Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.284exploits catalogados
31.741CVEs com exploração pública
0testados em laboratório
13.174 exploits
GitHub PoC
CVE-2024-37383 Proof of Concept
CVE-2024-37383MEDIUMsob ataque14 fev 2026
Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes.
85RISCO
abrir
GitHub PoC
nik123-py/CVE-2025-49132_HTB_SEASON10
CVE-2025-49132CRITICAL14 fev 2026
Pterodactyl Panel Allows Unauthenticated Arbitrary Remote Code Execution
68RISCO
abrir
GitHub PoC1
针对 Next.js 原型污染漏洞 (CVE-2025-55182) 的高效批量检测工具。
CVE-2025-55182CRITICALsob ataqueransomware13 fev 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISCO
abrir
GitHub PoC4
watchtowrlabs/watchTowr-vs-SolarWinds-WebHelpDesk-CVE-2025-40552-CVE-2025-40553
CVE-2025-40552CRITICAL13 fev 2026
SolarWinds Web Help Desk Authentication Bypass Vulnerability
75RISCO
abrir
GitHub PoC
BIG02-bot/React2Shell-CVE-2025-55182-An-lise-T-cnica
CVE-2025-55182CRITICALsob ataqueransomware13 fev 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISCO
abrir
GitHub PoC1
CVE-2024-34102 exploit for python3
CVE-2024-34102CRITICALsob ataque13 fev 2026
XXE can expose crypt key and other secrets granting full admin access
100RISCO
abrir
GitHub PoC2
React2Shell (CVE-2025-55182) POC
CVE-2025-55182CRITICALsob ataqueransomware12 fev 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISCO
abrir
GitHub PoC
Sn0wBaall/CVE-2023-4220-PoC
CVE-2023-4220HIGH12 fev 2026
Chamilo LMS Unauthenticated Big Upload File Remote Code Execution
78RISCO
abrir
GitHub PoC
Real-world information security risk assessment based on the Oracle E-Business Suite zero-day (CVE-2025-61882). Analyses attacker methods, enterprise risks, and mitigation strategies using ISO 27001, NIST CSF, Cyber Essentials and COBIT.
CVE-2025-61882CRITICALsob ataqueransomware12 fev 2026
Vulnerability in the Oracle Concurrent Processing product of Oracle E-Business Suite (component: BI Publisher Integratio
100RISCO
abrir
GitHub PoC
scroollocker/CVE-2025-49132
CVE-2025-49132CRITICAL12 fev 2026
Pterodactyl Panel Allows Unauthenticated Arbitrary Remote Code Execution
68RISCO
abrir
GitHub PoC3
CVE-2025-49132_PHP_PEAR_METHOD
CVE-2025-49132CRITICAL12 fev 2026
Pterodactyl Panel Allows Unauthenticated Arbitrary Remote Code Execution
68RISCO
abrir
GitHub PoC1
Exploit CVE-2025-49132 Pterodactyl Panel RCE
CVE-2025-49132CRITICAL12 fev 2026
Pterodactyl Panel Allows Unauthenticated Arbitrary Remote Code Execution
68RISCO
abrir
GitHub PoC
Ahmedf000/CVE-2025-49132_HTB_SEASON10
CVE-2025-49132CRITICAL11 fev 2026
Pterodactyl Panel Allows Unauthenticated Arbitrary Remote Code Execution
68RISCO
abrir
GitHub PoC
CVE-2025-62215 exploit development using Claude Code Agent Team
CVE-2025-62215HIGHsob ataque11 fev 2026
Windows Kernel Elevation of Privilege Vulnerability
71RISCO
abrir
GitHub PoC
PowerShell remediation for CVE-2013-3900 (WinVerifyTrust) / Tenable Plugin 166555 using EnableCertPaddingCheck.
CVE-2013-3900MEDIUMsob ataque11 fev 2026
WinVerifyTrust Signature Validation Vulnerability
75RISCO
abrir
GitHub PoC1
This script exploits Remote Code Execution vulnerability in Pterodactyl Panel < 1.11.11
CVE-2025-49132CRITICAL11 fev 2026
Pterodactyl Panel Allows Unauthenticated Arbitrary Remote Code Execution
68RISCO
abrir
GitHub PoC3
PoC exploit for CVE-2025-49132 (GHSA-24wv-6c99-f843) – Unauthenticated Remote Code Execution in Pterodactyl Panel ≤ 1.11.10
CVE-2025-49132CRITICAL11 fev 2026
Pterodactyl Panel Allows Unauthenticated Arbitrary Remote Code Execution
68RISCO
abrir
GitHub PoC
A POC chain exploit using the recent Cisco SMP exploit (CVE-2017-6736) to chain into Spectre (CVE-2017-5753 and CVE-2017-5715)
CVE-2017-6736HIGHsob ataque11 fev 2026
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabiliti
93RISCO
abrir
GitHub PoC
Wise-Security/CVE-2025-69599
CVE-2025-69599CRITICAL11 fev 2026
RayVentory Scan Engine through 12.6 Update 8 allows attackers to gain privileges if they control the value of the PATH e
48RISCO
abrir
GitHub PoC
openshift rce poc
CVE-2024-7387CRITICAL11 fev 2026
Openshift/builder: path traversal allows command injection in privileged buildcontainer using docker build strategy
48RISCO
abrir
GitHub PoC4
This program Prompts you for the Local File Inclusion information and will automatically search the /etc/passwd and using the users names found will search for and download any SSH key or variation of keys to the local computer. This program also performs the CVE-2021-41773_ apache2.4.49 and 50 traversal path exploit. In addtion to other LFI Vuln
CVE-2021-41773HIGHsob ataqueransomware11 fev 2026
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
100RISCO
abrir
GitHub PoC
Scanner for the SharePoint CVE-2025-53770 RCE zero day vulnerability (fork from hazcod/CVE-2025-53770)
CVE-2025-53770CRITICALsob ataqueransomware11 fev 2026
Microsoft SharePoint Server Remote Code Execution Vulnerability
100RISCO
abrir
GitHub PoC
This is a modified version of the time-based SQL injection exploit for CMS Made Simple <= 2.2.9. The exploit was originally created by Daniele Scanu and has been updated for better compatibility and modern Python practices.
CVE-2019-905311 fev 2026
An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve
35RISCO
abrir
GitHub PoC
ISabbiI/PoC-Apache-CVE-2021-41773-Infrastructure-LAB
CVE-2021-41773HIGHsob ataqueransomware11 fev 2026
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
100RISCO
abrir
GitHub PoC
Wise-Security/CVE-2025-69600
CVE-2025-69600HIGH11 fev 2026
Command injection in Raynet rvia RayVentory Scan Engine 12.6 Update 8 and previous versions allows adversaries to execut
41RISCO
abrir
GitHub PoC1
Ni8mare, n8n RCE
CVE-2026-21858CRITICAL11 fev 2026
n8n Vulnerable to Unauthenticated File Access via Improper Webhook Request Handling
85RISCO
abrir
GitHub PoC
Cisco iOS SNMP Overflow Exploit Toolkit (CVE-2017-6736)
CVE-2017-6736HIGHsob ataque11 fev 2026
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabiliti
93RISCO
abrir
GitHub PoC
IsmaelCosma/CVE-2025-8088
CVE-2025-8088HIGHsob ataque11 fev 2026
Path traversal vulnerability in WinRAR
93RISCO
abrir
GitHub PoC1
George0Papasotiriou/CVE-2025-8110-Gogs-Remote-Code-Execution
CVE-2025-8110HIGHsob ataque10 fev 2026
File overwrite in file update API in Gogs
100RISCO
abrir
GitHub PoC1
George0Papasotiriou/CVE-2025-61882-Oracle-BI-Publisher-RCE
CVE-2025-61882CRITICALsob ataqueransomware10 fev 2026
Vulnerability in the Oracle Concurrent Processing product of Oracle E-Business Suite (component: BI Publisher Integratio
100RISCO
abrir
anteriorpágina 72 / 440próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.