Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.114exploits catalogados
31.649CVEs com exploração pública
0testados em laboratório
71.114 exploits
GitHub PoC
Dhananjayasj/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability
CVE-2024-21413CRITICALsob ataque30 mai 2026
Microsoft Outlook Remote Code Execution Vulnerability
100RISCO
abrir
GitHub PoC
Dungsocool/CVE-2018-7600
CVE-2018-7600CRITICALsob ataqueransomware30 mai 2026
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbi
100RISCO
abrir
GitHub PoC
This exploit is based on CVE-2023-27350 and was built upon the original exploit by horizon3ai and the Metasploit module.
CVE-2023-27350CRITICALsob ataqueransomware30 mai 2026
This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Bui
100RISCO
abrir
GitHub PoC
CVE-2025-10162 Exploit
CVE-2025-10162HIGH30 mai 2026
OrderConvo < 14 - Unauthenticated Arbitrary File Read
56RISCO
abrir
GitHub PoC7
CVE-2025-38352 kernel exploit for LG webOS Smart TVs (ARM64). Achieves persistent root on real consumer hardware with novel exploitation techniques. Responsibly disclosed to LG.
CVE-2025-38352HIGHsob ataque30 mai 2026
posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()
71RISCO
abrir
GitHub PoC
Testing a List of IP address incase they are vulnerable to CVE-2024-3400
CVE-2024-3400CRITICALsob ataqueransomware30 mai 2026
PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2024-36401CRITICALsob ataque30 mai 2026
Remote Code Execution (RCE) vulnerability in evaluating property name expressions in Geoserver
100RISCO
abrir
GitHub PoC
letsr00t/CVE-2026-43494-PinTheft-PoC
CVE-2026-43494HIGH30 mai 2026
net/rds: reset op_nents when zerocopy page pin fails
41RISCO
abrir
GitHub PoC
HAERIN-L/poc_cve-2026-42208
CVE-2026-42208CRITICALsob ataque30 mai 2026
LiteLLM: SQL injection in Proxy API key verification
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2024-21413CRITICALsob ataque30 mai 2026
Microsoft Outlook Remote Code Execution Vulnerability
100RISCO
abrir
GitHub PoC
HAERIN-L/POC_CVE-2026-46716
CVE-2026-46716CRITICAL30 mai 2026
Nezha Monitoring: RoleMember can run shell on every server (cross-tenant RCE) via POST /api/v1/cron
48RISCO
abrir
Exploit-DB
YAMCS yamcs-core 5.12.7 - User Enumeration
CVE-2026-44595MEDIUMwebappsmultiple30 mai 2026
Yamcs: Unauthorized user enumeration via IAM API endpoints
30RISCO
abrir
Exploit-DB
YAMCS yamcs-core 5.12.7 - No Rate Limiting
CVE-2026-44596MEDIUMwebappsmultiple30 mai 2026
Yamcs: No Rate Limiting on Authentication Endpoint
30RISCO
abrir
VulnCheck XDB
initial-access
CVE-2023-27350CRITICALsob ataqueransomware30 mai 2026
This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Bui
100RISCO
abrir
GitHub PoC3
CVE-2026-0257
CVE-2026-0257HIGHsob ataque30 mai 2026
PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities
100RISCO
abrir
GitHub PoC
CVE-2026-0257 - PAN-OS
CVE-2026-0257HIGHsob ataque30 mai 2026
PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities
100RISCO
abrir
GitHub PoC
Auditoría de seguridad y análisis de vulnerabilidades (CVE-2014-3566 y CVE-2010-2333) en la infraestructura de red local y router residencial.
CVE-2010-233330 mai 2026
LiteSpeed Technologies LiteSpeed Web Server 4.0.x before 4.0.15 allows remote attackers to read the source code of scrip
50RISCO
abrir
GitHub PoC
PHP poc, exploit for CVE-2025-9074
CVE-2025-9074CRITICAL30 mai 2026
Docker Desktop allows unauthenticated access to Docker Engine API from containers
48RISCO
abrir
VulnCheck XDB
initial-access
CVE-2026-8732CRITICAL30 mai 2026
WP Maps Pro <= 6.1.0 - Unauthenticated Privilege Escalation via Administrator Account Creation to wpgmp_temp_access_ajax AJAX Action
48RISCO
abrir
GitHub PoC1
POC_CVE-2026-42589
CVE-2026-42589CRITICAL30 mai 2026
Gotenberg: Unauthenticated RCE via ExifTool Metadata Key Injection
63RISCO
abrir
GitHub PoC7
Notepad++ RCE via config.xml commandLineInterpreter
CVE-2026-48778HIGH30 mai 2026
Notepad++: Arbitrary Code Execution via config.xml commandLineInterpreter
41RISCO
abrir
VulnCheck XDB
initial-access
CVE-2026-8732CRITICAL30 mai 2026
WP Maps Pro <= 6.1.0 - Unauthenticated Privilege Escalation via Administrator Account Creation to wpgmp_temp_access_ajax AJAX Action
48RISCO
abrir
Exploit-DB
Notepad++ 8.9.6 - Arbitrary Code Execution
CVE-2026-48778HIGHremotewindows30 mai 2026
Notepad++: Arbitrary Code Execution via config.xml commandLineInterpreter
41RISCO
abrir
GitHub PoC
kavin-jindal/CVE-2026-48778-PoC
CVE-2026-48778HIGH30 mai 2026
Notepad++: Arbitrary Code Execution via config.xml commandLineInterpreter
41RISCO
abrir
GitHub PoC
SourceCodester Pharmacy Sales and Inventory System 1.0 - Vulnerable source code for CVE-2026-7392 SQL Injection
CVE-2026-7392MEDIUM30 mai 2026
SourceCodester Pharmacy Sales and Inventory System ajax.php delete_supplier sql injection
33RISCO
abrir
GitHub PoC2
WP Maps Pro <= 6.1.0 - Unauthenticated Privilege Escalation via Administrator Account Creation to wpgmp_temp_access_ajax AJAX Action
CVE-2026-8732CRITICAL30 mai 2026
WP Maps Pro <= 6.1.0 - Unauthenticated Privilege Escalation via Administrator Account Creation to wpgmp_temp_access_ajax AJAX Action
48RISCO
abrir
GitHub PoC
WP Maps Pro <= 6.1.0 - Unauthenticated Privilege Escalation via Administrator Account Creation
CVE-2026-8732CRITICAL30 mai 2026
WP Maps Pro <= 6.1.0 - Unauthenticated Privilege Escalation via Administrator Account Creation to wpgmp_temp_access_ajax AJAX Action
48RISCO
abrir
GitHub PoC2
CVE-2026-8732 | WP Maps Pro <= 6.1.0 | Unauthenticated Privilege Escalation
CVE-2026-8732CRITICAL30 mai 2026
WP Maps Pro <= 6.1.0 - Unauthenticated Privilege Escalation via Administrator Account Creation to wpgmp_temp_access_ajax AJAX Action
48RISCO
abrir
VulnCheck XDB
initial-access
CVE-2026-8732CRITICAL30 mai 2026
WP Maps Pro <= 6.1.0 - Unauthenticated Privilege Escalation via Administrator Account Creation to wpgmp_temp_access_ajax AJAX Action
48RISCO
abrir
VulnCheck XDB
initial-access
CVE-2026-42589CRITICAL30 mai 2026
Gotenberg: Unauthenticated RCE via ExifTool Metadata Key Injection
63RISCO
abrir
anteriorpágina 39 / 2.371próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.