Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,841GitHub PoC 13,140VulnCheck XDB 8,078Nuclei 4,190Metasploit 3,462✓ verified onlyrecentpopularrisk
71,180 exploits
GitHub PoC
Astianjy/CVE-2026-42203
LiteLLM: Server-Side Template Injection in /prompts/test endpoint
41RISK
open ↗GitHub PoC
# CVE-2026-42154 — Prometheus Remote Read Snappy DoS
Prometheus: remote read endpoint allows denial of service via crafted snappy payload
41RISK
open ↗GitHub PoC
Educational environment for LTAT.04.022 Homework 4.
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many
93RISK
open ↗GitHub PoC
CVE-2026-44338
PraisonAI ships and generates a legacy API server with authentication disabled by default, allowing unauthenticated workflow execution
61RISK
open ↗GitHub PoC★ 3
In‑depth technical analysis of CVE‑2026‑41096, a critical heap overflow in Windows DNSAPI.dll enabling remote code execution via crafted DNS responses. Includes attack vectors, patch insights, and defensive guidance for security teams.
Windows DNS Client Remote Code Execution Vulnerability
48RISK
open ↗GitHub PoC
nhh9905/CVE-2022-37969
Windows Common Log File System Driver Elevation of Privilege Vulnerability
76RISK
open ↗GitHub PoC★ 1
VsFTPd 2.3.4 Backdoor Command Execution
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
60RISK
open ↗GitHub PoC
LangFlow RCE | CVE-2026-0770 | Proof-Of-Concept
Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability
68RISK
open ↗Exploit-DB
Windows Snipping Tool - NTLMv2 Hash Hijack
Windows Snipping Tool Spoofing Vulnerability
33RISK
open ↗GitHub PoC★ 1
forxiucn/nginx-cve-2026-42945-poc
NGINX ngx_http_rewrite_module vulnerability
60RISK
open ↗GitHub PoC★ 6
Automated exploitation scanner for Oracle Reports Server (rwservlet) — CVE-2012-3152 / CVE-2012-3153. Detects, fingerprints, reads files via LFI, tests SSRF via webhook, and uploads JSP shells. Targets Oracle Reports < 11g. For authorized use only.
Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and
100RISK
open ↗GitHub PoC★ 2
Working PoC for CVE-2025-32432 - Craft CMS <= 5.6.16 unauthenticated RCE via Yii2 PhpManager gadget + nginx access.log poisoning
Craft CMS Allows Remote Code Execution
100RISK
open ↗GitHub PoC
rootdirective-sec/CVE-2026-44338-Lab
PraisonAI ships and generates a legacy API server with authentication disabled by default, allowing unauthenticated workflow execution
61RISK
open ↗GitHub PoC★ 18
Script Python para detecção de instâncias Nginx vulneráveis ao CVE-2026-42945 em IPs, CIDRs e ASNs.
NGINX ngx_http_rewrite_module vulnerability
60RISK
open ↗GitHub PoC★ 1
CVE-2026-42945: nginx-rift vulnerability analysis and detection script
NGINX ngx_http_rewrite_module vulnerability
60RISK
open ↗GitHub PoC★ 4
CVE-2026-42897 - Exchange Health Checker blind spot: outbound IIS URL Rewrite rules silently ignored, making EOMT mitigations invisible in diagnostic reports.
Microsoft Exchange Server Spoofing Vulnerability
71RISK
open ↗GitHub PoC
permite a un atacante remoto no autenticado leer archivos arbitrarios del sistema afectado mediante una inyección de XML External Entity (XXE)
Cisco Catalyst SD-WAN Manager XML External Entity Injection Vulnerability
41RISK
open ↗GitHub PoC★ 75
NextSSRF — CVE-2026-44578 Scanner & Exploit ║ ║ Next.js WebSocket Upgrade Handler SSRF
Next.js: Server-side request forgery in applications using WebSocket upgrades
68RISK
open ↗GitHub PoC
tocong282/CVE-2026-44578-PoC
Next.js: Server-side request forgery in applications using WebSocket upgrades
68RISK
open ↗GitHub PoC★ 6
Nuclei templates for detecting CVE-2026-44578 (Next.js WebSocket Upgrade SSRF) with multi-cloud metadata validation, Next.js fingerprinting, and real-world scanning workflows. Includes references to the original NextSSRF research and exploit tooling.
Next.js: Server-side request forgery in applications using WebSocket upgrades
68RISK
open ↗GitHub PoC
Medaz-Sploit/CVE-2025-9074-Docker-Desktop-API-Escape-PoC
Docker Desktop allows unauthenticated access to Docker Engine API from containers
48RISK
open ↗GitHub PoC
Tester for CVE-2026-43284
xfrm: esp: avoid in-place decrypt on shared skb frags
78RISK
open ↗VulnCheck XDB
initial-access
Burst Statistics 3.4.0 - 3.4.1.1 - Authentication Bypass to Admin Account Takeover
68RISK
open ↗GitHub PoC
Este proyecto tiene como objetivo demostrar de forma práctica el funcionamiento del exploit Dirty COW (CVE-2016-5195), una vulnerabilidad crítica del en el kernel de Linux. Se simula un escenario realista en el que un atacante con acceso local limitado a un sistema sin parchear logra escalar sus privilegios hasta obtener acceso completo como root.
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by lev
93RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.