Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.062exploits catalogados
31.617CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.467Referência 19.791GitHub PoC 13.086VulnCheck XDB 8.069Nuclei 4.187Metasploit 3.462✓ só verificadosrecentespopularesrisco
71.062 exploits
GitHub PoC
This project documents the completion and analysis of the Fragnesia (CVE-2026-46300) TryHackMe lab, which demonstrates a Linux kernel page-cache corruption vulnerability capable of achieving local priviledge escalation through modification of cached file pages without altering files on disk.
net: skbuff: preserve shared-frag marker during coalescing
41RISCO
abrir ↗GitHub PoC
87achrafg-stack/CVE-2026-49083
WordPress LatePoint plugin <= 5.5.1 - Privilege Escalation vulnerability
41RISCO
abrir ↗GitHub PoC
CVE-2026-49083 LatePoint Calendar Booking Plugin Privilege Escalation Exploit
WordPress LatePoint plugin <= 5.5.1 - Privilege Escalation vulnerability
41RISCO
abrir ↗VulnCheck XDB
initial-access
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RISCO
abrir ↗GitHub PoC
CVE‑2024‑20399 - Draft
Cisco NX-OS Software CLI Command Injection Vulnerability
63RISCO
abrir ↗GitHub PoC
hulina9900-boop/DIY-CVE-2026-42945-POC
NGINX ngx_http_rewrite_module vulnerability
60RISCO
abrir ↗GitHub PoC
CVE-2026-42758 WebinarIgnition Exploit
WordPress WebinarIgnition plugin < 4.08.253 - Privilege Escalation vulnerability
48RISCO
abrir ↗GitHub PoC★ 1
CVE-2026-20262 - Cisco Catalyst SD-WAN Manager Arbitrary File Write Path Traversal Vulnerability (CWE-22) - Authenticated Remote File Write
Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability
63RISCO
abrir ↗GitHub PoC
PoC for CVE-2015-10141 – Xdebug unauthenticated RCE
Xdebug Remote Debugger Unauthenticated OS Command Execution
63RISCO
abrir ↗GitHub PoC
The project documents the completion and analysis of the Fragnesia (CVE-2026-46300) TryHackME lab, which demonstrates a Linux kernel page -cache corruption vulnerability capable of achieving local privilege escalation through modification of cached file pages without altering files on disk.
net: skbuff: preserve shared-frag marker during coalescing
41RISCO
abrir ↗GitHub PoC
CVE-2026-9691: Integration for ActiveCampaign and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.1.1 Unauthenticated PHP Object Injection PoC, Patch Analysis & Rule
WordPress Integration for ActiveCampaign and Contact Form 7, WPForms, Elementor, Ninja Forms plugin <= 1.1.1 - PHP Object Injection vulnerability
48RISCO
abrir ↗GitHub PoC
CVE-2026-49085 WP Insightly PHP Object Injection Exploit
WordPress WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms plugin <= 1.1.4 - PHP Object Injection vulnerability
48RISCO
abrir ↗GitHub PoC
CVE-2026-49104 Integration for Keap/Infusionsoft PHP Object Injection Exploit
WordPress Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms plugin <= 1.2.1 - PHP Object Injection vulnerability
48RISCO
abrir ↗GitHub PoC
mandeepsohal/CVE-2025-66391
In Citrix Cloud through 2025-11-10, an account with read-only access can trigger the beginning of a workflow for write o
41RISCO
abrir ↗GitHub PoC
CVE-2026-49105 WP Zendesk PHP Object Injection Exploit
WordPress WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms plugin <= 1.1.4 - PHP Object Injection vulnerability
48RISCO
abrir ↗GitHub PoC
Exploitation and mitigation analysis of CVE-2021-3156 heap-based buffer overflow in sudo
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege
100RISCO
abrir ↗GitHub PoC
d4ngkh04w/CVE-2020-7961
Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary c
100RISCO
abrir ↗GitHub PoC
rootdirective-sec/CVE-2026-49060-Lab
WordPress Hippoo Mobile App for WooCommerce plugin <= 1.9.4 - Privilege Escalation vulnerability
48RISCO
abrir ↗GitHub PoC
CVE-2026-8206 Kirki Plugin Unauthenticated Account Takeover Exploit
Kirki 6.0.0 - 6.0.6 - Unauthenticated Privilege Escalation via 'handle_forgot_password'
48RISCO
abrir ↗GitHub PoC
Log4Shell (CVE-2021-44228) 보안 실습 환경 - Log4j 2.14.1 취약 로그 수집 서버
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISCO
abrir ↗GitHub PoC
Self-contained Docker reproduction and analysis of CVE-2024-23897, the Jenkins CLI arbitrary file read via the args4j @-syntax argument expansion.
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an
100RISCO
abrir ↗GitHub PoC★ 1
A script that gives you the credentials of a Pterodactyl panel vulnerable to CVE-2025-49132
Pterodactyl Panel Allows Unauthenticated Arbitrary Remote Code Execution
68RISCO
abrir ↗GitHub PoC
Penetration testing assessment of a vulnerable IIS 6.0 WebDAV server, demonstrating reconnaissance, enumeration, exploitation (CVE-2017-7269), and privilege escalation to SYSTEM, along with risk analysis and remediation strategies.
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in
100RISCO
abrir ↗GitHub PoC
CVE-2026-50751 Mass Scanner
User Authentication Bypass in VPN Remote Access and Mobile Access
100RISCO
abrir ↗VulnCheck XDB
info-leak
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an
100RISCO
abrir ↗GitHub PoC★ 4
Manage and recover BitLocker encrypted drives with this tool for Windows 11 recovery key management and educational study of CVE-2026-45585.
Windows BitLocker Security Feature Bypass Vulnerability
33RISCO
abrir ↗GitHub PoC★ 1
Mass Scanner For Drupal Exploit CVE-2026-9082
Drupal core - Highly critical - SQL injection - SA-CORE-2026-004
100RISCO
abrir ↗GitHub PoC
CVE-2026-47101, CVE-2026-47102, CVE-2026-40217
LiteLLM < 1.83.14 Privilege Escalation via API Key Generation
41RISCO
abrir ↗GitHub PoC
This is an exploit poc for CVE-2026-4480
Samba: samba: remote code execution in printing subsystem via unescaped job description
68RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.