Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,841GitHub PoC 13,140VulnCheck XDB 8,078Nuclei 4,190Metasploit 3,462✓ verified onlyrecentpopularrisk
13,140 exploits
GitHub PoC★ 2
cPanel CVE-2026-41940 nuclear.x86 Security Audit & Cleanup Script
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RISK
open ↗GitHub PoC★ 2
CVE-2026-31431 - Copy Fail | Linux LPE via authencesn page cache write. Unprivileged user to root on most distros since 2017. PoC in C and Python.
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC
CVE-2026-31431 Kernel Fix Script
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC★ 2
george1-adel/CVE-2026-41940_exploit
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RISK
open ↗GitHub PoC★ 1
CVE-2025-59528 Proof of Concept
Flowise has Remote Code Execution vulnerability
85RISK
open ↗GitHub PoC
Exploitation of CVE-2023-44604. Using a Kali Linux VM (attacker) and a Debian 11 server VM (victim)
Apache ActiveMQ, Apache ActiveMQ Legacy OpenWire Module: Unbounded deserialization causes ActiveMQ to be vulnerable to a remote code execution (RCE) attack
100RISK
open ↗GitHub PoC★ 3
根据py版本,升级成了c和rust版本,带加密混淆、0依赖(仅技术学习与分享)
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC
My first hands-on Intel 471 threat hunting workshop experience investigating CVE-2023-46604 using Elastic SIEM, vulnerability intelligence, and post-exploitation detection.
Apache ActiveMQ, Apache ActiveMQ Legacy OpenWire Module: Unbounded deserialization causes ActiveMQ to be vulnerable to a remote code execution (RCE) attack
100RISK
open ↗GitHub PoC
Wazuh SCA Linux hardening policy for Copy Fail (CVE-2026-31431)
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC★ 10
DaemonSet для митигации уязвимости CVE-2026-31431 (Copy Fail)
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC★ 14
Copy Fail - CVE-2026-31431
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC★ 2
Temporarily removes the root password using CVE-2026-31431
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC
DaemonSet с реализацией временной меры для митигации уязвимости Copy Fail (CVE-2026-31431)
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC★ 2
Detection rules for CVE-2026-31431 Linux LPE Vulnerability - Credit: (Copy Fail) https://copy.fail
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC★ 31
BPF-LSM mitigation for CVE-2026-31431 (Copy Fail) — denies AF_ALG socket creation cluster-wide
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC★ 2
Temporarily removes the root password using CVE-2026-31431
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC
Black-box penetration test against HackSudo Thor : CVE-2014-6271 Shellshock RCE through Apache mod_cgi, chained with sudo misconfiguration and bash eval injection for full privilege escalation. Includes custom CSRF-aware brute force tooling and Metasploit RPC automation.
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which
100RISK
open ↗GitHub PoC★ 1
CVE-2026-31431 - Copy Fail PoC (Python 3.10+)
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC
Penetration test report for MegaQuagga Publishing documenting a six-phase engagement that chained CVE-2019-9978 and CVE-2023-4842 to achieve unauthenticated Remote Code Execution and a persistent Meterpreter session. Includes full methodology, exploitation evidence, and prioritized remediation recommendations.
The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_optio
100RISK
open ↗GitHub PoC
CVE-2026-43500 / CVE-2026-31431 / CVE-2026-43284 golang hotfix
rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present
78RISK
open ↗GitHub PoC
HackTheBox — CCTV (Easy/Linux) | CVE-2024-51482 + SqlMap+ SSH Key + Root
Boolean-based SQL Injection in ZoneMinder v1.37.* <= 1.37.64
75RISK
open ↗GitHub PoC★ 13
Detection, mitigation, and reverse-engineering tooling for CVE-2026-41940 (SessionScribe): the cPanel/WHM unauthenticated session-forgery vulnerability disclosed 2026-04-28. Defense-in-depth active mitigation shim, ModSec rule pack, remote probe, on-host IOC scanner, and per-tier RE snapshot collector. GPL v2.
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RISK
open ↗GitHub PoC
This project explores whether modern OpenSSH reveals valid usernames through subtle response or timing differences. CVE-2016-6210 user enumeration investigation ( Welch's t-test, Cohen's d, and detection engineering ) on a controlled lab on Ubuntu 22.04.5 LTS, it also examines the traces such attempts leave behind and how they can be detected..
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static
70RISK
open ↗GitHub PoC
Winrar Exploit CVE-2023-38831
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a
100RISK
open ↗GitHub PoC★ 91
High fidelity scanner for CVE-2026-41940 (cPanel & WHM authentication bypass)
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.