Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,116VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
71,114 exploits
VulnCheck XDB
initial-access
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions t
100RISK
open ↗GitHub PoC
AzDevops143/FRAGNESIA-Charan-cve-2026-46300
net: skbuff: preserve shared-frag marker during coalescing
41RISK
open ↗GitHub PoC
Dhananjayasj/CVE-2026-34156-NocoBase-Sandbox-Escape-via-Workflow-Execution-Vulnerability-
NocoBase Affected by Sandbox Escape to RCE via console._stdout Prototype Chain Traversal in Workflow Script Node
75RISK
open ↗GitHub PoC★ 3
Reproducible Docker lab for CVE-2024-21182 — Oracle WebLogic T3/IIOP OpaqueReference JNDI injection → unauthenticated RCE (CVE-2023-21839 patch-bypass family). One-command validate.sh.
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions t
83RISK
open ↗Metasploit500
HP Poly Voice Unauthenticated Remote Code Execution
Poly Voice – Possible Remote Control of Certain Poly Devices
48RISK
open ↗GitHub PoC★ 208
CVE-2026-41089 PoC — Netlogon CLDAP stack buffer overflow (CVSS 9.8 CRITICAL)
Windows Netlogon Remote Code Execution Vulnerability
70RISK
open ↗GitHub PoC
tematemaru/CVE-2026-31431-simple-test
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC★ 1
Exploits the CVE-2026-0257 vulnerability by forging a GlobalProtect authentication override cookie using the TLS server's public key.
PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities
100RISK
open ↗GitHub PoC
PAN-OS: GlobalProtect Authentication Bypass
PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities
100RISK
open ↗Exploit-DB
Drupal Core 10.5.5 - Error-Based SQL Injection
Drupal core - Highly critical - SQL injection - SA-CORE-2026-004
100RISK
open ↗GitHub PoC
SSRF — CVE-2026-44578 Scanner & Exploit ║ ║ Next.js WebSocket Upgrade Handler SSRF
Next.js: Server-side request forgery in applications using WebSocket upgrades
68RISK
open ↗GitHub PoC
Automated defect verification tool for 6 dnsmasq CVEs (CVE-2026-2291, 4890, 4891, 4892, 4893, 5172)
CVE-2026-2291
41RISK
open ↗VulnCheck XDB
initial-access
WP Maps Pro <= 6.1.0 - Unauthenticated Privilege Escalation via Administrator Account Creation to wpgmp_temp_access_ajax AJAX Action
48RISK
open ↗VulnCheck XDB
initial-access
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment
100RISK
open ↗GitHub PoC★ 2
A Go implementation of CIFSwitch (CVE-2026-46243)
smb: client: reject userspace cifs.spnego descriptions
41RISK
open ↗GitHub PoC
afifudinmtop/MCPJam-Inspector-1.4.2-Remote-Code-Execution-CVE-2026-23744
REC in MCPJam inspector due to HTTP Endpoint exposes
75RISK
open ↗GitHub PoC
CVE analysis of CVE-2025-40536, SolarWinds Web Help Desk security control bypass (CVSS 8.1). Covers vulnerability mechanics, attack chain with companion RCE CVEs, Storm-2603 threat actor attribution, MITRE ATT&CK mapping, and detection/remediation guidance for DoD and government environments.
SolarWinds Web Help Desk Security Control Bypass Vulnerability
100RISK
open ↗GitHub PoC
Strapi CVE-2026-27886. Leaking sensitive data via relational filtering due to lack of query sanitization
Strapi may leak sensitive data via relational filtering due to lack of query sanitization
48RISK
open ↗GitHub PoC★ 2
DeepSecurityResearch/CVE-2026-2586
An authenticated Remote Code Execution (RCE) vulnerability was identified in GlassFish's Administration Console. A user
48RISK
open ↗Exploit-DB
WordPress OrderConvo 14 - Path Traversal
OrderConvo < 14 - Unauthenticated Arbitrary File Read
56RISK
open ↗GitHub PoC
CVE-2026-9560 - Draft
Privilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows attackers to execute
48RISK
open ↗GitHub PoC
ICT279 Vulnerability Detection and Mitigation Project using CVE-2025-24813 in an Internet Banking Environment
Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT
100RISK
open ↗GitHub PoC★ 8
p3Nt3st3r-sTAr/CVE-2026-8732-POC
WP Maps Pro <= 6.1.0 - Unauthenticated Privilege Escalation via Administrator Account Creation to wpgmp_temp_access_ajax AJAX Action
48RISK
open ↗GitHub PoC
CVE-2026-8732 - Draft (WordPress)
WP Maps Pro <= 6.1.0 - Unauthenticated Privilege Escalation via Administrator Account Creation to wpgmp_temp_access_ajax AJAX Action
48RISK
open ↗GitHub PoC
CVE-2026-24061 — GNU InetUtils Telnetd Authentication Bypass Scanner
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment
100RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.