Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
71,114 exploits
VulnCheck XDB
initial-access
CVE-2026-42945CRITICAL28 May 2026
NGINX ngx_http_rewrite_module vulnerability
60RISK
open
GitHub PoC
rootdirective-sec/CVE-2026-47100-Analysis-Lab
CVE-2026-47100HIGH28 May 2026
Funnel Builder for WooCommerce Checkout < 3.15.0.3 Missing Authorization via AJAX
41RISK
open
VulnCheck XDB
initial-access
CVE-2026-31431HIGHunder attack28 May 2026
crypto: algif_aead - Revert to operating out-of-place
100RISK
open
GitHub PoC
EXPLOIT CVE-2026-8832
CVE-2026-8832HIGH28 May 2026
WPCode <= 2.3.5 - Authenticated (Author+) Remote Code Execution via CPT Capability Bypass via XML-RPC wp.newPost
41RISK
open
GitHub PoC
CVE-2023-26083-Mali-InfoLeak-PoC
CVE-2023-26083LOWunder attack28 May 2026
Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost
58RISK
open
GitHub PoC6
Proof-of-concept scripts for three vulnerabilities in Notepad++ <= 8.9.6, patched in v8.9.6.1 (2026-05-26) CVE-2026-48770 / CVE-2026-48778 / CVE-2026-48800
CVE-2026-48770MEDIUM28 May 2026
Notepad++ WM_COPYDATA COPYDATA_FULL_CMDLINE local DoS crash
33RISK
open
GitHub PoC
CVE-2026-35616 - Draft
CVE-2026-35616CRITICALunder attack28 May 2026
A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an unauthenticated atta
100RISK
open
GitHub PoC1
Intentionally-vulnerable nginx 1.30.0 CVE lab images (CVE-2026-40701/42934/42945/42946) for isolated security research. Lab use only.
CVE-2026-40701MEDIUM28 May 2026
NGINX ngx_http_ssl_module vulnerability
33RISK
open
GitHub PoC
quantumworld-dpdns-io/CVE-2026-42945
CVE-2026-42945CRITICAL28 May 2026
NGINX ngx_http_rewrite_module vulnerability
60RISK
open
GitHub PoC1
Full walkthrough of HTB's Reactor machine — exploit CVE-2025-55182 to gain a shell, then get root via an exposed Node.js debugger. Step-by-step with screenshots.
CVE-2025-55182CRITICALunder attackransomware28 May 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
GitHub PoC
A Marp slide deck about CVE-2025-53770
CVE-2025-53770CRITICALunder attackransomware28 May 2026
Microsoft SharePoint Server Remote Code Execution Vulnerability
100RISK
open
GitHub PoC
Isolated AD/Linux attack lab: exploited CVE-2007-2447 via Metasploit, detected with Wazuh SIEM mapped to MITRE ATT&CK (T1190, T1059)
CVE-2007-244728 May 2026
The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands
50RISK
open
GitHub PoC
Black-box web application penetration test of BadStore e-commerce platform. Covers SQL injection, CVE-2006-3918, HTTP request manipulation, OSINT-driven spear phishing, and MITRE ATT&CK-mapped findings.
CVE-2006-391828 May 2026
http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before
45RISK
open
GitHub PoC
This exploit is based on CVE-2019-6340 and was built upon the original exploit by leonjza and the Metasploit module, extending it can be executed multiple times against the same target without waiting for cache expiration.
CVE-2019-6340HIGHunder attack27 May 2026
Drupal core - Highly critical - Remote Code Execution
100RISK
open
GitHub PoC
PrintNightmare Report
CVE-2021-34527HIGHunder attackransomware27 May 2026
Windows Print Spooler Remote Code Execution Vulnerability
100RISK
open
GitHub PoC
this is a study about CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)
CVE-2021-3156HIGHunder attack27 May 2026
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege
100RISK
open
GitHub PoC
Dungsocool/CVE-2017-10271
CVE-2017-10271HIGHunder attackransomware27 May 2026
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supporte
100RISK
open
GitHub PoC3
Ghost Content API SQL Injection
CVE-2026-26980CRITICAL27 May 2026
Ghost has a SQL Injection in its Content API
75RISK
open
GitHub PoC
Lab 3: Supervisord XML-RPC Remote Code Execution (CVE-2017-11610) - Writeup and Exploit
CVE-2017-1161027 May 2026
The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows rem
60RISK
open
VulnCheck XDB
initial-access
CVE-2017-1161027 May 2026
The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows rem
60RISK
open
GitHub PoC
CVE-2026-45659
CVE-2026-45659HIGHunder attack27 May 2026
Microsoft SharePoint Remote Code Execution Vulnerability
71RISK
open
GitHub PoC
CVE-2026-45659 Microsoft SharePoint Server Deserialization RCE.
CVE-2026-45659HIGHunder attack27 May 2026
Microsoft SharePoint Remote Code Execution Vulnerability
71RISK
open
GitHub PoC
SOC336 - Windows OLE Zero-Click RCE Exploitation Detected (CVE-2025-21298) Walkthrough
CVE-2025-21298CRITICAL27 May 2026
Windows OLE Remote Code Execution Vulnerability
70RISK
open
GitHub PoC1
Starlette Host-Header URL Confusion Lab (X41-2026-002) - CVE-2026-48710
CVE-2026-48710MEDIUM27 May 2026
Starlette has missing Host header validation that poisons request.url.path, bypassing path-based security checks
48RISK
open
Exploit-DB
scramble - Remote Code Execution
CVE-2026-44262CRITICALwebappsphp27 May 2026
Scramble: Remote code execution via evaluation of user-controlled input in validation rules
63RISK
open
VulnCheck XDB
initial-access
CVE-2025-54123CRITICAL27 May 2026
Hoverfly vulnerable to remote code execution at `/api/v2/hoverfly/middleware` endpoint due to insecure middleware implementation
68RISK
open
GitHub PoC
Passive checker for CVE-2026-9082 / SA-CORE-2026-004 (Drupal core SQL injection, PostgreSQL)
CVE-2026-9082CRITICALunder attack27 May 2026
Drupal core - Highly critical - SQL injection - SA-CORE-2026-004
100RISK
open
GitHub PoC18
CVE-2026-27771 - Gitea/Forgejo Container Registry Auth Bypass Exploit PoC - Pull private container images without authentication
CVE-2026-27771HIGH27 May 2026
Gitea Composer package source links use insufficient permission checks
68RISK
open
GitHub PoC
Generate the poc for CVE-2026-4893: broken EDNS Client Subnet validation.
CVE-2026-4893MEDIUM27 May 2026
CVE-2026-4893
33RISK
open
GitHub PoC
Description
CVE-2022-22965CRITICALunder attack27 May 2026
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data b
100RISK
open
previouspage 42 / 2,371next

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.