Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
13,140 exploits
GitHub PoC
My first hands-on Intel 471 threat hunting workshop experience investigating CVE-2023-46604 using Elastic SIEM, vulnerability intelligence, and post-exploitation detection.
CVE-2023-46604CRITICALunder attackransomware30 Apr 2026
Apache ActiveMQ, Apache ActiveMQ Legacy OpenWire Module: Unbounded deserialization causes ActiveMQ to be vulnerable to a remote code execution (RCE) attack
100RISK
open
GitHub PoC
TheMursalin/CVE-2025-32432
CVE-2025-32432CRITICALunder attack30 Apr 2026
Craft CMS Allows Remote Code Execution
100RISK
open
GitHub PoC
Unauthenticated time-based blind SQL injection PoC for VICIdial CVE-2024-8503, with metadata extraction, resumable scans, and strict safety limits.
CVE-2024-8503CRITICAL29 Apr 2026
VICIdial Unauthenticated SQL Injection
85RISK
open
GitHub PoC1
Automated detection & exploitation of critical PHP vulnerabilities (CVE-2024-4577 bypass, CVE-2025-14177, CVE-2025-14180, CVE-2025-14178)
CVE-2024-4577CRITICALunder attackransomware29 Apr 2026
Argument Injection in PHP-CGI
100RISK
open
GitHub PoC433
Cross-platform C port of the Copy Fail Linux LPE (CVE-2026-31431). Disclosed 2026-04-29 by Theori / Xint.
CVE-2026-31431HIGHunder attack29 Apr 2026
crypto: algif_aead - Revert to operating out-of-place
100RISK
open
GitHub PoC
Wise-Security/CVE-2026-38945
CVE-2026-38945HIGH29 Apr 2026
Command injection in Raynet rvia version 12.6 Update 8 and previous versions allows adversaries to execute arbitrary cod
41RISK
open
GitHub PoC
dinhthihanhle1989-max/CVE-2024-29988
CVE-2024-29988HIGHunder attack29 Apr 2026
SmartScreen Prompt Security Feature Bypass Vulnerability
83RISK
open
GitHub PoC
Escaneo de vulnerabilidades, análisis de tráfico con Wireshark y explotación controlada del CVE-2011-2523 (vsftpd 2.3.4) en entorno de red segura.
CVE-2011-252329 Apr 2026
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
60RISK
open
GitHub PoC
MarkArtamonov/OpenNebula-CVE-2025-56535
CVE-2025-56535MEDIUM28 Apr 2026
A cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or
33RISK
open
GitHub PoC
MarkArtamonov/OpenNebula-CVE-2025-56537
CVE-2025-56537MEDIUM28 Apr 2026
A stored cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 and fixed in v.7.0 allows attackers to execute
33RISK
open
GitHub PoC
MarkArtamonov/OpenNebula-CVE-2025-56534
CVE-2025-56534MEDIUM28 Apr 2026
A cross-site scripting (XSS) vulnerability in the custom authenticator driver of opennebula v6.10.0.1 allows attackers t
33RISK
open
GitHub PoC7
Time-based SQL injection PoC for CVE-2024-51482 in ZoneMinder, with reproducible Docker lab and automated data extraction.
CVE-2024-51482CRITICAL28 Apr 2026
Boolean-based SQL Injection in ZoneMinder v1.37.* <= 1.37.64
75RISK
open
GitHub PoC
MarkArtamonov/OpenNebula-CVE-2025-56536
CVE-2025-56536MEDIUM28 Apr 2026
A stored cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 allows attackers to execute arbitrary web scri
33RISK
open
GitHub PoC
B1gN0Se/PwnKit_CVE-2021-4034
CVE-2021-4034HIGHunder attack28 Apr 2026
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool
100RISK
open
GitHub PoC
Log4Shell (CVE-2021-44228) defense lab — nginx + Coraza WAF dynamic module + OWASP CRS v4. Educational use only.
CVE-2021-44228CRITICALunder attackransomware28 Apr 2026
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISK
open
GitHub PoC1
POC for CVE-2026-39816 which allows NiFi users without execute code permissions to run arbitrary scripts
CVE-2026-39816HIGH28 Apr 2026
Apache NiFi: Missing Execute Code Required Permission on TinkerpopClientService
21RISK
open
GitHub PoC
Esta falla permite a un atacante remoto y sin ningún tipo de autenticación acceder directamente a los tickets de soporte, casos internos y a todos sus archivos adjuntos confidenciales. Al iterar y descargar de forma automatizada los registros de Aranda, dejando la información sensible expuesta a una exfiltración masiva.
CVE-2025-67223HIGH28 Apr 2026
The Aranda File Server (AFS) component in Aranda Software Aranda Service Desk before 8.3.12 stores daily activity logs w
41RISK
open
GitHub PoC
Multiple CVEs (CVE-2026-38934, CVE-2026-38935, CVE-2026-38936) discovered in diskover-community including CSRF and XSS vulnerabilities with proof-of-concept and impact analysis.
CVE-2026-38934HIGH27 Apr 2026
Cross Site Request Forgery vulnerability in diskoverdata diskover-community v.2.3.5. and before allows a remote attacker
41RISK
open
GitHub PoC1
melikesraoz/cve-2022-39227-jwt-auth-bypass-demo
CVE-2022-39227CRITICAL27 Apr 2026
Python-jwt subject to Authentication Bypass by Spoofing
48RISK
open
GitHub PoC
Analysis and PoC for CVE-2018-14847, MikroTik RouterOS Winbox information disclosure vulnerability allowing unauthenticated read access to the credential database.
CVE-2018-14847CRITICALunder attack27 Apr 2026
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated
100RISK
open
GitHub PoC
kaleth4/CVE-2021-44228
CVE-2021-44228CRITICALunder attackransomware27 Apr 2026
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISK
open
GitHub PoC
A black box penetration test on HackTheBox's CCTV machine achieving full root compromise via four vulnerabilities: default credentials, SQL injection (CVE-2024-51482), password hash cracking, and Remote Code Execution in motionEye (CVE-2025-60787)
CVE-2025-60787HIGH26 Apr 2026
MotionEye v0.43.1b4 and before is vulnerable to OS Command Injection in configuration parameters such as image_file_name
61RISK
open
GitHub PoC
A black box penetration test on HackTheBox's CCTV machine achieving full root compromise via four vulnerabilities: default credentials, SQL injection (CVE-2024-51482), password hash cracking, and Remote Code Execution in motionEye (CVE-2025-60787)
CVE-2024-51482CRITICAL26 Apr 2026
Boolean-based SQL Injection in ZoneMinder v1.37.* <= 1.37.64
75RISK
open
GitHub PoC
patch-manager
CVE-2019-1428725 Apr 2026
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and se
35RISK
open
GitHub PoC
bhatbhupendra/Moniker-Link--CVE-2024-21413-
CVE-2024-21413CRITICALunder attack25 Apr 2026
Microsoft Outlook Remote Code Execution Vulnerability
100RISK
open
GitHub PoC
Web application penetration testing project targeting a WordPress environment. Includes exploitation of CVE-2019-9978, reverse shell execution, post-exploitation steps, and full pentesting report.
CVE-2019-9978MEDIUMunder attack25 Apr 2026
The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_optio
100RISK
open
GitHub PoC
CMS Simple CVE Recode Script Python 3
CVE-2019-905325 Apr 2026
An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve
35RISK
open
GitHub PoC
CVE-2024-3273 — Authorized Penetration Test Report D-Link DNS-320L NAS | Client: Otonata
CVE-2024-3273HIGHunder attack25 Apr 2026
D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi command injection
100RISK
open
GitHub PoC1
im2sinister/CVE-2021-41773
CVE-2021-41773HIGHunder attackransomware25 Apr 2026
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
100RISK
open
GitHub PoC
Cybersecurity-Enthusiasts-CE/CVE-2025-55182-Researching-process
CVE-2025-55182CRITICALunder attackransomware25 Apr 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.