Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,116VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
71,114 exploits
GitHub PoC
CVE-2026-20182
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
100RISK
open ↗GitHub PoC★ 3
CVE-2026-41096: Heap Overflow in the Windows DNS Client
Windows DNS Client Remote Code Execution Vulnerability
48RISK
open ↗GitHub PoC
Ambiente Docker para demonstração prática da CVE-2025-54236 (SessionReaper): PHP Object Deserialization levando a RCE em Magento Open Source 2.4.7
Adobe Commerce | Improper Input Validation (CWE-20)
100RISK
open ↗GitHub PoC
CVE-2025-47812 Poc for wingdata HTB
In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection o
100RISK
open ↗GitHub PoC
Leemyunglyul/cve-2021-4034-mock
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool
100RISK
open ↗GitHub PoC
CMS Made Simple CVE-2019-9053 Exploit (Python 3)
An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve
35RISK
open ↗GitHub PoC★ 4
BitLocker TPM+PIN Hardening Against CVE-2026-45585 (YellowKey)
Windows BitLocker Security Feature Bypass Vulnerability
33RISK
open ↗VulnCheck XDB
initial-access
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
100RISK
open ↗GitHub PoC
Tracking the nginx CVE-2026-9256 rewrite-module heap overflow
NGINX ngx_http_rewrite_module vulnerability
48RISK
open ↗GitHub PoC★ 1
CVE-2026-39987 Exploitation Tool - Marimo < 0.23.0 Pre-Auth RCE (WebSocket)
marimo Affected by Pre-Auth Remote Code Execution via Terminal WebSocket Authentication Bypass
100RISK
open ↗GitHub PoC★ 1
Local Privilege Escalation in Amazon WorkSpaces via TOCTOU and Arbitrary File Write
Improper privilege management in the log rotation mechanism of the Skylight Workspace Config Service in Amazon WorkSpace
41RISK
open ↗GitHub PoC★ 2
copy_fail:CVE-2026-31431
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗VulnCheck XDB
initial-access
In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection o
100RISK
open ↗GitHub PoC
Lab detection exercise for DirtyFrag (CVE-2026-43284) - Linux kernel privilege escalation via xfrm-ESP page cache corruption. Full write-up covering exploit execution, detection gaps, and corrected EQL rules using Elastic Stack
xfrm: esp: avoid in-place decrypt on shared skb frags
78RISK
open ↗GitHub PoC
CVE-2025-55182 — Unauthenticated RCE in React Server Components (React2Shell). CVSS 10.0 exploit tool for authorized penetration testing.
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open ↗GitHub PoC
w3nch/CVE-2025-55182-in-go
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open ↗GitHub PoC
🎓 PoC Educativo para CVE-2026-23520. Laboratorio de análisis de vulnerabilidades y mitigación controlada. 🧪
Arcane has a Command Injection in Arcane Updater Lifecycle Labels Enables RCE
48RISK
open ↗GitHub PoC★ 1
CVE-2018-13379 mass exploiter for Fortinet FortiOS SSL VPN. Extracts credentials instantly, saves to CSV + PostgreSQL. Multi-threaded, no bullshit warnings.
An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.
100RISK
open ↗GitHub PoC
felisha-elmer/Sandbox-Challenge-Log4Shell-CVE-2021-44228-
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISK
open ↗GitHub PoC★ 1
renewablehacking/CVE-2025-55182-React-19.2.0
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open ↗VulnCheck XDB
info-leak
An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.
100RISK
open ↗GitHub PoC
Google Dorks for detecting CMS Made Simple < 2.2.10 SQL Injection (CVE-2019-9053). Built for security auditing and patch verification.
An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve
35RISK
open ↗GitHub PoC
Ethical Hacking Assessment | Practical vulnerability testing of vsftpd 2.3.4 backdoor (CVE-2011-2523) on Metasploitable2 using Kali Linux & Metasploit
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
60RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.