Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,062cataloged exploits
31,617CVEs with public exploitation
0lab-tested
AllExploit-DB 22,467Referência 19,791GitHub PoC 13,086VulnCheck XDB 8,069Nuclei 4,187Metasploit 3,462✓ verified onlyrecentpopularrisk
71,062 exploits
GitHub PoC
TryHackMe SOC Level 1 — Follina CVE-2022-30190, Nim C2, Chisel, PrintSpoofer, backdoor accounts
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
100RISK
open ↗GitHub PoC
webapp vulnerable to CVE-2021-44228
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISK
open ↗GitHub PoC★ 1
CVE-2024-3094 XZ Utils backdoor research - attack surface visualiser, system vulnerability checker, and general Linux CVE assessment tool
Xz: malicious code in distributed source
70RISK
open ↗GitHub PoC
kaleth4/CVE-2022-30190
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
100RISK
open ↗GitHub PoC
Apache HTTP Server 2.4.49 Path Traversal Vulnerability Reproduction
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
100RISK
open ↗GitHub PoC★ 1
CVE-2017-0144
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISK
open ↗GitHub PoC
CVE-2026-5513: Bookly <= 27.2 Stored XSS via Cookie (Unauthenticated)
Online Scheduling and Appointment Booking System – Bookly <= 27.2 - Unauthenticated Stored Cross-Site Scripting via 'bookly-customer-full-name' Cookie
41RISK
open ↗GitHub PoC
CVE-2026-5513 — Bookly ≤ 27.2 Stored XSS via Cookie
Online Scheduling and Appointment Booking System – Bookly <= 27.2 - Unauthenticated Stored Cross-Site Scripting via 'bookly-customer-full-name' Cookie
41RISK
open ↗VulnCheck XDB
info-leak
Zlib compressed protocol header length confusion may allow memory read
100RISK
open ↗GitHub PoC★ 4
CVE-2026-20245
Cisco Catalyst SD-WAN Controller Authenticated Privilege Escalation Vulnerability
76RISK
open ↗GitHub PoC★ 1
Defensive research notes for CVE-2026-5950, a BIND 9 resolver DoS vulnerability credited to Billy Baraja (BielraX).
Unbounded resend loop in BIND 9 resolver
33RISK
open ↗VulnCheck XDB
initial-access
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISK
open ↗GitHub PoC
CVE-2026-20253 - Splunk Enterprise
Unauthenticated Arbitrary File Creation and Truncation in a PostgreSQL Sidecar Service Endpoint in Splunk Enterprise
100RISK
open ↗GitHub PoC
Python RCE PoC with reverse-shell listener for CVE-2026-42945 (NGINX Rift)
NGINX ngx_http_rewrite_module vulnerability
60RISK
open ↗GitHub PoC
webshellseo8/CVE-2026-53787-POC-
Amasty Order Attributes for Magento 2 < 4.0.0 Unauthenticated Arbitrary File Upload
63RISK
open ↗VulnCheck XDB
info-leak
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
100RISK
open ↗GitHub PoC
CVE-2026-20127
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
100RISK
open ↗GitHub PoC
rohit-sundar/cve-2026-23744
REC in MCPJam inspector due to HTTP Endpoint exposes
75RISK
open ↗GitHub PoC
CVE-2025-14847 mongobleed python file
Zlib compressed protocol header length confusion may allow memory read
100RISK
open ↗GitHub PoC
CVE-2018-9276 — PRTG Network Monitor < 18.2.39 Authenticated RCE. For educational purposes and authorized penetration testing only.
An issue was discovered in PRTG Network Monitor before 18.2.39. An attacker who has access to the PRTG System Administra
100RISK
open ↗GitHub PoC
J1nKsC/CVE-2024-4367_test
A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js c
55RISK
open ↗GitHub PoC★ 1
CVE-2021-21425 - GravCMS 1.10.7 Unauthenticated RCE via Scheduler. Improved exploit with CLI args and auto base64 encoding.
Unauthenticated Arbitrary YAML Write/Update leads to Code Execution
85RISK
open ↗GitHub PoC★ 1
HTTP/2 Bomb: HPACK indexed-reference amplification + flow-control stall. A high school student's full protocol analysis (LaTeX). CVE-2026-49975, CVE-2026-47774.
Apache HTTP Server: mod_http2 denial of service
46RISK
open ↗GitHub PoC
Technical writeup and Proof of Concept (PoC) for CVE-2026-11417: OS Command Injection / Remote Code Execution (RCE) in AWS CDK's NodejsFunction.
OS Command Injection in NodejsFunction Bundling in aws-cdk-lib
41RISK
open ↗VulnCheck XDB
local
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool
100RISK
open ↗VulnCheck XDB
initial-access
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open ↗GitHub PoC★ 2
HTTP/2 Bomb (CVE-2026-49975) non-destructive vulnerability detector for Nginx / Apache httpd. Zero-dependency Python.
Apache HTTP Server: mod_http2 denial of service
46RISK
open ↗VulnCheck XDB
initial-access
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.