Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,062cataloged exploits
31,617CVEs with public exploitation
0lab-tested
71,062 exploits
GitHub PoC
CVE-2026-22874 writeup: incomplete SSRF allow-list in Gitea webhook/migration (IPv6 transition and cloud metadata). Fixed in Gitea 1.26.3.
CVE-2026-22874CRITICAL04 Jul 2026
Gitea webhook and migration allow-list filtering permits SSRF
48RISK
open
VulnCheck XDB
initial-access
CVE-2026-56290CRITICAL04 Jul 2026
Joomla Extension - joomlack.fr - Unauthenticated file upload in Page Builder CK extension < 3.6.0
48RISK
open
GitHub PoC17
CVE-2026-46242
CVE-2026-46242HIGH04 Jul 2026
eventpoll: fix ep_remove struct eventpoll / struct file UAF
41RISK
open
GitHub PoC
Casdoor version 2.362.0
CVE-2026-9090CRITICAL04 Jul 2026
CVE-2026-9090
28RISK
open
GitHub PoC3
PoC for CVE-2026-54415 — Azuriom CMS (<1.2.11) Broken Access Control → account takeover
CVE-2026-54415HIGH04 Jul 2026
Broken Access Control in Azuriom CMS Server Routes Allows Account Takeover
41RISK
open
GitHub PoC3
Read-only vulnerability scanner for CVE-2026-49049 — Helix3 Joomla plugin unauthenticated AJAX handler
CVE-2026-49049HIGH04 Jul 2026
Joomla Extension - joomshaper.com - Unauthenticated access to Helix3 template ajax handler
41RISK
open
VulnCheck XDB
client-side
CVE-2024-21413CRITICALunder attack04 Jul 2026
Microsoft Outlook Remote Code Execution Vulnerability
100RISK
open
GitHub PoC
Static config scanner that flags nginx configs vulnerable to the complex_value two-pass capture-clobbering bug (regex map + regex capture → heap overflow / info leak).
CVE-2026-42533CRITICAL04 Jul 2026
NGINX Map directive and Regex matching vulnerability
45RISK
open
VulnCheck XDB
info-leak
CVE-2024-1561HIGH03 Jul 2026
Arbitrary Local File Read via Component Method Invocation in gradio-app/gradio
56RISK
open
VulnCheck XDB
info-leak
CVE-2026-8451HIGH03 Jul 2026
Insufficient input validation leading to memory overread
41RISK
open
GitHub PoC
CVE-2026-49468 — LiteLLM (<1.84.0) unauthenticated auth bypass via Host-header route confusion. PoC + docker lab.
CVE-2026-49468CRITICAL03 Jul 2026
LiteLLM: Authentication Bypass via Host Header Injection
48RISK
open
GitHub PoC
Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.7, the _safe_eval_expression() function in the computed fields feature uses an AST validator that only blocks attributes starting with underscore.
CVE-2026-53753CRITICAL03 Jul 2026
Crawl4AI: AST Sandbox Escape via gi_frame.f_back Chain - Pre-Auth RCE in Docker API
48RISK
open
VulnCheck XDB
initial-access
CVE-2017-12615HIGHunder attackransomware03 Jul 2026
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisati
100RISK
open
GitHub PoC5
☄️ Mass reconnaissance & exploitation framework for Apache Solr CVE-2026-44825 — Velocity template injection to RCE
CVE-2026-44825HIGH03 Jul 2026
Apache Solr: Enabling BasicAuth using bin/solr CLI configures additional insecure users
41RISK
open
GitHub PoC1
# CVE-2026-28995 Proof of Concept for CVE-2026-28995 — Path Traversal vulnerability in App Intents on iOS 26.4.2 and below.
CVE-2026-28995HIGH03 Jul 2026
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 an
41RISK
open
GitHub PoC1
1beelze/CVE-2026-11387
CVE-2026-11387CRITICAL03 Jul 2026
SMS Alert <= 3.9.5 - Unauthenticated Privilege Escalation via Arbitrary Password Reset
48RISK
open
GitHub PoC
Pardus Software Local Privilege Escalation PoC - affected from <= 1.0.4
CVE-2026-14459HIGH03 Jul 2026
Argument Injection in TUBITAK BILGEM's pardus-software
41RISK
open
GitHub PoC2
CVE-2026-8451
CVE-2026-8451HIGH03 Jul 2026
Insufficient input validation leading to memory overread
41RISK
open
GitHub PoC1
Page Builder CK for Joomla - Unauthenticated SSRF / Remote File Write leading to PHP execution Exploiter
CVE-2026-56290CRITICAL03 Jul 2026
Joomla Extension - joomlack.fr - Unauthenticated file upload in Page Builder CK extension < 3.6.0
48RISK
open
GitHub PoC
CVE-2026-54477: Admin Panel Missing Security Headers (clickjacking/XSS) - Gardyn (ICSA-26-183-03)
CVE-2026-54477MEDIUM02 Jul 2026
Gardyn IoT Hub Improper Neutralization of HTTP Headers for Scripting Syntax
33RISK
open
GitHub PoC
kaleth4/CVE-2026-55200
CVE-2026-55200CRITICAL02 Jul 2026
libssh2 - Out-of-Bounds Write via Unchecked packet_length in transport.c
48RISK
open
GitHub PoC
CVE-2026-55726: Publicly Listable Azure Blob Storage Container (device logs) - Gardyn (ICSA-26-183-03)
CVE-2026-55726MEDIUM02 Jul 2026
Gardyn IoT Hub Exposure of Sensitive System Information to an Unauthorized Control Sphere
33RISK
open
GitHub PoC1
kaleth4/CVE-2026-20896
CVE-2026-20896CRITICAL02 Jul 2026
Gitea Docker image trusts spoofable reverse-proxy headers by default
48RISK
open
GitHub PoC
DESIGN AND IMPLEMENTATION OF A VULNERABILITY SCANNER FOR CVE-2026-45498 IN MICROSOFT DEFENDER
CVE-2026-45498MEDIUMunder attack02 Jul 2026
Microsoft Defender Denial of Service Vulnerability
75RISK
open
GitHub PoC
CVE-2026-13768: Privileged iothubowner IoT Hub credential — fleet enumeration, device RCE, home-network pivot — Gardyn (ICSA-26-183-03)
CVE-2026-13768CRITICAL02 Jul 2026
Gardyn IoT Hub Use of Hard-coded Credentials
48RISK
open
GitHub PoC
Hunt-Benito/llama-factory-webui-rce-cve-2026-58116-trust-remote-code-model-path-injection
CVE-2026-58116CRITICAL02 Jul 2026
LLaMA-Factory 0.9.5 Remote Code Execution via WebUI Model Path
48RISK
open
GitHub PoC
Gorse < 0.5.10 contains an authentication bypass caused by empty admin_api_key in /api/dump and /api/restore endpoints, letting unauthenticated remote attackers access and modify protected data, exploit requires default empty admin_api_key configuration.
CVE-2026-56782CRITICAL02 Jul 2026
Gorse - Unauthenticated Database Dump and Restore via /api/dump and /api/restore Endpoints
63RISK
open
GitHub PoC
attarwahyup/Netscaler-CVE-2026-8451
CVE-2026-8451HIGH02 Jul 2026
Insufficient input validation leading to memory overread
41RISK
open
GitHub PoC
Crawl4AI <= 0.8.6 pre-auth RCE via AST sandbox escape (gi_frame.f_back.f_builtins chain) — CVSS 10.0
CVE-2026-53753CRITICAL02 Jul 2026
Crawl4AI: AST Sandbox Escape via gi_frame.f_back Chain - Pre-Auth RCE in Docker API
48RISK
open
VulnCheck XDB
info-leak
CVE-2026-8451HIGH02 Jul 2026
Insufficient input validation leading to memory overread
41RISK
open
previouspage 10 / 2,369next

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.