Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,116VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
71,114 exploits
GitHub PoC
CVE-2026-45659 Microsoft SharePoint Server Deserialization RCE.
Microsoft SharePoint Remote Code Execution Vulnerability
71RISK
open ↗GitHub PoC★ 2
⚠️ DISCLAIMER: This tool is intended for authorized penetration testing and educational purposes only. Using this tool against systems without explicit written permission is illegal. The developers are not responsible for any misuse or damage caused.
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RISK
open ↗VulnCheck XDB
initial-access
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data b
100RISK
open ↗GitHub PoC
CVE-2026-27771 - Draft
Gitea Composer package source links use insufficient permission checks
68RISK
open ↗GitHub PoC
lwd3c/CVE-2026-47342
Apache OFBiz: Privilege Escalation via updateOrRemove Authorization Bypass
21RISK
open ↗VulnCheck XDB
local
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privile
91RISK
open ↗Exploit-DB
MeiG Smart FORGE_SLT711 - OS Command Injection
The GoAhead web server on MeiG Smart FORGE_SLT711 devices (firmware MDM9607.LE.1.0-00110-STD.PROD-1) allows unauthentica
53RISK
open ↗Exploit-DB
Realtek rtl819x - Local Privilege
The rtl8192cd Wi-Fi kernel driver in the Realtek rtl819x Jungle SDK (all known versions through v3.4.14B) does not perfo
41RISK
open ↗VulnCheck XDB
initial-access
Hoverfly vulnerable to remote code execution at `/api/v2/hoverfly/middleware` endpoint due to insecure middleware implementation
68RISK
open ↗VulnCheck XDB
initial-access
The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows rem
60RISK
open ↗GitHub PoC
CVE-2026-5172: buffer overflow in extract_addresses() on crafted resource record PoC
CVE-2026-5172
41RISK
open ↗GitHub PoC
0x00phantom-hat/Hoverfly-1.11.3-RCE-CVE-2025-54123-Exploit
Hoverfly vulnerable to remote code execution at `/api/v2/hoverfly/middleware` endpoint due to insecure middleware implementation
68RISK
open ↗Exploit-DB
EspoCRM 9.3.3 - SSRF
EspoCRM has authenticated SSRF via internal-host validation bypass using alternative IPv4 notation
48RISK
open ↗GitHub PoC
Passive checker for CVE-2026-9082 / SA-CORE-2026-004 (Drupal core SQL injection, PostgreSQL)
Drupal core - Highly critical - SQL injection - SA-CORE-2026-004
100RISK
open ↗GitHub PoC
SSRF Discovered in Mercator
Mercator CVE Configuration Vulnerable to Server-Side Request Forgery (SSRF)
33RISK
open ↗Exploit-DB
Linux Kernel - Local Privilege Escalation
rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present
78RISK
open ↗GitHub PoC
thinhap/CVE-2026-9082-PoC
Drupal core - Highly critical - SQL injection - SA-CORE-2026-004
100RISK
open ↗GitHub PoC
hadhub/CVE-2026-49344-Mercator-JSON-DSL
Mercator has a Personal Identifiable Information Leak from Query Executor feature
41RISK
open ↗GitHub PoC
Generate the poc for CVE-2026-4893: broken EDNS Client Subnet validation.
CVE-2026-4893
33RISK
open ↗GitHub PoC
xl337x/CVE-2023-31902
RPA Technology Mobile Mouse 3.6.0.4 is vulnerable to Remote Code Execution (RCE).
63RISK
open ↗GitHub PoC
CVE-2026-5718: Unauthenticated File Upload To RCE in DnD Upload CF7 Plugin
Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.7 - Unauthenticated Arbitrary File Upload via Non-ASCII Filename Blacklist Bypass
56RISK
open ↗GitHub PoC
xxconi/CVE-2026-6271
Career Section <= 1.7 - Unauthenticated Arbitrary File Upload
48RISK
open ↗GitHub PoC★ 10
ambionics/cve-2026-9082-drupal-postgresql-rce
Drupal core - Highly critical - SQL injection - SA-CORE-2026-004
100RISK
open ↗GitHub PoC★ 1
Cisco Catalyst SD-WAN Peering Authentication Bypass
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
100RISK
open ↗GitHub PoC
Dungsocool/CVE-2017-5638
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception ha
100RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.