Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,053cataloged exploits
31,617CVEs with public exploitation
0lab-tested
AllExploit-DB 22,467Referência 19,791GitHub PoC 13,086VulnCheck XDB 8,060Nuclei 4,187Metasploit 3,462✓ verified onlyrecentpopularrisk
13,086 exploits
GitHub PoC
PoC for CVE-2026-56423: MISP deleteSelection broken access control (CWE-862, contributor hard-deletes other orgs' Event Reports/Sharing Groups, CVSS 8.8)
MISP Core: Broken access control allows instance-wide unauthorized deletion of event reports and sharing groups via bulk deletion endpoints
48RISK
open ↗GitHub PoC
Dr-D25/CVE-2026-49049
Joomla Extension - joomshaper.com - Unauthenticated access to Helix3 template ajax handler
41RISK
open ↗GitHub PoC
Exploitability PoC for CVE-2026-9558 (SSTI Mautic Theme)
A Server-Side Template Injection (SSTI) vulnerability exists in Mautic's theme engine. The platform renders uploaded Twi
48RISK
open ↗GitHub PoC
Reproducer for CVE-2026-40860 — Apache Camel camel-jms/sjms/amqp JMS ObjectMessage unsafe deserialization (RCE)
Apache Camel: Unsafe Deserialization of JMS ObjectMessage in camel-jms, camel-sjms, camel-sjms2 and camel-amqp
48RISK
open ↗GitHub PoC★ 1
inforcqb/CVE-2026-43499-pja110
rtmutex: Use waiter::task instead of current in remove_waiter()
41RISK
open ↗GitHub PoC
caspy123/CVE-2026-43499
rtmutex: Use waiter::task instead of current in remove_waiter()
41RISK
open ↗GitHub PoC
CVE-2026-28992 IOHIDFamily FastPathUserClient race condition PoC — security research
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7
33RISK
open ↗GitHub PoC★ 1
Reproducer for CVE-2026-40858 — Apache Camel camel-infinispan remote aggregation repository unsafe deserialization (RCE)
Apache Camel: Camel-Infinispan: Unsafe Deserialization in Remote Aggregation Repository
41RISK
open ↗GitHub PoC★ 1
CVE-2026-50181 / GHSA-fg23-3346-88f5: Langroid path traversal advisory landing page
Langroid: Path traversal in the file tools allows read/write outside configured current directory
41RISK
open ↗GitHub PoC
Laboratory validation of CVE-2026-48908 in Joomla SP Page Builder, covering unauthorized icon upload, PHP file write, code execution as www-data, auditd and PCAP evidence, event timeline reconstruction, and SOC detection recommendations. Includes Polish and English reports.
Joomla Extension - joomshaper.com - Remote Code Execution in SP Pagebuilder extension for Joomla < 6.6.2
48RISK
open ↗GitHub PoC
cazzysoci/cve-2026-48908
Joomla Extension - joomshaper.com - Remote Code Execution in SP Pagebuilder extension for Joomla < 6.6.2
48RISK
open ↗GitHub PoC★ 1
CVE-2026-53571 `server.fs.deny` bypass on Windows alternate paths PoC.
Vite: `server.fs.deny` bypass on Windows alternate paths
41RISK
open ↗GitHub PoC
CVE-2026-50746... - Draft
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Conne
48RISK
open ↗GitHub PoC★ 1
CVE-2026-50131 / GHSA-xw9q-2mv6-9fr8: Fedify incomplete SSRF mitigation advisory landing page
Fedify has an incomplete SSRF mitigation after GHSA-p9cg-vqcc-grcx: validatePublicUrl allows special-use IPv4 ranges
41RISK
open ↗GitHub PoC★ 2
CVE-2026-53359漏洞补丁
KVM: x86: Fix shadow paging use-after-free due to unexpected role
23RISK
open ↗GitHub PoC
Reproducer for CVE-2026-40473: Apache Camel camel-mina MinaConverter.toObjectInput unsafe deserialization (RCE over TCP/UDP)
Apache Camel Mina: Unsafe Deserialization in MinaConverter.toObjectInput() via TCP/UDP
41RISK
open ↗GitHub PoC
PoC for CVE-2026-49230: Apache APISIX jwe-decrypt authentication bypass (missing AES-GCM tag validation, CWE-354, CVSS 9.1)
Apache APISIX: Authentication bypass in jwe-decrypt
33RISK
open ↗GitHub PoC★ 2
tc3650/CVE-2026-43499-armv7
rtmutex: Use waiter::task instead of current in remove_waiter()
41RISK
open ↗GitHub PoC★ 1
0x00phantom-hat/CVE-2026-12400-Exploit
FlowForms <= 1.1.1 - Authenticated (Contributor+) Insecure Direct Object Reference to Arbitrary Form Modification via REST API '/flowforms/v1/forms/{id}' Endpoints
33RISK
open ↗GitHub PoC
Public disclosure for CVE-2026-52100 (CSRF) & CVE-2026-52101 (SSRF) in linx-server. MITRE assigned the CVEs; this repo provides a public reference and helps affected users understand the risk.
Cross Site Request Forgery vulnerability in andreimarcu linux-server v.1.0 through v.2.3.8 allows a remote attacker to e
41RISK
open ↗GitHub PoC★ 1
lieehrdiansyah12/CVE-2026-43503
net: skbuff: propagate shared-frag marker through frag-transfer helpers
41RISK
open ↗GitHub PoC★ 154
yellow key bitlocker yellow screen bitlocker bitlocker recovery key CVE-2026-45585 microsoft account secure boot bypass command prompt windows 11 windows 10 surface pro uefi firmware encryption key data recovery troubleshoot boot loop cmd unlock drive setup guide tutorial
Windows BitLocker Security Feature Bypass Vulnerability
33RISK
open ↗GitHub PoC
包括能执行的命令探测和一键getshell(需要服务器部署服务)
OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager & MOVEit WAF
75RISK
open ↗GitHub PoC
Control Web Panel (CWP) vulnerability scenario related to CVE-2026-57517
Control Web Panel < 0.9.8.1225 Blind SQL Injection via userRes Parameter
48RISK
open ↗GitHub PoC
CVE-2026-41089 checker: unauthenticated, non-destructive detection for the Netlogon CLDAP stack buffer overflow (CVSS 9.8). Reports whether a domain controller's domain is long enough to crash, without sending the overflow. The binary-verified analysis the public PoCs got wrong.
Windows Netlogon Remote Code Execution Vulnerability
70RISK
open ↗GitHub PoC★ 44
OPPO Find N2 GhostLock (CVE-2026-43499) exploit adaptation
rtmutex: Use waiter::task instead of current in remove_waiter()
41RISK
open ↗GitHub PoC★ 11
Apache Solr instances that may be affected by CVE-2026-44825, related to Velocity Template Remote Code Execution (RCE) conditions.
Apache Solr: Enabling BasicAuth using bin/solr CLI configures additional insecure users
41RISK
open ↗GitHub PoC★ 2
Verificador de Vulnerabilidad: Bad Epoll (CVE-2026-46242)
eventpoll: fix ep_remove struct eventpoll / struct file UAF
41RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.