Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.062exploits catalogados
31.617CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.467Referência 19.791GitHub PoC 13.086VulnCheck XDB 8.069Nuclei 4.187Metasploit 3.462✓ só verificadosrecentespopularesrisco
71.062 exploits
GitHub PoC★ 1
PoC for CVE-2026-53360: guest-triggered heap out-of-bounds read/write in KVM SEV-SNP Page State Change (PSC) handling.
KVM: SEV: Require in-GHCB scratch area if GHCB v2+ is in use
23RISCO
abrir ↗GitHub PoC
Python & template nuclei
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RISCO
abrir ↗GitHub PoC★ 1
CVE-2026-34038: Authenticated Remote Command Injection in Coolify
Coolify authenticated remote command injection leading to RCE and secret exfiltration
48RISCO
abrir ↗GitHub PoC★ 5
Apache ActiveMQ Classic RCE research: CVE-2026-34197 / CVE-2026-42588 bypass chain + hardened-6.2.6 audit findings + Crowdfense comparison
Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Authenticated users could perform RCE via Jolokia MBeans
100RISCO
abrir ↗VulnCheck XDB
initial-access
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RISCO
abrir ↗GitHub PoC★ 2
caterscam/CVE-2026-5524-PoC
Divi Form Builder <= 5.1.8 - Unauthenticated Arbitrary File Upload Leading to Remote Code Execution via 'acceptFileTypes' Parameter
48RISCO
abrir ↗GitHub PoC
💉 Blind SQL Injection → RCE exploit for Control Web Panel (CWP) ≤ 0.9.8.1224 — userRes POST → INTO DUMPFILE → cwpsvc shell
Control Web Panel < 0.9.8.1225 Blind SQL Injection via userRes Parameter
48RISCO
abrir ↗GitHub PoC
Technical troubleshooting repository for fixing infinite rendering vulnerability loops and resource exhaustion threats under CVE-2026-23869 cleanly.
A denial of service vulnerability exists in React Server Components, affecting the following packages: react-server-dom-
41RISCO
abrir ↗VulnCheck XDB
initial-access
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisati
100RISCO
abrir ↗GitHub PoC★ 1
1beelze/CVE-2026-11387
SMS Alert <= 3.9.5 - Unauthenticated Privilege Escalation via Arbitrary Password Reset
48RISCO
abrir ↗GitHub PoC★ 5
☄️ Mass reconnaissance & exploitation framework for Apache Solr CVE-2026-44825 — Velocity template injection to RCE
Apache Solr: Enabling BasicAuth using bin/solr CLI configures additional insecure users
41RISCO
abrir ↗GitHub PoC
Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.7, the _safe_eval_expression() function in the computed fields feature uses an AST validator that only blocks attributes starting with underscore.
Crawl4AI: AST Sandbox Escape via gi_frame.f_back Chain - Pre-Auth RCE in Docker API
48RISCO
abrir ↗GitHub PoC
Pardus Software Local Privilege Escalation PoC - affected from <= 1.0.4
Argument Injection in TUBITAK BILGEM's pardus-software
41RISCO
abrir ↗GitHub PoC★ 1
Page Builder CK for Joomla - Unauthenticated SSRF / Remote File Write leading to PHP execution Exploiter
Joomla Extension - joomlack.fr - Unauthenticated file upload in Page Builder CK extension < 3.6.0
48RISCO
abrir ↗GitHub PoC★ 1
# CVE-2026-28995 Proof of Concept for CVE-2026-28995 — Path Traversal vulnerability in App Intents on iOS 26.4.2 and below.
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 an
41RISCO
abrir ↗VulnCheck XDB
info-leak
Arbitrary Local File Read via Component Method Invocation in gradio-app/gradio
56RISCO
abrir ↗GitHub PoC
CVE-2026-49468 — LiteLLM (<1.84.0) unauthenticated auth bypass via Host-header route confusion. PoC + docker lab.
LiteLLM: Authentication Bypass via Host Header Injection
48RISCO
abrir ↗GitHub PoC
Gogs has Path Traversal in organization name that results in RCE through Git hooks
Gogs: Path Traversal in organization name results in RCE through Git hooks
48RISCO
abrir ↗GitHub PoC
DESIGN AND IMPLEMENTATION OF A VULNERABILITY SCANNER FOR CVE-2026-45498 IN MICROSOFT DEFENDER
Microsoft Defender Denial of Service Vulnerability
75RISCO
abrir ↗VulnCheck XDB
remote-with-credentials
Gogs: Path Traversal in organization name results in RCE through Git hooks
48RISCO
abrir ↗VulnCheck XDB
initial-access
FreePBX Affected by Authentication Bypass Leading to SQL Injection and RCE
100RISCO
abrir ↗GitHub PoC★ 1
kaleth4/CVE-2026-20896
Gitea Docker image trusts spoofable reverse-proxy headers by default
48RISCO
abrir ↗GitHub PoC★ 6
SimpleHelp OIDC Authentication Bypass PoC
SimpleHelp Authentication Bypass via Missing OIDC JWT Signature Verification
48RISCO
abrir ↗GitHub PoC★ 1
Proof of concept for CVE-2026-36027 and CVE-2026-36028
An issue in Code27 Companion Hub SQ3A.220705.003.A1 allows a physically proximate attacker to execute arbitrary code via
33RISCO
abrir ↗GitHub PoC
This repository contains a proof-of-concept (PoC) exploit for CVE-2026-38751, affecting OpenSTAManager ≤ 2.10. The vulnerability allows an authenticated attacker to upload a malicious module via the module update functionality, leading to arbitrary file upload and remote code execution (RCE).
OpenSTAManager version 2.10 and earlier contains an arbitrary file upload vulnerability in the module update functionali
41RISCO
abrir ↗VulnCheck XDB
initial-access
Langflow has Unauthenticated Remote Code Execution via Public Flow Build Endpoint
100RISCO
abrir ↗GitHub PoC
BastianXploited/CVE-2026-0740-mass
Ninja Forms - File Upload <= 3.3.26 - Unauthenticated Arbitrary File Upload
75RISCO
abrir ↗VulnCheck XDB
initial-access
An issue was discovered in Veritas Backup Exec before 21.2. It supports multiple authentication schemes: SHA authenticat
98RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.