Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
13,140 exploits
GitHub PoC
bhatbhupendra/Moniker-Link--CVE-2024-21413-
CVE-2024-21413CRITICALunder attack25 Apr 2026
Microsoft Outlook Remote Code Execution Vulnerability
100RISK
open
GitHub PoC
DONKEY0xSHOT/CVE-2017-11882-Blocker
CVE-2017-11882HIGHunder attackransomware25 Apr 2026
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Mi
100RISK
open
GitHub PoC
LoGGGG2402/CVE-2025-27407
CVE-2025-27407CRITICAL25 Apr 2026
Remote code execution when loading a crafted GraphQL schema
48RISK
open
GitHub PoC2
CVE-2025-55177 + CVE-2025-43300: reverse-engineering the WhatsApp-ImageIO zero-click iOS chain, with interactive labs.
CVE-2025-55177MEDIUMunder attack24 Apr 2026
Incomplete authorization of linked device synchronization messages in WhatsApp for iOS prior to v2.25.21.73, WhatsApp Bu
63RISK
open
GitHub PoC
POC exploit for CVE-2026-25895 FUXA Unauthenticated Path Traversal -> Arbitrary File Write -> RCE
CVE-2026-25895CRITICAL24 Apr 2026
FUXA Unauthenticated Remote Code Execution via Arbitrary File Write in Upload API
48RISK
open
GitHub PoC
Runtime patches for algertc/alpr-dashboard: async logger fix and CVE-2025-29927 nginx mitigation
CVE-2025-29927CRITICAL24 Apr 2026
Authorization Bypass in Next.js Middleware
85RISK
open
GitHub PoC
AbokorMAHAMMADMOUSSE/CVE-2025-25279-Mattermost-Path-Traversal
CVE-2025-25279CRITICAL24 Apr 2026
Arbitrary file read in Mattermost Boards via import & export board archive
53RISK
open
GitHub PoC
Unauthenticated_RCE.CVE-2025-47812
CVE-2025-47812CRITICALunder attack24 Apr 2026
In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection o
100RISK
open
GitHub PoC
HTB Season 10 - Pterodactyl machine writeup. Medium Linux box covering CVE-2025-49132 (Pterodactyl Panel RCE) and CVE-2025-6018/6019 (udisks2 privilege escalation).
CVE-2025-49132CRITICAL24 Apr 2026
Pterodactyl Panel Allows Unauthenticated Arbitrary Remote Code Execution
68RISK
open
GitHub PoC
Poc for React2Shell CVE-2025-55182
CVE-2025-55182CRITICALunder attackransomware24 Apr 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
GitHub PoC
End-to-end cybersecurity project demonstrating detection and mitigation of CVE-2024-38063 using IDS, host-based monitoring, and virtual lab attack simulation.
CVE-2024-38063CRITICAL24 Apr 2026
Windows TCP/IP Remote Code Execution Vulnerability
70RISK
open
GitHub PoC1
its simple Shellshock exploit
CVE-2014-6271CRITICALunder attack24 Apr 2026
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which
100RISK
open
GitHub PoC2
CVE-2025-68645
CVE-2025-68645HIGHunder attack24 Apr 2026
A Local File Inclusion (LFI) vulnerability exists in the Webmail Classic UI of Zimbra Collaboration (ZCS) 10.0 and 10.1
98RISK
open
GitHub PoC
Bug Bounty: CVE-2023-50839 IDOR identified in a third-party support component via 'gau' and 'Nuclei'. Despite perimeter redirects, the outdated software remained exposed. Confirmed through manual header analysis. Severity: 5.3 (Medium). Focused on Defense in Depth failures and PII protection. Status: Reported on Intigriti.
CVE-2023-50839CRITICAL24 Apr 2026
WordPress JS Help Desk – Best Help Desk & Support Plugin <= 2.8.1 is vulnerable to SQL Injection
63RISK
open
GitHub PoC
End-to-end SOC investigation: CVE-2011-2523 kill chain, multi-source log correlation, incident report — MITRE ATT&CK T1190
CVE-2011-252324 Apr 2026
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
60RISK
open
GitHub PoC
HackTheBox TwoMillion machine writeup — API abuse, command injection & CVE-2023-0386
CVE-2023-0386HIGHunder attack23 Apr 2026
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities wa
86RISK
open
GitHub PoC1
Recreation and analysis of a curious logic error in Apache 2.4.49 that escalated to remote code execution
CVE-2021-41773HIGHunder attackransomware23 Apr 2026
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
100RISK
open
GitHub PoC
CVE-2024-3094
CVE-2024-3094CRITICAL23 Apr 2026
Xz: malicious code in distributed source
70RISK
open
GitHub PoC
Cybersecurity lab demonstrating exploitation of CVE-2017-0144 (EternalBlue) using Metasploit against a vulnerable Windows 7 VM, achieving SYSTEM-level access via Meterpreter. Includes full attack chain, post exploitation, and mitigation via MS17-010 patching, tested in an isolated ethical lab environment.
CVE-2017-0144HIGHunder attackransomware23 Apr 2026
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISK
open
GitHub PoC
Find jenkins environment and checks for CVE-2024-23897
CVE-2024-23897CRITICALunder attackransomware23 Apr 2026
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an
100RISK
open
GitHub PoC
Multi-Stage Attack Modeling and Detection of Log4Shell for CVE-2021-44228
CVE-2021-44228CRITICALunder attackransomware22 Apr 2026
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISK
open
GitHub PoC
jpselva/CVE-2023-4863
CVE-2023-4863HIGHunder attack22 Apr 2026
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to
93RISK
open
GitHub PoC
Security toolkit for CVE-2025-55182 (React2Shell) — scan, detect, correlate, and test React Server Components RCE vulnerability
CVE-2025-55182CRITICALunder attackransomware22 Apr 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
GitHub PoC
CVE-2019-15107 Webmin RCE (unauthenticated) exploit
CVE-2019-15107CRITICALunder attackransomware22 Apr 2026
An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnera
100RISK
open
GitHub PoC2
SQL Injection vulnerability in NASA EOSDIS MODAPS due to improper input validation in the `category` parameter. This flaw allows attackers to manipulate backend SQL queries, potentially leading to unauthorized data access and database compromise.
CVE-2024-46636CRITICAL22 Apr 2026
NASA Earth Observing System Data and Information System (EOSDIS) MODAPS v8.1 was discovered to contain a SQL injection v
48RISK
open
GitHub PoC
Sanitized advisory for CVE-2025-51846 affecting CryptPad WebSocket handling.
CVE-2025-51846HIGH22 Apr 2026
CryptPad unbounded WebSocket frame flood
41RISK
open
GitHub PoC2
Hack The Box - Silentium machine writeup | CVE-2025-58434, CVE-2025-59528, CVE-2025-8110
CVE-2025-58434CRITICAL22 Apr 2026
Flowise Cloud and Local Deployments have Unauthenticated Password Reset Token Disclosure that Leads to Account Takeover
75RISK
open
GitHub PoC
Cybersecurity lab demonstrating exploitation of CVE-2017-0144 (EternalBlue) using Metasploit against a vulnerable Windows 7 VM, achieving SYSTEM-level access via Meterpreter. Includes full attack chain, post exploitation, and mitigation via MS17-010 patching, tested in an isolated ethical lab environment.
CVE-2017-0144HIGHunder attackransomware22 Apr 2026
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISK
open
GitHub PoC
End-to-end simulation of detecting a root-less Android Drop Device (Casper) using Wazuh SIEM to capture Layer 7 attacks like Shellshock (CVE-2014-6271).
CVE-2014-6271CRITICALunder attack22 Apr 2026
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which
100RISK
open
GitHub PoC2
Full exploit for the Android vulnerability Bad Binder found in early Google Pixel phones.
CVE-2019-2215HIGHunder attack22 Apr 2026
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interacti
100RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.