Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,002cataloged exploits
31,582CVEs with public exploitation
AllExploit-DB 22,467Referência 19,780GitHub PoC 13,048VulnCheck XDB 8,060Nuclei 4,185Metasploit 3,462recentpopularrisk
22,467 exploits
Exploit-DB
ZTE ZXHN H188A V6 - Authentication Bypass
Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2_TE and V6.0.10P3N3_TE allows u
41RISK
open ↗Exploit-DB
scramble - Remote Code Execution
Scramble: Remote code execution via evaluation of user-controlled input in validation rules
63RISK
open ↗Exploit-DB
EspoCRM 9.3.3 - SSRF
EspoCRM has authenticated SSRF via internal-host validation bypass using alternative IPv4 notation
48RISK
open ↗Exploit-DB
Realtek rtl819x - Local Privilege
The rtl8192cd Wi-Fi kernel driver in the Realtek rtl819x Jungle SDK (all known versions through v3.4.14B) does not perfo
41RISK
open ↗Exploit-DB
MeiG Smart FORGE_SLT711 - OS Command Injection
The GoAhead web server on MeiG Smart FORGE_SLT711 devices (firmware MDM9607.LE.1.0-00110-STD.PROD-1) allows unauthentica
53RISK
open ↗Exploit-DB
Linux Kernel - Local Privilege Escalation
xfrm: esp: avoid in-place decrypt on shared skb frags
78RISK
open ↗Exploit-DB
Linux Kernel - Local Privilege Escalation
rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present
78RISK
open ↗Exploit-DB
Grav CMS 2.0.0-beta.2 - Remote Code Execution
Grav: Remote Code Execution (RCE) via Malicious Plugin ZIP Upload in Direct Install Feature
48RISK
open ↗Exploit-DB
cPanel - CRLF Injection
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RISK
open ↗Exploit-DB
Wordpress Temporary Login Plugin 1.0.0 - 'temp-login-token' Authentication Bypass to Account Takeover
Temporary Login <= 1.0.0 - Authentication Bypass to Account Takeover
48RISK
open ↗Exploit-DB
Apache HTTP Server 2.4.66 - 'mod_http2' Double-Free Denial of Service
Apache HTTP Server: http2: double free and possible RCE on early reset
53RISK
open ↗Exploit-DB
FUXA 1.2.9 - RCE
FUXA Unauthenticated Remote Code Execution via Arbitrary File Write in Upload API
48RISK
open ↗Exploit-DB
Cockpit 359 - RCE
Cockpit: cockpit: unauthenticated remote code execution due to ssh command-line argument injection
68RISK
open ↗Exploit-DB
Windows Snipping Tool - NTLMv2 Hash Hijack
Windows Snipping Tool Spoofing Vulnerability
33RISK
open ↗Exploit-DB
PJPROJECT 2.16 - Heap Bufferoverflow
PJSIP has a heap buffer overflow in ICE with long username
41RISK
open ↗Exploit-DB
ePati Antikor NGFW 2.0.1301 - Authentication Bypass
Authentication Bypass in ePati's Antikor NGFW
48RISK
open ↗Exploit-DB
WordPress Plugin Supsystic Contact Form 1.7.36 - SSTI
Contact Form by Supsystic <= 1.7.36 - Unauthenticated Server-Side Template Injection via Prefill Functionality
75RISK
open ↗Exploit-DB
glances 4.5.2 - command injection
Glances Vulnerable to Command Injection via Dynamic Configuration Values
41RISK
open ↗Exploit-DB
coreruleset 4.21.0 - Firewall Bypass
OWASP CRS has multipart bypass using multiple content-type parts
53RISK
open ↗Exploit-DB
Ninja Forms Uploads - Unauthenticated PHP File Upload
Ninja Forms - File Upload <= 3.3.26 - Unauthenticated Arbitrary File Upload
75RISK
open ↗Exploit-DB
Flowise < 3.0.5 - Missing Authentication for Critical Function
Flowise Cloud and Local Deployments have Unauthenticated Password Reset Token Disclosure that Leads to Account Takeover
75RISK
open ↗Exploit-DB
ThingsBoard IoT Platform 4.2.0 - Server-Side Request Forgery (SSRF)
ThingsBoard < v4.2.1 SVG Image SSRF
33RISK
open ↗Exploit-DB
NocoBase 2.0.27 - VM Sandbox Escape
NocoBase Affected by Sandbox Escape to RCE via console._stdout Prototype Chain Traversal in Workflow Script Node
75RISK
open ↗Exploit-DB
telnetd 2.7 - Buffer Overflow
telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption
53RISK
open ↗Exploit-DB
Bludit CMS 3.18.4 - RCE
Remote Code Execution via Unrestricted File Upload in Bludit
41RISK
open ↗Exploit-DB
Windows 11 24H2 - Local Privilege Escalation
Windows HTTP.sys Elevation of Privilege Vulnerability
41RISK
open ↗Exploit-DB
MindsDB 25.9.1.1 - Path Traversal
MindsDB has Path Traversal in /api/files Leading to Remote Code Execution
61RISK
open ↗Exploit-DB
Linksys E1200 2.0.04 - Authenticated Stack Buffer Overflow (RCE)
A stack-based buffer overflow exists in the get_merge_ipaddr function of the httpd binary on Linksys E1200 v2 routers (F
41RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.