Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,841GitHub PoC 13,140VulnCheck XDB 8,078Nuclei 4,190Metasploit 3,462✓ verified onlyrecentpopularrisk
13,140 exploits
GitHub PoC
My first hands-on Intel 471 threat hunting workshop experience investigating CVE-2023-46604 using Elastic SIEM, vulnerability intelligence, and post-exploitation detection.
Apache ActiveMQ, Apache ActiveMQ Legacy OpenWire Module: Unbounded deserialization causes ActiveMQ to be vulnerable to a remote code execution (RCE) attack
100RISK
open ↗GitHub PoC
Unauthenticated time-based blind SQL injection PoC for VICIdial CVE-2024-8503, with metadata extraction, resumable scans, and strict safety limits.
VICIdial Unauthenticated SQL Injection
85RISK
open ↗GitHub PoC★ 1
Automated detection & exploitation of critical PHP vulnerabilities (CVE-2024-4577 bypass, CVE-2025-14177, CVE-2025-14180, CVE-2025-14178)
Argument Injection in PHP-CGI
100RISK
open ↗GitHub PoC★ 433
Cross-platform C port of the Copy Fail Linux LPE (CVE-2026-31431). Disclosed 2026-04-29 by Theori / Xint.
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC
Wise-Security/CVE-2026-38945
Command injection in Raynet rvia version 12.6 Update 8 and previous versions allows adversaries to execute arbitrary cod
41RISK
open ↗GitHub PoC
dinhthihanhle1989-max/CVE-2024-29988
SmartScreen Prompt Security Feature Bypass Vulnerability
83RISK
open ↗GitHub PoC
Escaneo de vulnerabilidades, análisis de tráfico con Wireshark y explotación controlada del CVE-2011-2523 (vsftpd 2.3.4) en entorno de red segura.
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
60RISK
open ↗GitHub PoC
MarkArtamonov/OpenNebula-CVE-2025-56535
A cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or
33RISK
open ↗GitHub PoC
MarkArtamonov/OpenNebula-CVE-2025-56537
A stored cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 and fixed in v.7.0 allows attackers to execute
33RISK
open ↗GitHub PoC
MarkArtamonov/OpenNebula-CVE-2025-56534
A cross-site scripting (XSS) vulnerability in the custom authenticator driver of opennebula v6.10.0.1 allows attackers t
33RISK
open ↗GitHub PoC★ 7
Time-based SQL injection PoC for CVE-2024-51482 in ZoneMinder, with reproducible Docker lab and automated data extraction.
Boolean-based SQL Injection in ZoneMinder v1.37.* <= 1.37.64
75RISK
open ↗GitHub PoC
MarkArtamonov/OpenNebula-CVE-2025-56536
A stored cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 allows attackers to execute arbitrary web scri
33RISK
open ↗GitHub PoC
B1gN0Se/PwnKit_CVE-2021-4034
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool
100RISK
open ↗GitHub PoC
Log4Shell (CVE-2021-44228) defense lab — nginx + Coraza WAF dynamic module + OWASP CRS v4. Educational use only.
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISK
open ↗GitHub PoC★ 1
POC for CVE-2026-39816 which allows NiFi users without execute code permissions to run arbitrary scripts
Apache NiFi: Missing Execute Code Required Permission on TinkerpopClientService
21RISK
open ↗GitHub PoC
Esta falla permite a un atacante remoto y sin ningún tipo de autenticación acceder directamente a los tickets de soporte, casos internos y a todos sus archivos adjuntos confidenciales. Al iterar y descargar de forma automatizada los registros de Aranda, dejando la información sensible expuesta a una exfiltración masiva.
The Aranda File Server (AFS) component in Aranda Software Aranda Service Desk before 8.3.12 stores daily activity logs w
41RISK
open ↗GitHub PoC
Multiple CVEs (CVE-2026-38934, CVE-2026-38935, CVE-2026-38936) discovered in diskover-community including CSRF and XSS vulnerabilities with proof-of-concept and impact analysis.
Cross Site Request Forgery vulnerability in diskoverdata diskover-community v.2.3.5. and before allows a remote attacker
41RISK
open ↗GitHub PoC★ 1
melikesraoz/cve-2022-39227-jwt-auth-bypass-demo
Python-jwt subject to Authentication Bypass by Spoofing
48RISK
open ↗GitHub PoC
Analysis and PoC for CVE-2018-14847, MikroTik RouterOS Winbox information disclosure vulnerability allowing unauthenticated read access to the credential database.
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated
100RISK
open ↗GitHub PoC
kaleth4/CVE-2021-44228
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISK
open ↗GitHub PoC
A black box penetration test on HackTheBox's CCTV machine achieving full root compromise via four vulnerabilities: default credentials, SQL injection (CVE-2024-51482), password hash cracking, and Remote Code Execution in motionEye (CVE-2025-60787)
MotionEye v0.43.1b4 and before is vulnerable to OS Command Injection in configuration parameters such as image_file_name
61RISK
open ↗GitHub PoC
A black box penetration test on HackTheBox's CCTV machine achieving full root compromise via four vulnerabilities: default credentials, SQL injection (CVE-2024-51482), password hash cracking, and Remote Code Execution in motionEye (CVE-2025-60787)
Boolean-based SQL Injection in ZoneMinder v1.37.* <= 1.37.64
75RISK
open ↗GitHub PoC
patch-manager
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and se
35RISK
open ↗GitHub PoC
bhatbhupendra/Moniker-Link--CVE-2024-21413-
Microsoft Outlook Remote Code Execution Vulnerability
100RISK
open ↗GitHub PoC
Web application penetration testing project targeting a WordPress environment. Includes exploitation of CVE-2019-9978, reverse shell execution, post-exploitation steps, and full pentesting report.
The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_optio
100RISK
open ↗GitHub PoC
CMS Simple CVE Recode Script Python 3
An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve
35RISK
open ↗GitHub PoC
CVE-2024-3273 — Authorized Penetration Test Report D-Link DNS-320L NAS | Client: Otonata
D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi command injection
100RISK
open ↗GitHub PoC★ 1
im2sinister/CVE-2021-41773
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
100RISK
open ↗GitHub PoC
Cybersecurity-Enthusiasts-CE/CVE-2025-55182-Researching-process
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.