Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
13,116 exploits
GitHub PoC
xd20111/CVE-2026-43284
CVE-2026-43284HIGH15 May 2026
xfrm: esp: avoid in-place decrypt on shared skb frags
78RISK
open
GitHub PoC3
In‑depth technical analysis of CVE‑2026‑41096, a critical heap overflow in Windows DNSAPI.dll enabling remote code execution via crafted DNS responses. Includes attack vectors, patch insights, and defensive guidance for security teams.
CVE-2026-41096CRITICAL15 May 2026
Windows DNS Client Remote Code Execution Vulnerability
48RISK
open
GitHub PoC
rootdirective-sec/CVE-2026-44338-Lab
CVE-2026-44338HIGH15 May 2026
PraisonAI ships and generates a legacy API server with authentication disabled by default, allowing unauthenticated workflow execution
61RISK
open
GitHub PoC
Astianjy/CVE-2026-42203
CVE-2026-42203HIGH15 May 2026
LiteLLM: Server-Side Template Injection in /prompts/test endpoint
41RISK
open
GitHub PoC
permite a un atacante remoto no autenticado leer archivos arbitrarios del sistema afectado mediante una inyección de XML External Entity (XXE)
CVE-2026-20224HIGH15 May 2026
Cisco Catalyst SD-WAN Manager XML External Entity Injection Vulnerability
41RISK
open
GitHub PoC2
CVE-2026-8181 PoC: Burst Statistics (3.4.0–3.4.1.1) authentication bypass. Python tool — single & multi-target scans, threaded workers, TXT reports. Authorized testing only. Maintainer: mürrez.
CVE-2026-8181CRITICAL15 May 2026
Burst Statistics 3.4.0 - 3.4.1.1 - Authentication Bypass to Admin Account Takeover
68RISK
open
GitHub PoC
Toshiba Qiomem.sys vulnerable driver POC (CVE-2026-56129)
CVE-2026-56129MEDIUM15 May 2026
Generic IO & Memory Access driver for PCs provided by TOSHIBA CORPORATION and Dynabook Inc. exposes its IOCTL with insuf
33RISK
open
GitHub PoC4
CVE-2026-42897 - Exchange Health Checker blind spot: outbound IIS URL Rewrite rules silently ignored, making EOMT mitigations invisible in diagnostic reports.
CVE-2026-42897HIGHunder attack15 May 2026
Microsoft Exchange Server Spoofing Vulnerability
71RISK
open
GitHub PoC3
Behavioral detection script for CVE-2026-42945 (NGINX Rift) — heap overflow in ngx_http_rewrite_module. No RCE, crash-based detection only.
CVE-2026-42945CRITICAL15 May 2026
NGINX ngx_http_rewrite_module vulnerability
60RISK
open
GitHub PoC
byezero/nginx-cve-2026-42945-check
CVE-2026-42945CRITICAL15 May 2026
NGINX ngx_http_rewrite_module vulnerability
60RISK
open
GitHub PoC
Centralized Wazuh SCA Assessment for CVE-2026-42945 on NGINX Servers
CVE-2026-42945CRITICAL15 May 2026
NGINX ngx_http_rewrite_module vulnerability
60RISK
open
GitHub PoC
Tester for CVE-2026-43284
CVE-2026-43284HIGH15 May 2026
xfrm: esp: avoid in-place decrypt on shared skb frags
78RISK
open
GitHub PoC
CVE-2026-44338
CVE-2026-44338HIGH15 May 2026
PraisonAI ships and generates a legacy API server with authentication disabled by default, allowing unauthenticated workflow execution
61RISK
open
GitHub PoC
# CVE-2026-42154 — Prometheus Remote Read Snappy DoS
CVE-2026-42154HIGH15 May 2026
Prometheus: remote read endpoint allows denial of service via crafted snappy payload
41RISK
open
GitHub PoC6
Automated exploitation scanner for Oracle Reports Server (rwservlet) — CVE-2012-3152 / CVE-2012-3153. Detects, fingerprints, reads files via LFI, tests SSRF via webhook, and uploads JSP shells. Targets Oracle Reports < 11g. For authorized use only.
CVE-2012-3152CRITICALunder attack15 May 2026
Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and
100RISK
open
GitHub PoC
Educational environment for LTAT.04.022 Homework 4.
CVE-2023-44487HIGHunder attack15 May 2026
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many
93RISK
open
GitHub PoC2
Working PoC for CVE-2025-32432 - Craft CMS <= 5.6.16 unauthenticated RCE via Yii2 PhpManager gadget + nginx access.log poisoning
CVE-2025-32432CRITICALunder attack15 May 2026
Craft CMS Allows Remote Code Execution
100RISK
open
GitHub PoC
tocong282/CVE-2026-44578-PoC
CVE-2026-44578HIGH15 May 2026
Next.js: Server-side request forgery in applications using WebSocket upgrades
68RISK
open
GitHub PoC1
forxiucn/nginx-cve-2026-42945-poc
CVE-2026-42945CRITICAL15 May 2026
NGINX ngx_http_rewrite_module vulnerability
60RISK
open
GitHub PoC18
Script Python para detecção de instâncias Nginx vulneráveis ao CVE-2026-42945 em IPs, CIDRs e ASNs.
CVE-2026-42945CRITICAL15 May 2026
NGINX ngx_http_rewrite_module vulnerability
60RISK
open
GitHub PoC
Medaz-Sploit/CVE-2025-9074-Docker-Desktop-API-Escape-PoC
CVE-2025-9074CRITICAL15 May 2026
Docker Desktop allows unauthenticated access to Docker Engine API from containers
48RISK
open
GitHub PoC4
jelasin/CVE-2026-42945
CVE-2026-42945CRITICAL15 May 2026
NGINX ngx_http_rewrite_module vulnerability
60RISK
open
GitHub PoC1
CVE-2026-42945: nginx-rift vulnerability analysis and detection script
CVE-2026-42945CRITICAL15 May 2026
NGINX ngx_http_rewrite_module vulnerability
60RISK
open
GitHub PoC1
VsFTPd 2.3.4 Backdoor Command Execution
CVE-2011-252315 May 2026
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
60RISK
open
GitHub PoC
LangFlow RCE | CVE-2026-0770 | Proof-Of-Concept
CVE-2026-0770CRITICAL15 May 2026
Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability
68RISK
open
GitHub PoC
Este proyecto tiene como objetivo demostrar de forma práctica el funcionamiento del exploit Dirty COW (CVE-2016-5195), una vulnerabilidad crítica del en el kernel de Linux. Se simula un escenario realista en el que un atacante con acceso local limitado a un sistema sin parchear logra escalar sus privilegios hasta obtener acceso completo como root.
CVE-2016-5195HIGHunder attack15 May 2026
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by lev
93RISK
open
GitHub PoC6
Nuclei templates for detecting CVE-2026-44578 (Next.js WebSocket Upgrade SSRF) with multi-cloud metadata validation, Next.js fingerprinting, and real-world scanning workflows. Includes references to the original NextSSRF research and exploit tooling.
CVE-2026-44578HIGH15 May 2026
Next.js: Server-side request forgery in applications using WebSocket upgrades
68RISK
open
GitHub PoC
nhh9905/CVE-2022-37969
CVE-2022-37969HIGHunder attack15 May 2026
Windows Common Log File System Driver Elevation of Privilege Vulnerability
76RISK
open
GitHub PoC13
CVE-2026-46300
CVE-2026-46300HIGH15 May 2026
net: skbuff: preserve shared-frag marker during coalescing
41RISK
open
GitHub PoC75
NextSSRF — CVE-2026-44578 Scanner & Exploit ║ ║ Next.js WebSocket Upgrade Handler SSRF
CVE-2026-44578HIGH15 May 2026
Next.js: Server-side request forgery in applications using WebSocket upgrades
68RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.