Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,062cataloged exploits
31,617CVEs with public exploitation
0lab-tested
AllExploit-DB 22,467Referência 19,791GitHub PoC 13,086VulnCheck XDB 8,069Nuclei 4,187Metasploit 3,462✓ verified onlyrecentpopularrisk
71,062 exploits
VulnCheck XDB
initial-access
Joomla Extension - joomshaper.com - Remote Code Execution in SP Pagebuilder extension for Joomla < 6.6.2
48RISK
open ↗VulnCheck XDB
initial-access
WordPress Modular DS plugin <= 2.5.1 - Privilege Escalation vulnerability
68RISK
open ↗GitHub PoC★ 5
Epson Printer RAW Protocol Exploit Framework
Buffer Overflow vulnerability in EPSON L14150 FL27PB allows a remote attacker to execute arbitrary code via the RAW Prin
41RISK
open ↗GitHub PoC
Pre-auth Local File Inclusion in WP User Manager <= 2.9.17 via path traversal in tab parameter (CVSS 7.5)
WP User Manager <= 2.9.17 - Unauthenticated Path Traversal to Local File Inclusion via 'tab' Query Parameter
56RISK
open ↗GitHub PoC
Proof of Concept (PoC) for CVE-2026-49975 – HTTP/2 server memory exhaustion attack leveraging HPACK amplification and connection retention (HTTP/2 Slowloris).
Apache HTTP Server: mod_http2 denial of service
46RISK
open ↗GitHub PoC
MESLIMOHAMEDM22005188/path-traversal-CVE-2026-14628
NousResearch hermes-agent Live Webhook Endpoint base.py extract_media path traversal
33RISK
open ↗GitHub PoC★ 4
Pre-auth path traversal to arbitrary file delete in Avada (Fusion) Builder <= 3.15.3 leading to RCE (CVSS 9.1)
Avada (Fusion) Builder <= 3.15.3 - Unauthenticated Arbitrary File Deletion via Form Entry Value
48RISK
open ↗GitHub PoC★ 2
Pre-auth arbitrary file upload RCE exploit for iCagenda Joomla extension < 4.0.8 (CVSS 10.0)
Joomla Extension - icagenda.com - Remote Code Execution in iCaganda extension for Joomla < 4.0.8/3.9.15
78RISK
open ↗GitHub PoC
bayu06802/CVE-2026-48908
Joomla Extension - joomshaper.com - Remote Code Execution in SP Pagebuilder extension for Joomla < 6.6.2
48RISK
open ↗GitHub PoC
CVE-2026-49049 - Unauthenticated File Deletion, Arbitrary Write & XSS Injection for Helix3 Joomla Extension
Joomla Extension - joomshaper.com - Unauthenticated access to Helix3 template ajax handler
41RISK
open ↗GitHub PoC★ 2
Product Video Gallery for Woocommerce <= 1.5.1.8 - Authenticated Stored Cross-Site Scripting Proof of Concept
Product Video Gallery for Woocommerce <= 1.5.1.8 - Authenticated (Shop Manager+) Stored Cross-Site Scripting via custom_thumbnail Parameter
33RISK
open ↗GitHub PoC★ 6
Public PoC and detector for CVE-2026-20896 ("Gitea Docker: One Header, Any User")
Gitea Docker image trusts spoofable reverse-proxy headers by default
48RISK
open ↗GitHub PoC
Eliot-code/CVE-2026-22874-PoC
Gitea webhook and migration allow-list filtering permits SSRF
48RISK
open ↗VulnCheck XDB
initial-access
Joomla Extension - icagenda.com - Remote Code Execution in iCaganda extension for Joomla < 4.0.8/3.9.15
78RISK
open ↗VulnCheck XDB
denial-of-service
Avada (Fusion) Builder <= 3.15.3 - Unauthenticated Arbitrary File Deletion via Form Entry Value
48RISK
open ↗VulnCheck XDB
initial-access
Gitea Docker image trusts spoofable reverse-proxy headers by default
48RISK
open ↗GitHub PoC★ 1
CVE-2026-34038: Authenticated Remote Command Injection in Coolify
Coolify authenticated remote command injection leading to RCE and secret exfiltration
48RISK
open ↗GitHub PoC★ 3
PoC for CVE-2026-54415 — Azuriom CMS (<1.2.11) Broken Access Control → account takeover
Broken Access Control in Azuriom CMS Server Routes Allows Account Takeover
41RISK
open ↗GitHub PoC
CVE-2026-22874 writeup: incomplete SSRF allow-list in Gitea webhook/migration (IPv6 transition and cloud metadata). Fixed in Gitea 1.26.3.
Gitea webhook and migration allow-list filtering permits SSRF
48RISK
open ↗VulnCheck XDB
initial-access
Joomla Extension - joomlack.fr - Unauthenticated file upload in Page Builder CK extension < 3.6.0
48RISK
open ↗GitHub PoC
Technical troubleshooting repository for fixing infinite rendering vulnerability loops and resource exhaustion threats under CVE-2026-23869 cleanly.
A denial of service vulnerability exists in React Server Components, affecting the following packages: react-server-dom-
41RISK
open ↗VulnCheck XDB
initial-access
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RISK
open ↗GitHub PoC★ 2
caterscam/CVE-2026-5524-PoC
Divi Form Builder <= 5.1.8 - Unauthenticated Arbitrary File Upload Leading to Remote Code Execution via 'acceptFileTypes' Parameter
48RISK
open ↗VulnCheck XDB
initial-access
Langflow has Unauthenticated Remote Code Execution via Public Flow Build Endpoint
100RISK
open ↗VulnCheck XDB
remote-with-credentials
Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Authenticated users could perform RCE via Jolokia MBeans
100RISK
open ↗VulnCheck XDB
initial-access
Divi Form Builder <= 5.1.8 - Unauthenticated Arbitrary File Upload Leading to Remote Code Execution via 'acceptFileTypes' Parameter
48RISK
open ↗GitHub PoC★ 1
PoC for CVE-2026-53360: guest-triggered heap out-of-bounds read/write in KVM SEV-SNP Page State Change (PSC) handling.
KVM: SEV: Require in-GHCB scratch area if GHCB v2+ is in use
23RISK
open ↗GitHub PoC
💉 Blind SQL Injection → RCE exploit for Control Web Panel (CWP) ≤ 0.9.8.1224 — userRes POST → INTO DUMPFILE → cwpsvc shell
Control Web Panel < 0.9.8.1225 Blind SQL Injection via userRes Parameter
48RISK
open ↗GitHub PoC
Static config scanner that flags nginx configs vulnerable to the complex_value two-pass capture-clobbering bug (regex map + regex capture → heap overflow / info leak).
NGINX Map directive and Regex matching vulnerability
45RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.