Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.114exploits catalogados
31.649CVEs com exploração pública
0testados em laboratório
13.116 exploits
GitHub PoC
One IPv6 ND option with length zero. One missing check. Daemon walks backward and lives in the loop. Reported to OpenBSD, fixed, CVE assigned.
CVE-2026-41285MEDIUM05 mai 2026
In OpenBSD through 7.8, the slaacd and rad daemons have an infinite loop when they receive a crafted ICMPv6 Neighbor Dis
13RISCO
abrir
GitHub PoC1
Detection signatures for CVE-2026-41940 and shemas for cPanel logs
CVE-2026-41940CRITICALsob ataqueransomware05 mai 2026
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RISCO
abrir
GitHub PoC
Pentesting caja negra: Shellshock (CVE-2014-6271) + Log4Shell (CVE-2021-44228). Escalada a root. Informe ejecutivo y técnico
CVE-2021-44228CRITICALsob ataqueransomware05 mai 2026
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISCO
abrir
GitHub PoC
Analysis of CVE-2026-24072
CVE-2026-24072HIGH05 mai 2026
Apache HTTP Server: mod_rewrite elevation of privileges via ap_expr
21RISCO
abrir
GitHub PoC1
Утилита для Linux, которая проверяет доступность `AF_ALG`/`algif_aead` и помогает оценить риск по `CVE-2026-31431`.
CVE-2026-31431HIGHsob ataque05 mai 2026
crypto: algif_aead - Revert to operating out-of-place
100RISCO
abrir
GitHub PoC
Passive HTTP metadata auditor for CVE-2026-23918 exposure triage
CVE-2026-23918HIGH05 mai 2026
Apache HTTP Server: http2: double free and possible RCE on early reset
53RISCO
abrir
GitHub PoC
Mrhudson69/cve-2026-31431
CVE-2026-31431HIGHsob ataque04 mai 2026
crypto: algif_aead - Revert to operating out-of-place
100RISCO
abrir
GitHub PoC
kaleth4/CVE-2025-60751
CVE-2025-60751HIGH04 mai 2026
GeographicLib 2.5 is vulnerable to Buffer Overflow in GeoConvert DMS::InternalDecode.
41RISCO
abrir
GitHub PoC10
Safe detection tooling for CVE-2026-31431 "Copy Fail" and CVE-2026-43284 "Dirty Frag" — a local privilege escalation in the Linux kernel's algif_aead module affecting all major distributions since 2017.
CVE-2026-31431HIGHsob ataque04 mai 2026
crypto: algif_aead - Revert to operating out-of-place
100RISCO
abrir
GitHub PoC
kaleth4/CVE-2025-47987
CVE-2025-47987HIGH04 mai 2026
Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability
41RISCO
abrir
GitHub PoC
kaleth4/CVE-2025-69985
CVE-2025-69985CRITICAL04 mai 2026
FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Execution (RCE). The vulnera
48RISCO
abrir
GitHub PoC
LetsDefend SOC336 case study on CVE-2025-21298
CVE-2025-21298CRITICAL04 mai 2026
Windows OLE Remote Code Execution Vulnerability
70RISCO
abrir
GitHub PoC4
Read-only Bash checker for the Copy Fail Linux kernel vulnerability (CVE-2026-31431)
CVE-2026-31431HIGHsob ataque04 mai 2026
crypto: algif_aead - Revert to operating out-of-place
100RISCO
abrir
GitHub PoC
Controlled virtual attack & defense lab — CVE-2011-2523 exploitation, Nmap recon, Nikto scanning, UFW hardening on Metasploitable 2
CVE-2011-252304 mai 2026
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
60RISCO
abrir
GitHub PoC
Privilege Escalation Vulnerability in PackageKit (TOCTOU Race Condition)
CVE-2026-41651HIGH03 mai 2026
PackageKit vulnerable to TOCTOU Race on Transaction Flags leads to arbitrary package installation as root
41RISCO
abrir
GitHub PoC2
Fast, auditable Linux mitigation for CVE-2026-31431 Copy Fail: algif_aead block, verification, and AF_ALG seccomp hardening.
CVE-2026-31431HIGHsob ataque03 mai 2026
crypto: algif_aead - Revert to operating out-of-place
100RISCO
abrir
GitHub PoC
CVE-2026-31431 merupakan celah keamanan yang terjadi akibat kegagalan dalam proses penyalinan data (copy operation failure). Kerentanan ini muncul ketika sistem tidak melakukan validasi atau penanganan error dengan benar saat melakukan proses copy data dari satu buffer ke buffer lain
CVE-2026-31431HIGHsob ataque03 mai 2026
crypto: algif_aead - Revert to operating out-of-place
100RISCO
abrir
GitHub PoC1
CVE-2020-11022
CVE-2020-11022MEDIUM03 mai 2026
jQuery has a potential XSS vulnerability
55RISCO
abrir
GitHub PoC
CRAReady SBOM test fixture — Java/Maven app with Log4Shell (CVE-2021-44228), Spring4Shell, Text4Shell, and other critical CVEs
CVE-2021-44228CRITICALsob ataqueransomware02 mai 2026
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISCO
abrir
GitHub PoC
Proof of concept exploit for CVE-2024-53677 - Apache Struts file upload path traversal vulnerability leading to Remote Code Execution
CVE-2024-53677CRITICAL02 mai 2026
Apache Struts: Mixing setters for uploaded files and normal fields can allow bypass file upload checks
70RISCO
abrir
GitHub PoC
this is a repo who is facing a escalation issue in their linux system and a news regarding problem of "Dirty pipeline"
CVE-2022-0847HIGHsob ataque02 mai 2026
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in cop
100RISCO
abrir
GitHub PoC
Hunt-Benito/cve-2026-41200-stig-manager-oidc-reflected-xss
CVE-2026-41200HIGH02 mai 2026
STIG Manager has reflected XSS vulnerability in the Web App
41RISCO
abrir
GitHub PoC2
CVE-2016-6210/Openssh 7.2p2 side channel info disclosure POC
CVE-2016-6210MEDIUM02 mai 2026
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static
70RISCO
abrir
GitHub PoC
Tracking CVE-2026-31431
CVE-2026-31431HIGHsob ataque02 mai 2026
crypto: algif_aead - Revert to operating out-of-place
100RISCO
abrir
GitHub PoC
Log4Shell (CVE-2021-44228)
CVE-2021-44228CRITICALsob ataqueransomware02 mai 2026
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISCO
abrir
GitHub PoC1
CVE-2026-41940 Direct Shell Acess
CVE-2026-41940CRITICALsob ataqueransomware02 mai 2026
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RISCO
abrir
GitHub PoC
Linux Kernel LPE PoC (CVE-2026-31431)
CVE-2026-31431HIGHsob ataque02 mai 2026
crypto: algif_aead - Revert to operating out-of-place
100RISCO
abrir
GitHub PoC
IDS/IPS lab for detecting and preventing Apache ActiveMQ RCE (CVE-2023-46604) using GVM, Nmap, Snort, iptables, and UFW.
CVE-2023-46604CRITICALsob ataqueransomware02 mai 2026
Apache ActiveMQ, Apache ActiveMQ Legacy OpenWire Module: Unbounded deserialization causes ActiveMQ to be vulnerable to a remote code execution (RCE) attack
100RISCO
abrir
GitHub PoC
SSH posture helper for CVE-2026-31431 (Copy Fail): kernel and algif_aead inventory
CVE-2026-31431HIGHsob ataque01 mai 2026
crypto: algif_aead - Revert to operating out-of-place
100RISCO
abrir
GitHub PoC2
cPanel CVE-2026-41940 nuclear.x86 Security Audit & Cleanup Script
CVE-2026-41940CRITICALsob ataqueransomware01 mai 2026
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RISCO
abrir
anteriorpágina 49 / 438próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.