Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.114exploits catalogados
31.649CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.469Referência 19.810GitHub PoC 13.116VulnCheck XDB 8.069Nuclei 4.188Metasploit 3.462✓ só verificadosrecentespopularesrisco
13.116 exploits
GitHub PoC★ 2
Automated Metasploit post-exploitation module for CVE-2026-31431 ("Copy Fail"). Weaponizes a deterministic logic flaw in the Linux kernel AF_ALG subsystem to achieve local privilege escalation (LPE) to root by safely corrupting a setuid binary directly in the shared Page Cache (RAM) without modifying files on disk
crypto: algif_aead - Revert to operating out-of-place
100RISCO
abrir ↗GitHub PoC
Read-only WordPress User Registration CVE-2026-1492 checker for hidden admins, plugin version, uploads PHP, cron, and compromise IOCs.
User Registration & Membership <= 5.1.2 - Unauthenticated Privilege Escalation via Membership Registration
68RISCO
abrir ↗GitHub PoC
Zero-dependency CLI scanner for npm/PyPI supply chain compromises. Detects compromised packages in lockfiles and system-level IOCs from attacks like Mini Shai-Hulud (CVE-2026-45321).
Malware in 42 @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys
78RISCO
abrir ↗GitHub PoC
lwd3c/CVE-2026-46586
Apache OFBiz: Improper Validation in traverseContent Service Enables Authenticated Groovy Code Execution
21RISCO
abrir ↗GitHub PoC★ 6
CHARON — pre-built PoC for CVE-2026-46333 (Linux ptrace mm==NULL fd theft)
ptrace: slightly saner 'get_dumpable()' logic
56RISCO
abrir ↗GitHub PoC★ 4
CVE-2026-38526 | Krayin CRM v2.2.x Authenticated RCE - Unrestricted PHP File Upload via TinyMCE
An authenticated arbitrary file upload vulnerability in the /admin/tinymce/upload endpoint of Webkul Krayin CRM v2.2.x a
48RISCO
abrir ↗GitHub PoC
Exploit for the CVE-2026-8181 - Burst Statistics WordPress Plugin Authentication Bypass
Burst Statistics 3.4.0 - 3.4.1.1 - Authentication Bypass to Admin Account Takeover
68RISCO
abrir ↗GitHub PoC
CVE-2026-8181: Burst Statistics Auth Bypass → REST API takeover & admin creation. Python 2.7. Educational use only.
Burst Statistics 3.4.0 - 3.4.1.1 - Authentication Bypass to Admin Account Takeover
68RISCO
abrir ↗GitHub PoC
Maxime288/CVE-2026-31431-Copy-Fail-R-pertoire-de-Pr-vention
crypto: algif_aead - Revert to operating out-of-place
100RISCO
abrir ↗GitHub PoC★ 2
Shell script to detect TanStack npm supply chain attack indicators (CVE-2026-45321 / GHSA-g7cv-rxg3-hmpx)
Malware in 42 @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys
78RISCO
abrir ↗GitHub PoC★ 7
CVE-2026-44578: Next.js WebSocket Upgrade SSRF — pre-auth credential theft via localhost:80. Lab + exploit + audit.
Next.js: Server-side request forgery in applications using WebSocket upgrades
68RISCO
abrir ↗GitHub PoC★ 1
CVE-2026-44578
Next.js: Server-side request forgery in applications using WebSocket upgrades
68RISCO
abrir ↗GitHub PoC
This exploit is based on CVE-2023-26360 (https://nvd.nist.gov/vuln/detail/CVE-2023-26360) and was built on top of the Metasploit module and the jakabakos/CVE-2023-26360-adobe-coldfusion-rce-exploit.
Adobe ColdFusion Improper Access Control Arbitrary code execution
100RISCO
abrir ↗GitHub PoC
Safe Python scanner for Cisco CVE-2025-20333 (Cisco ASA/FTD WebVPN Buffer Overflow)
A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secu
90RISCO
abrir ↗GitHub PoC
User Registration Advanced Fields <= 1.6.20 - Unauthenticated Arbitrary File Upload
User Registration Advanced Fields <= 1.6.20 - Unauthenticated Arbitrary File Upload
48RISCO
abrir ↗GitHub PoC
CVE-2026-45091
sealed-env: TOTP secret embedded in unseal token payload (enterprise mode)
48RISCO
abrir ↗GitHub PoC
Read-only cPanel CVE-2026-41940 IOC detector for .sorry ransomware, Mr_Rot13 Filemanager backdoors, C2 callbacks, cron, SSH, and logs.
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RISCO
abrir ↗GitHub PoC★ 1
This exploit is based on CVE-2021-33393 and was built upon the original exploit by Mücahit Saratar, extending it to achieve a reverse shell with root privileges.
lfs/backup in IPFire 2.25-core155 does not ensure that /var/ipfire/backup/bin/backup.pl is owned by the root account. It
50RISCO
abrir ↗GitHub PoC
Python toolkit to audit Apache HTTP Server against CVE-2026-23918 (HTTP/2 double-free RCE) and 4 related CVEs. Passive scanner with ALPN verification + read-only local auditor. No exploits.
Apache HTTP Server: http2: double free and possible RCE on early reset
53RISCO
abrir ↗GitHub PoC★ 2
Technical breakdown of CVE-2026-34473, an unauthenticated denial of service affecting 17+ ZTE router models.
Unauthenticated DoS in ZTE H8102E, H168N, H167A, H199A, H288A, H198A, H267A, H267N, H268A, H388X, H196A, H369A, H268N, H
41RISCO
abrir ↗GitHub PoC
CVE-2026-39987
marimo Affected by Pre-Auth Remote Code Execution via Terminal WebSocket Authentication Bypass
100RISCO
abrir ↗GitHub PoC
Estudio del bug CVE-2026-31431
crypto: algif_aead - Revert to operating out-of-place
100RISCO
abrir ↗GitHub PoC★ 18
nginx CVE scanner + RCE exploit framework (CVE-2026-42945 + 16 others)
NGINX ngx_http_rewrite_module vulnerability
60RISCO
abrir ↗GitHub PoC
Safe Python scanner for CVE-2025-20362 (Cisco ASA/FTD WebVPN Authentication Bypass)
Update: On November 5, 2025, Cisco became aware of a new attack variant against devices running Cisco Secure ASA Softwar
100RISCO
abrir ↗GitHub PoC★ 2
PoC for CVE-2026-6433: WordPress FlipperCode Custom CSS, JS & PHP (≤2.0.7) — unauthenticated SQLi to RCE. Python 3 stdlib; single target or bulk multi-threaded scanning. Authorized testing & research only.
Custom CSS JS PHP <= 2.0.7 - Unauthenticated SQL Injection to RCE
56RISCO
abrir ↗GitHub PoC★ 13
Evince/xreader/Atril RCE exploit to CVE-2026-46529
PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen
41RISCO
abrir ↗GitHub PoC
Source-built nginx 1.25.5 container with backported CVE-2026-42945 fix, OpenSSL bump, full provenance chain, and VEX attestation.
NGINX ngx_http_rewrite_module vulnerability
60RISCO
abrir ↗GitHub PoC
Apache Axis1.4 远程命令执行漏洞利用工具 - CVE-2019-0227,支持随机化服务名和Webshell文件名
A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2
45RISCO
abrir ↗GitHub PoC
This repository contains a Proof of Concept (PoC) Python script for CVE-2025-58434, which enables attackers to change passwords of other users without authentication process in flowise version 3.0.5 and lower due to token leakage.
Flowise Cloud and Local Deployments have Unauthenticated Password Reset Token Disclosure that Leads to Account Takeover
75RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.