Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,002cataloged exploits
31,582CVEs with public exploitation
22,467 exploits
Exploit-DB
ZTE ZXHN H188A V6 - Authentication Bypass
CVE-2026-34472HIGH29 May 2026
Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2_TE and V6.0.10P3N3_TE allows u
41RISK
open
Exploit-DB
scramble - Remote Code Execution
CVE-2026-44262CRITICAL27 May 2026
Scramble: Remote code execution via evaluation of user-controlled input in validation rules
63RISK
open
Exploit-DB
EspoCRM 9.3.3 - SSRF
CVE-2026-33534MEDIUM27 May 2026
EspoCRM has authenticated SSRF via internal-host validation bypass using alternative IPv4 notation
48RISK
open
Exploit-DB
Realtek rtl819x - Local Privilege
CVE-2026-36355HIGH27 May 2026
The rtl8192cd Wi-Fi kernel driver in the Realtek rtl819x Jungle SDK (all known versions through v3.4.14B) does not perfo
41RISK
open
Exploit-DB
MeiG Smart FORGE_SLT711 - OS Command Injection
CVE-2026-36356CRITICAL27 May 2026
The GoAhead web server on MeiG Smart FORGE_SLT711 devices (firmware MDM9607.LE.1.0-00110-STD.PROD-1) allows unauthentica
53RISK
open
Exploit-DB
Linux Kernel - Local Privilege Escalation
CVE-2026-43284HIGH27 May 2026
xfrm: esp: avoid in-place decrypt on shared skb frags
78RISK
open
Exploit-DB
Linux Kernel - Local Privilege Escalation
CVE-2026-43500HIGH27 May 2026
rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present
78RISK
open
Exploit-DB
Casdoor 3.54.1 - Arbitrary File Write via Path Traversal
CVE-2026-6815MEDIUM27 May 2026
CVE-2026-6815
33RISK
open
Exploit-DB
Grav CMS 2.0.0-beta.2 - Remote Code Execution
CVE-2026-42607CRITICAL26 May 2026
Grav: Remote Code Execution (RCE) via Malicious Plugin ZIP Upload in Direct Install Feature
48RISK
open
Exploit-DB
cPanel - CRLF Injection
CVE-2026-41940CRITICALunder attackransomware26 May 2026
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RISK
open
Exploit-DB
Wordpress Temporary Login Plugin 1.0.0 - 'temp-login-token' Authentication Bypass to Account Takeover
CVE-2026-7567CRITICAL26 May 2026
Temporary Login <= 1.0.0 - Authentication Bypass to Account Takeover
48RISK
open
Exploit-DB
Apache HTTP Server 2.4.66 - 'mod_http2' Double-Free Denial of Service
CVE-2026-23918HIGH26 May 2026
Apache HTTP Server: http2: double free and possible RCE on early reset
53RISK
open
Exploit-DB
FUXA 1.2.9 - RCE
CVE-2026-25895CRITICAL21 May 2026
FUXA Unauthenticated Remote Code Execution via Arbitrary File Write in Upload API
48RISK
open
Exploit-DB
Cockpit 359 - RCE
CVE-2026-4631CRITICAL21 May 2026
Cockpit: cockpit: unauthenticated remote code execution due to ssh command-line argument injection
68RISK
open
Exploit-DB
Windows Snipping Tool - NTLMv2 Hash Hijack
CVE-2026-33829MEDIUM15 May 2026
Windows Snipping Tool Spoofing Vulnerability
33RISK
open
Exploit-DB
PJPROJECT 2.16 - Heap Bufferoverflow
CVE-2026-25994HIGH14 May 2026
PJSIP has a heap buffer overflow in ICE with long username
41RISK
open
Exploit-DB
ePati Antikor NGFW 2.0.1301 - Authentication Bypass
CVE-2026-2624CRITICAL14 May 2026
Authentication Bypass in ePati's Antikor NGFW
48RISK
open
Exploit-DB
WordPress Plugin Supsystic Contact Form 1.7.36 - SSTI
CVE-2026-4257CRITICAL14 May 2026
Contact Form by Supsystic <= 1.7.36 - Unauthenticated Server-Side Template Injection via Prefill Functionality
75RISK
open
Exploit-DB
glances 4.5.2 - command injection
CVE-2026-33641HIGH13 May 2026
Glances Vulnerable to Command Injection via Dynamic Configuration Values
41RISK
open
Exploit-DB
coreruleset 4.21.0 - Firewall Bypass
CVE-2026-21876CRITICAL13 May 2026
OWASP CRS has multipart bypass using multiple content-type parts
53RISK
open
Exploit-DB
Ninja Forms Uploads - Unauthenticated PHP File Upload
CVE-2026-0740CRITICAL13 May 2026
Ninja Forms - File Upload <= 3.3.26 - Unauthenticated Arbitrary File Upload
75RISK
open
Exploit-DB
Flowise < 3.0.5 - Missing Authentication for Critical Function
CVE-2025-58434CRITICAL13 May 2026
Flowise Cloud and Local Deployments have Unauthenticated Password Reset Token Disclosure that Leads to Account Takeover
75RISK
open
Exploit-DB
Ghost CMS 6.19.0 - SQLi
CVE-2026-26980CRITICAL07 May 2026
Ghost has a SQL Injection in its Content API
75RISK
open
Exploit-DB
ThingsBoard IoT Platform 4.2.0 - Server-Side Request Forgery (SSRF)
CVE-2025-34282MEDIUM07 May 2026
ThingsBoard < v4.2.1 SVG Image SSRF
33RISK
open
Exploit-DB
NocoBase 2.0.27 - VM Sandbox Escape
CVE-2026-34156CRITICAL07 May 2026
NocoBase Affected by Sandbox Escape to RCE via console._stdout Prototype Chain Traversal in Workflow Script Node
75RISK
open
Exploit-DB
telnetd 2.7 - Buffer Overflow
CVE-2026-32746CRITICAL07 May 2026
telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption
53RISK
open
Exploit-DB
Bludit CMS 3.18.4 - RCE
CVE-2026-25099HIGH07 May 2026
Remote Code Execution via Unrestricted File Upload in Bludit
41RISK
open
Exploit-DB
Windows 11 24H2 - Local Privilege Escalation
CVE-2026-21250HIGH04 May 2026
Windows HTTP.sys Elevation of Privilege Vulnerability
41RISK
open
Exploit-DB
MindsDB 25.9.1.1 - Path Traversal
CVE-2026-27483HIGH04 May 2026
MindsDB has Path Traversal in /api/files Leading to Remote Code Execution
61RISK
open
Exploit-DB
Linksys E1200 2.0.04 - Authenticated Stack Buffer Overflow (RCE)
CVE-2025-60690HIGH04 May 2026
A stack-based buffer overflow exists in the get_merge_ipaddr function of the httpd binary on Linksys E1200 v2 routers (F
41RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.