Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,046cataloged exploits
31,617CVEs with public exploitation
0lab-tested
3,462 exploits
Metasploit500
HP Poly Voice Unauthenticated Remote Code Execution
CVE-2026-0826CRITICAL01 Jun 2026
Poly Voice – Possible Remote Control of Certain Poly Devices
48RISK
open
Metasploit300
Linux Kernel __ptrace_may_access() Exit Race chage File Disclosure
CVE-2026-46333HIGH14 May 2026
ptrace: slightly saner 'get_dumpable()' logic
56RISK
open
Metasploit400
rxkad Page-Cache Write via CVE-2026-43500
CVE-2026-43500HIGH08 May 2026
rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present
78RISK
open
Metasploit400
xfrm-ESP Page-Cache Write via CVE-2026-43284
CVE-2026-43284HIGH08 May 2026
xfrm: esp: avoid in-place decrypt on shared skb frags
78RISK
open
Metasploit600
Dalfox Found-Action Deserialization RCE
CVE-2026-45087CRITICAL07 May 2026
Dalfox: Unauthenticated Remote Code Execution via `found-action` in Dalfox Server Mode
43RISK
open
Metasploit300
Cisco Catalyst SD-WAN Controller vHub Authentication Bypass
CVE-2026-20182CRITICALunder attack07 May 2026
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
100RISK
open
Metasploit600
Apache ActiveMQ RCE via Jolokia addNetworkConnector
CVE-2026-34197HIGHunder attack29 Apr 2026
Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Authenticated users could perform RCE via Jolokia MBeans
100RISK
open
Metasploit600
Copy Fail AF_ALG + authencesn Page-Cache Write
CVE-2026-31431HIGHunder attack29 Apr 2026
crypto: algif_aead - Revert to operating out-of-place
100RISK
open
Metasploit600
cPanel/WHM CRLF Injection Authentication Bypass RCE
CVE-2026-41940CRITICALunder attackransomware28 Apr 2026
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RISK
open
Metasploit600
Xerte Online Toolkits Arbitrary File Upload - Unauthenticated Media Upload
CVE-2026-34413HIGH22 Apr 2026
Xerte Online Toolkits Missing Authentication via connector.php
56RISK
open
Metasploit600
Xerte Online Toolkits Arbitrary File Upload - Unauthenticated Media Upload
CVE-2026-34415CRITICAL22 Apr 2026
Xerte Online Toolkits File Upload RCE via elfinder Connector
63RISK
open
Metasploit600
Xerte Online Toolkits Arbitrary File Upload - Unauthenticated Media Upload
CVE-2026-41459MEDIUM22 Apr 2026
Xerte Online Toolkits Path Disclosure via /setup
48RISK
open
Metasploit600
Flowise CSV Agent Prompt Injection RCE
CVE-2026-41264CRITICAL22 Apr 2026
Flowise: CSV Agent Prompt Injection Remote Code Execution Vulnerability
43RISK
open
Metasploit600
Xerte Online Toolkits Arbitrary File Upload - Unauthenticated Media Upload
CVE-2026-34414HIGH22 Apr 2026
Xerte Online Toolkits Path Traversal via connector.php
56RISK
open
Metasploit300
BerriAI LiteLLM Proxy Pre-Auth SQL Injection Scanner
CVE-2026-42208CRITICALunder attack20 Apr 2026
LiteLLM: SQL injection in Proxy API key verification
100RISK
open
Metasploit600
Paperclip AI RCE using a chain of six API calls (CVE-2026-41679).
CVE-2026-41679CRITICAL10 Apr 2026
Paperclip Vulnerable to Unauthenticated Remote Code Execution via Import Authorization Bypass
43RISK
open
Metasploit600
Supsystic Contact Form Wordpress Plugin SSTI RCE
CVE-2026-4257CRITICAL30 Mar 2026
Contact Form by Supsystic <= 1.7.36 - Unauthenticated Server-Side Template Injection via Prefill Functionality
75RISK
open
Metasploit300
Citrix ADC (NetScaler) CVE-2026-3055 Scanner
CVE-2026-3055CRITICALunder attack23 Mar 2026
Insufficient input validation leading to memory overread
95RISK
open
Metasploit600
AVideo Encoder getImage.php Unauthenticated Command Injection
CVE-2026-29058CRITICAL05 Mar 2026
AVideo: Unauthenticated OS Command Injection via base64Url in objects/getImage.php
43RISK
open
Metasploit300
AVideo Unauthenticated SQL Injection Credential Dump
CVE-2026-28501CRITICAL05 Mar 2026
WWBN AVideo: Unauthenticated SQL Injection via JSON Request Bypass in objects/videos.json.php
43RISK
open
Metasploit600
FreeScout Unauthenticated RCE via ZWSP .htaccess Bypass
CVE-2026-28289CRITICAL01 Mar 2026
FreeScout 1.8.206 Patch Bypass for CVE-2026-27636 via Zero-Width Space Character Leads to Remote Code Execution
55RISK
open
Metasploit600
FreeScout Unauthenticated RCE via ZWSP .htaccess Bypass
CVE-2026-27636HIGH01 Mar 2026
FreeScout: Missing .htaccess in Restricted File Extensions Allows Remote Code Execution on Apache
36RISK
open
Metasploit600
openDCIM install.php SQL Injection to RCE
CVE-2026-28515CRITICAL28 Feb 2026
openDCIM <= 23.04 Missing Authorization in install.php
63RISK
open
Metasploit600
openDCIM install.php SQL Injection to RCE
CVE-2026-28516CRITICAL28 Feb 2026
openDCIM <= 23.04 SQL Injection in Config::UpdateParameter
43RISK
open
Metasploit600
openDCIM install.php SQL Injection to RCE
CVE-2026-28517CRITICAL28 Feb 2026
openDCIM <= 23.04 OS Command Injection via dot Configuration Parameter
63RISK
open
Metasploit600
Langflow RCE
CVE-2026-27966CRITICAL25 Feb 2026
Langflow has Remote Code Execution in CSV Agent
55RISK
open
Metasploit300
Cisco Catalyst SD-WAN Controller Authentication Bypass
CVE-2026-20127CRITICALunder attack25 Feb 2026
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
100RISK
open
Metasploit500
GrandStream GXP1600 Unauthenticated Remote Code Execution
CVE-2026-2329CRITICAL18 Feb 2026
Grandstream GXP1600 VoIP Phones - Unauthenticated stack buffer overflow
75RISK
open
Metasploit600
MajorDoMo Supply Chain RCE via Update Poisoning
CVE-2026-27180CRITICAL18 Feb 2026
MajorDoMo Supply Chain Remote Code Execution via Update URL Poisoning
43RISK
open
Metasploit600
MajorDoMo Console Eval Unauthenticated RCE
CVE-2026-27174CRITICAL18 Feb 2026
MajorDoMo Unauthenticated Remote Code Execution via Admin Console Eval
63RISK
open
page 1 / 116next

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.