Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,116VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
13,116 exploits
GitHub PoC★ 1
Intune Remediation package for the CVE-2026-45585 YellowKey BitLocker/WinRE bypass mitigation described in the provided procedure. This package removes `autofstx.exe` from the offline WinRE image's `BootExecute` value and refreshes WinRE registration so BitLocker trust is reestablished.
Windows BitLocker Security Feature Bypass Vulnerability
33RISK
open ↗GitHub PoC★ 1
More portable POC of copyfail LPE (CVE-2026-31431) that works on Alpine Linux
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC
EXPOSURE demo target: Tomcat (CVE-2016-0714) + Apache Rave (CVE-2013-1814) + Java filter-padding deps
The users/get program in the User RPC API in Apache Rave 0.11 through 0.20 allows remote authenticated users to obtain s
60RISK
open ↗GitHub PoC
CVE-2026-45829
A pre-authentication, code injection vulnerability in version 1.0.0 or later of the ChromaDB Python project allows an un
53RISK
open ↗GitHub PoC
CVE-2026-5118 – Python2 mass exploit for Divi WordPress plugin Unauthenticated administrator registration via admin-ajax.php. Multi‑threaded scanner with nonce extraction.
Divi Form Builder <= 5.1.2 - Unauthenticated Privilege Escalation via 'role'
48RISK
open ↗GitHub PoC
Vulnerability Case Study: CVE-2026-33829 (Windows Snipping Tool NTLM Coercion)
Windows Snipping Tool Spoofing Vulnerability
33RISK
open ↗GitHub PoC
yangh-beep/CVE-2026-31431-C
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC
CVE-2026-31431-CopyFail---Minified-LPE-PoC
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC★ 4
0xFuffM3/CVE-2026-31635-DirtyDecrypt
rxrpc: fix oversized RESPONSE authenticator length check
41RISK
open ↗GitHub PoC★ 1
PoC for CVE-2026-9082 (Drupal SA-CORE-2026-004) Drupal Core SQLi
Drupal core - Highly critical - SQL injection - SA-CORE-2026-004
100RISK
open ↗GitHub PoC★ 20
Drupal Core PostgreSQL SQL Injection PoC - CVE-2026-9082. Ethical PoC for the Drupal vulnerability allowing anonymous SQL injection through the JSON:API module on PostgreSQL-backed sites.
Drupal core - Highly critical - SQL injection - SA-CORE-2026-004
100RISK
open ↗GitHub PoC★ 1
CVE-2026-9082
Drupal core - Highly critical - SQL injection - SA-CORE-2026-004
100RISK
open ↗GitHub PoC
Scanner para identificação de servidores com softwares SSH possivelmente vulnerável às CVEs CVE-2024-6387 e CVE-2023-48795.
Openssh: regresshion - race condition in ssh allows rce/dos
63RISK
open ↗GitHub PoC★ 2
CVE-2026-9082 | SA-CORE-2026-004
Drupal core - Highly critical - SQL injection - SA-CORE-2026-004
100RISK
open ↗GitHub PoC
CVE-2026-46680 exploit
containerd user ID handling bypass allows runAsNonRoot evasion
41RISK
open ↗GitHub PoC
Synthetic demo target for EXPOSURE — CVE-2018-21268 (traceroute) + CVE-2018-3757 (pdf-image)
The traceroute (aka node-traceroute) package through 1.0.0 for Node.js allows remote command injection via the host para
48RISK
open ↗GitHub PoC
hyperchk/CVE-2025-24071-POC
Microsoft Windows File Explorer Spoofing Vulnerability
38RISK
open ↗GitHub PoC★ 3
CVE-2026-42945 - NGINX Rift Toolkit
NGINX ngx_http_rewrite_module vulnerability
60RISK
open ↗GitHub PoC
A Go implementation of dirtyfrag (CVE-2026-43284 / CVE-2026-43500)
xfrm: esp: avoid in-place decrypt on shared skb frags
78RISK
open ↗GitHub PoC
Exploit for DirtyDecrypt - CVE-2026-31635 Local Privilege Escalation
rxrpc: fix oversized RESPONSE authenticator length check
41RISK
open ↗GitHub PoC
DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability
rxrpc: fix oversized RESPONSE authenticator length check
41RISK
open ↗GitHub PoC
julianertle/CVE-2023-0386-CTF
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities wa
86RISK
open ↗GitHub PoC★ 2
A Go implementation of fragnesia (CVE-2026-46300)
net: skbuff: preserve shared-frag marker during coalescing
41RISK
open ↗GitHub PoC★ 20
CVE-2026-31431-killed page-cache exploit — code exec into containers sharing the same image layer
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC
One-command scanner for the Mini Shai-Hulud npm supply-chain worm (CVE-2026-45321). Detect before rotating tokens.
Malware in 42 @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys
78RISK
open ↗GitHub PoC
Outdated Ghost CMS websites that have fallen become compromised from CVE-2026-26980 can suffer from spam code injection to pages. Use this to mass clear and edit code injection fields.
Ghost has a SQL Injection in its Content API
75RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.