Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,294cataloged exploits
31,742CVEs with public exploitation
0lab-tested
13,184 exploits
GitHub PoC
CVE-2025-54123 exploit and documentation
CVE-2025-54123CRITICAL29 Mar 2026
Hoverfly vulnerable to remote code execution at `/api/v2/hoverfly/middleware` endpoint due to insecure middleware implementation
68RISK
open
GitHub PoC
0x0asif/CVE-2025-55182
CVE-2025-55182CRITICALunder attackransomware29 Mar 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
GitHub PoC1
Shashivanth009/CVE-2022-46364---Apache-CXF-XOP-Include-LFI-PoC
CVE-2022-46364CRITICAL29 Mar 2026
Apache CXF SSRF Vulnerability
48RISK
open
GitHub PoC2
This vulnerability allows an attacker to perform SSRF (Server-Side Request Forgery) attacks on Apache CXF webservices that accept MTOM/XOP requests. The issue exists in how the href attribute of xop:Include is parsed, allowing arbitrary URLs to be requested by the server.
CVE-2022-46364CRITICAL29 Mar 2026
Apache CXF SSRF Vulnerability
48RISK
open
GitHub PoC7
CVE-2025-54123 Hoverfly Authenticated Middleware Command Injection RCE
CVE-2025-54123CRITICAL28 Mar 2026
Hoverfly vulnerable to remote code execution at `/api/v2/hoverfly/middleware` endpoint due to insecure middleware implementation
68RISK
open
GitHub PoC7
CVE-2022-46364-Poc Apache CXF SSRF via MTOM XOP:Include
CVE-2022-46364CRITICAL28 Mar 2026
Apache CXF SSRF Vulnerability
48RISK
open
GitHub PoC
BOLA/IDOR vulnerability in osTicket ajax.tickets.php | Responsible Disclosure
CVE-2026-14871HIGH28 Mar 2026
osTicket v1.18.3 - v1.17.7 - BOLA/IDOR in ticket field viewing allows cross-department data disclosure
41RISK
open
GitHub PoC
A PoC demonstrating a RCE in Hoverfly (versions ≤ 1.11.3) by abusing the /api/v2/hoverfly/middleware endpoint and injecting a malicious middleware script
CVE-2025-54123CRITICAL28 Mar 2026
Hoverfly vulnerable to remote code execution at `/api/v2/hoverfly/middleware` endpoint due to insecure middleware implementation
68RISK
open
GitHub PoC
Explota vulnerabilidad
CVE-2023-43208CRITICALunder attackransomware28 Mar 2026
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that
100RISK
open
GitHub PoC4
Chrome extension that uses vulnerabilities CVE-2021-33044 and CVE-2021-33045 to log in to Dahua cameras without authentication.
CVE-2021-33044CRITICALunder attack28 Mar 2026
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can by
100RISK
open
GitHub PoC
Conducted a full SOC investigation into a Conti ransomware compromise of an Exchange server using Splunk 8.2.2. Analysed 28,145 events across Windows Security, Sysmon, and IIS log sources to reconstruct the complete attack chain. Identified three exploited CVEs (CVE-2020-0796, CVE-2018-13374, CVE-2018-13379), located a trojanised cmd.exe
CVE-2018-13374MEDIUMunder attackransomware27 Mar 2026
A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4 al
75RISK
open
GitHub PoC
BastianXploited/CVE-2025-6440
CVE-2025-6440CRITICAL27 Mar 2026
WooCommerce Designer Pro <= 1.9.26 - Unauthenticated Arbitrary File Upload
60RISK
open
GitHub PoC
Drupal 7 CMS vulnerable to CVE-2018-7600 (Drupalgeddon2), allowing unauthenticated remote code execution.
CVE-2018-7600CRITICALunder attackransomware27 Mar 2026
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbi
100RISK
open
GitHub PoC
SentinelStream AI: A professional SIEM and SOAR platform featuring real-time threat correlation for CVE-2024-21410 and automated incident response logic.
CVE-2024-21410CRITICALunder attack27 Mar 2026
Microsoft Exchange Server Elevation of Privilege Vulnerability
83RISK
open
GitHub PoC
Static analysis of the DarkSword iOS WebKit exploit chain — delivery, staging, and CVE breakdown (CVE-2025-31277, CVE-2025-43529)
CVE-2025-31277HIGHunder attack27 Mar 2026
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, mac
71RISK
open
GitHub PoC
Conducted a full SOC investigation into a Conti ransomware compromise of an Exchange server using Splunk 8.2.2. Analysed 28,145 events across Windows Security, Sysmon, and IIS log sources to reconstruct the complete attack chain. Identified three exploited CVEs (CVE-2020-0796, CVE-2018-13374, CVE-2018-13379), located a trojanised cmd.exe
CVE-2020-0796CRITICALunder attackransomware27 Mar 2026
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol h
100RISK
open
GitHub PoC
PoC exploit for CVE-2025-34282 - ThingsBoard SSRF via SVG Image Upload
CVE-2025-34282MEDIUM26 Mar 2026
ThingsBoard < v4.2.1 SVG Image SSRF
33RISK
open
GitHub PoC
HikvisionExploiter - это Python утилита созданная для автоматизации сканирования и проверки прямого доступа к сети камер Hikvision, нацеленная на поиск уязвимости Web interface версии 3.1.3.150324 + CVE-2021-36260
CVE-2021-36260CRITICALunder attack26 Mar 2026
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation,
100RISK
open
GitHub PoC1
Apache Tomcat RCE
CVE-2025-24813CRITICALunder attack26 Mar 2026
Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT
100RISK
open
GitHub PoC1
Explore CVE-2021-44228, a vulnerability in log4j affecting almost all software under the sun.
CVE-2021-44228CRITICALunder attackransomware26 Mar 2026
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISK
open
GitHub PoC
cisco-ise rce poc
CVE-2025-20282CRITICAL26 Mar 2026
Cisco ISE API Unauthenticated Remote Code Execution Vulnerability
48RISK
open
GitHub PoC
CVE-2025-64446
CVE-2025-64446CRITICALunder attack26 Mar 2026
A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb
100RISK
open
GitHub PoC
Python port of the Linksys tmUnblock.cgi RCE exploit
CVE-2025-34037CRITICAL26 Mar 2026
Linksys Routers E/WAG/WAP/WES/WET/WRT-Series
85RISK
open
GitHub PoC
Sicherheitsaudit einer Drupal-Webanwendung, CVE-2018-7600 geprüft, Nmap/Burp/Metasploit
CVE-2018-7600CRITICALunder attackransomware26 Mar 2026
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbi
100RISK
open
GitHub PoC11
scanner/exploiter CVE-2026-24061 & CVE-2026-32746
CVE-2026-24061CRITICALunder attack26 Mar 2026
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment
100RISK
open
GitHub PoC
An attacker can execute arbitrary JavaScript in the victim's browser, potentially leading to session hijacking or privilege escalation.
CVE-2026-29971MEDIUM26 Mar 2026
A reflected cross-site scripting (XSS) vulnerability exists in WebFileSys version before 2.32.0 and fixed in v.2.32.0. U
33RISK
open
GitHub PoC
A proof-of-concept exploit demonstrating local privilege escalation to root in sudo (CVE-2025-32463) by abusing the --chroot (-R) option and injecting a malicious NSS configuration
CVE-2025-32463CRITICALunder attack25 Mar 2026
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled director
100RISK
open
GitHub PoC5
WinRAR < 7.13 path traversal for persistency
CVE-2025-8088HIGHunder attack25 Mar 2026
Path traversal vulnerability in WinRAR
93RISK
open
GitHub PoC
Intentionally vulnerable Next.js RSC Docker lab for CVE-2025-55182 (React2Shell) local testing
CVE-2025-55182CRITICALunder attackransomware25 Mar 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISK
open
GitHub PoC2
A Python 3 reimplementation of the classic CVE-2018-15473 OpenSSH user enumeration exploit, extended with multi-threading, wordlist support, automatic vulnerability detection, and thread-safe exploit patching.
CVE-2018-15473MEDIUM25 Mar 2026
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticati
70RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.