache Camel: CouchDB: Non-Camel-prefixed Exchange headers bypass HeaderFilterStrategy allowing operation override from untrusted input
41RISCO
abrir ↗GitHub PoC
Reproducer for CVE-2026-46590: Apache Camel camel-pqc key-lifecycle unsafe deserialization (FileBasedKeyLifecycleManager legacy .key migration via ObjectInputStream), incomplete remediation of CVE-2026-40048 (fixed in 4.18.3/4.21.0)
Apache Camel: Camel-PQC: The HashiCorp Vault and AWS Secrets Manager key-lifecycle managers deserialize persisted key metadata with java.io.ObjectInputStream and no ObjectInputFilter (incomplete remediation of CVE-2026-40048)
41RISCO
abrir ↗GitHub PoC
Samsung libimagecodec.quram.so OOB Write PoC
Out-of-bounds write in parsing TIFF format in libimagecodec.media.quram.so prior to SMR Jul-2026 Release 1 allows remote
41RISCO
abrir ↗GitHub PoC
Blog on CVE-2026-59827, Unsafe H2 query ouput deserialization
Metabase: Unsafe Deserialization of H2 Query Results
48RISCO
abrir ↗GitHub PoC
My portfolio showcasing vulnerability research (CVE-2026-11989, CVE-2026-11395) and automated threat orchestration engineering (Lucius Engine, TalonVigil).
Bit integrations <= 2.8.7 - Unauthenticated Server-Side Request Forgery via Form Field Upload Mapping
33RISCO
abrir ↗GitHub PoC
CVE-2026-48909 - Unauthenticated PHP Object Injection to RCE exploit for Joomla SP LMS extension versions <= 4.1.3. Exploits lmsOrders cookie deserialization to write webshell via Joomla FormattedtextLogger gadget chain. Includes interactive shell, path discovery, and cleanup. For authorized security testing only.
Joomla Extension - joomshaper.com - PHP Object injection in SP LMS extension for Joomla < 4.1.4
48RISCO
abrir ↗GitHub PoC
arpit-bansal15/cve-2026-48282-pentest-lab
ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)
68RISCO
abrir ↗GitHub PoC★ 1
CVE-2026-58138 — Conductor (3.21.21..<3.30.2) unauthenticated RCE via INLINE GraalVM evaluator (HostAccess.ALL). Lab + PoC, verified e2e (root).
Orkes Conductor 3.21.21 < 3.30.2 Unauthenticated RCE via GraalVM Script Evaluators
48RISCO
abrir ↗GitHub PoC
seqra/cve-2026-58138
Orkes Conductor 3.21.21 < 3.30.2 Unauthenticated RCE via GraalVM Script Evaluators
48RISCO
abrir ↗GitHub PoC
Panduan mitigasi Januscape (CVE-2026-53359) AlmaLinux 9.5 production-safe + scripts
KVM: x86: Fix shadow paging use-after-free due to unexpected role
23RISCO
abrir ↗GitHub PoC
Proof of concept for CVE-2026-58635
Windows Narrator Braille Elevation of Privilege Vulnerability
41RISCO
abrir ↗GitHub PoC★ 2
This repo contains a proof-of-concept exploit for CVE-2026-15409. It establishes non-root remote code execution on SonicWall SMA 1000 by implementing the Erlang protocol expected by localhost:1050 and tunneling it through the websocket for file r/w and arbitrary code execution via RPC calls.
A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. A
78RISCO
abrir ↗GitHub PoC
NeseOS-Corp/CVE-2026-50657
Microsoft Defender for Endpoint for Mac Information Disclosure Vulnerability
33RISCO
abrir ↗GitHub PoC
CVE-2026-15409 - Dectect
A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. A
78RISCO
abrir ↗GitHub PoC
Podlove Podcast Publisher Unauthenticated File Upload RCE via is_image() vs extract_file_extension() Mismatch | CVSS 9.8
Podlove Podcast Publisher <= 4.5.1 - Unauthenticated Arbitrary File Upload via podlove_image_cache_url Parameter
48RISCO
abrir ↗GitHub PoC★ 1
Raimu0x19/CVE-2026-13001
Podlove Podcast Publisher <= 4.5.1 - Unauthenticated Arbitrary File Upload via podlove_image_cache_url Parameter
48RISCO
abrir ↗GitHub PoC
CVE-2026-56164 EOP Exploit
Microsoft SharePoint Server Elevation of Privilege Vulnerability
63RISCO
abrir ↗GitHub PoC
CVE-2026-15409
A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. A
78RISCO
abrir ↗GitHub PoC
CVE-2026-15410 - More: https://github.com/HORKimhab/poc-cve-collection
Post-authentication improper control of generation of code ('Code Injection') vulnerability has been identified in the S
71RISCO
abrir ↗GitHub PoC
A Cross-Site Request Forgery (CSRF) vulnerability exists in the xxl-job-admin web application that allows an attacker to perform unauthorized modifications to Glue IDE shell scripts. The affected endpoint lacks proper CSRF token validation and accepts arbitrary HTTP methods via a permissive request mapping
A Cross-Site Request Forgery (CSRF) vulnerability exists in the xxl-job-admin web application v.3.0.0 that allows an att
20RISCO
abrir ↗GitHub PoC
CVE-2026-8181 — Burst Statistics WordPress plugin Authentication Bypass (CVSS 9.8) to Admin Account Takeover. Mass scanner with FOFA/Shodan integration and modern GUI.
Burst Statistics 3.4.0 - 3.4.1.1 - Authentication Bypass to Admin Account Takeover
68RISCO
abrir ↗GitHub PoC★ 1
本次个人漏洞研究进展成果
rtmutex: Use waiter::task instead of current in remove_waiter()
41RISCO
abrir ↗GitHub PoC★ 3
Vulnerability analysis and Proof of Concept (PoC) for CVE-2026-43499 affecting Xiaomi devices. For educational and research purposes only.
rtmutex: Use waiter::task instead of current in remove_waiter()
41RISCO
abrir ↗GitHub PoC
Reproducer for CVE-2026-46457 — Apache Camel camel-nats inbound header injection (Camel control-header injection via a NATS publisher; CamelHttpUri -> SSRF)
Apache Camel: Camel-NATS: Inbound NATS message headers are mapped into the Exchange without a configured HeaderFilterStrategy, allowing a client that can publish to the subject to inject Camel control headers
41RISCO
abrir ↗GitHub PoC
Reproducer for CVE-2026-46584: Apache Camel camel-mail mail.smtp.* header injection enabling credential theft via on-path SOCKS interception (fixed in 4.14.8/4.18.3/4.21.0)
Apache Camel Mail: The mail producer applied attacker-supplied message headers as JavaMail session properties, allowing an attacker to influence SMTP parameters
28RISCO
abrir ↗página 1 / 436próximo →
Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.