Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,841GitHub PoC 13,140VulnCheck XDB 8,078Nuclei 4,190Metasploit 3,462✓ verified onlyrecentpopularrisk
71,180 exploits
VulnCheck XDB
initial-access
Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.7 - Unauthenticated Arbitrary File Upload via Non-ASCII Filename Blacklist Bypass
56RISK
open ↗GitHub PoC
CVE-2023-4220 — Unauthenticated file upload RCE in Chamilo LMS ≤ 1.11.24. OSCP-style and auto exploit.
Chamilo LMS Unauthenticated Big Upload File Remote Code Execution
78RISK
open ↗GitHub PoC★ 1
oen liner CVE-2026-31431 test. Created 'sandbox' on sudo user and tests if ir can escape to root
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC★ 20
azefzafyoussef/CVE-2026-34621
Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321)
71RISK
open ↗GitHub PoC★ 6
🚀 CVE-2026-41940 cPanel/WHM Auth Bypass Exploit - Best Flow 💥 CRLF injection leads to auth bypass, session hijacking & account leak. ✅ Proxy, custom UA, keep-alive, retries, SSL verify, colored output, file save support. ⚡ Advanced PoC for pentesters.
WebPros cPanel and WHM Authentication Bypass via Login Flow
100RISK
open ↗GitHub PoC
lamaper/CVE-2026-52200
An issue in Generic OEM UZ801_v2.1 4G LTE Router V3.4.3 allows a remote attacker to execute arbitrary code via the /ajax
28RISK
open ↗GitHub PoC
Are you get Tanstack Supply chain attack attack of 5/11? CVE-2026-45321 / GHSA-g7cv-rxg3-hmpx
Malware in 42 @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys
78RISK
open ↗VulnCheck XDB
info-leak
request-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baske
48RISK
open ↗VulnCheck XDB
initial-access
Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitra
100RISK
open ↗GitHub PoC★ 2
CVE-2026-29000 – pac4j-jwt Authentication Bypass (🔥 CVSS 10.0). One-click admin forge via public key JWE wrapping. Leaks configs, users, secrets. Keep-alive, proxy, custom JWKS.⚙️ Educational PoC Exploit tool.
pac4j-jwt JwtAuthenticator Authentication Bypass
48RISK
open ↗VulnCheck XDB
initial-access
An improper authentication control vulnerability exists in AiCloud. This vulnerability can be triggered by a crafted req
48RISK
open ↗GitHub PoC
🛡️ One-command scanner for CVE-2026-45321 — TanStack npm supply-chain attack
Malware in 42 @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys
78RISK
open ↗GitHub PoC
sh4den/CVE-2026-31431-copyfail-aarch64
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC
Cybersecurity demo exploiting CVE-2026-35455 with automatic API key generation and exfiltration
immich has Stored XSS via OCR Text in 360° Panorama Viewer
41RISK
open ↗VulnCheck XDB
client-side
Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321)
71RISK
open ↗GitHub PoC
Semgrep rules that flag header-trust auth bypass patterns (CVE-2025-29927 class). Companion to bk-security.github.io.
Authorization Bypass in Next.js Middleware
85RISK
open ↗GitHub PoC
y0naldez/CVE-2024-28397-Js2Py-RCE
An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitrary code via a
48RISK
open ↗GitHub PoC
vutiendat323/CVE-2021-44228_Log4Shell
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISK
open ↗GitHub PoC★ 1
This project is a cybersecurity research and analysis project focused on CVE-2023-38831, a critical WinRAR vulnerability that allows attackers to execute malicious code through specially crafted archive files. The project was conducted in a controlled lab environment for educational and defensive security purposes only.
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a
100RISK
open ↗GitHub PoC
Copy Fail (CVE-2026-31431)
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC★ 1
Exploit for CVE-2026-31431 (Copy Fail)
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC
CVE-2026-42569
phpvms: /importer authorization bypass causing full database wipe
43RISK
open ↗GitHub PoC★ 29
Double-free in Apache httpd mod_http2 stream cleanup leading to pre-auth RCE.
Apache HTTP Server: http2: double free and possible RCE on early reset
53RISK
open ↗GitHub PoC
Xmyronn/CVE-2026-10290-SQLI
code-projects Hotel and Tourism Reservation System GET Parameter tour.php sql injection
33RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.