Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,116VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
13,116 exploits
GitHub PoC
Checker and fixer for all 13 vulnerabilities in the Next.js May 2026 security release (CVE-2026-23870)
A denial of service vulnerability could be triggered by sending specially crafted HTTP requests to server function endpo
41RISK
open ↗GitHub PoC★ 7
🚀 CVE-2026-0073 - Android ADB Wireless Debugging Exploit (CVSS 8.8) 🔓 Zero-click authentication bypass via TLS type confusion. Gain interactive shell, execute commands, scan networks. Educational red-team tool. 🐚⚡
In adbd_tls_verify_cert of auth.cpp, there is a possible bypass of wireless ADB mutual authentication due to a logic err
41RISK
open ↗GitHub PoC
Reproduced the fileless LPE CVE‑2026‑31431 (“Copy Fail”) on Kali Linux, then built auditd, Sigma & YARA detections to catch this stealthy kernel exploit that leaves no disk footprint.
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC
SessionReaper-CVE-2025-54236
Adobe Commerce | Improper Input Validation (CWE-20)
100RISK
open ↗GitHub PoC★ 3
A Bash implementation of copyfail (CVE-2026-31431)
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC
There is a path injection vulnerability in OpenPLC-v3, which arises from the program not performing any validity checks on the file path parameters passed in from the command line. Attackers can read any readable file by constructing malicious paths, posing a risk of information leakage.
A path injection vulnerability exists in OpenPLC v3 (2c82b0e79c53f8c1f1458eee15fec173400d6e1a) as the binary program com
33RISK
open ↗GitHub PoC★ 254
Full exploit code for CVE-2026-40369 - A Windows kernel arbitrary write vulnerability that allows browser sandbox escape from all browsers render process sandbox
Windows Kernel Elevation of Privilege Vulnerability
41RISK
open ↗GitHub PoC
pixelotes/lab-cve-2023-4863
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to
93RISK
open ↗GitHub PoC
rootdirective-sec/CVE-2026-33626-Lab
LMDeploy Vulnerable to Server-Side Request Forgery (SSRF) via Vision-Language Image Loading
68RISK
open ↗GitHub PoC
this little script blocks the new splice-ram-privlilleg ecalation fastly befor the contributers do it ( CVE-2026-31431) (CopyFail fix)
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC
OOB verifier for GHSA-c4j6-fc7j-m34r / CVE-2026-44578 (Next.js WebSocket-upgrade SSRF)
Next.js: Server-side request forgery in applications using WebSocket upgrades
68RISK
open ↗GitHub PoC★ 1
First CTF successfully completed! This repo documents my walkthrough of TryHackMe's Simple CTF. It covers network reconnaissance (Nmap), web exploitation (CVE-2019-9053), and credential cracking. As a dev, it was great to pivot from SQLi to a Root shell by leveraging Sudo misconfigurations. Educational purposes only.
An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve
35RISK
open ↗GitHub PoC★ 3
masjadaan/CVE-2025-29338
NXP moal.ko Wi-Fi driver 5.1.7.10 FW version from v17.92.1.p149.43 To v17.92.1.p149.157 was discovered to contain a buff
33RISK
open ↗GitHub PoC
CVE-2026-0001. Do with your own risk
SmarterTools SmarterMail < Build 9511 Authentication Bypass via Password Reset API
100RISK
open ↗GitHub PoC
Bencodin/CVE-2026-23918-poc
Apache HTTP Server: http2: double free and possible RCE on early reset
53RISK
open ↗GitHub PoC
copy-fail-CVE-2026-31431
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC★ 1
rootdirective-sec/CVE-2026-5718-Lab
Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.7 - Unauthenticated Arbitrary File Upload via Non-ASCII Filename Blacklist Bypass
56RISK
open ↗GitHub PoC
CVE-2023-4220 — Unauthenticated file upload RCE in Chamilo LMS ≤ 1.11.24. OSCP-style and auto exploit.
Chamilo LMS Unauthenticated Big Upload File Remote Code Execution
78RISK
open ↗GitHub PoC
lamaper/CVE-2026-52200
An issue in Generic OEM UZ801_v2.1 4G LTE Router V3.4.3 allows a remote attacker to execute arbitrary code via the /ajax
28RISK
open ↗GitHub PoC★ 29
PoC for CVE-2026-3609 - XIGNCODE3 xhunter1.sys handle leak enabling PPL bypass and LSASS dumping
XIGNCODE3 xhunter1.sys kernel driver contains a Privilege Escalation Vulnerability
33RISK
open ↗GitHub PoC
Working POC of CVE-2026-6664 written by Sonnet 4.6
PgBouncer integer overflow in PgBouncer network packet parsing
41RISK
open ↗GitHub PoC★ 20
azefzafyoussef/CVE-2026-34621
Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321)
71RISK
open ↗GitHub PoC★ 1
A CVE-2026-31431 implementation in c++ and inline assembly dependency free
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC
🛡️ One-command scanner for CVE-2026-45321 — TanStack npm supply-chain attack
Malware in 42 @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys
78RISK
open ↗GitHub PoC
Quick mitigation and patch script for CVE-2026-31431 (Copy Fail) on Ubuntu/Debian VPS
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC
SystemVll/CVE-2026-31431-copyfail-aarch64
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC
y0naldez/CVE-2024-28397-Js2Py-RCE
An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitrary code via a
48RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.