Explotación pública
Catálogo de exploits
Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.
71.062exploits catalogados
31.617CVEs con explotación pública
0probados en laboratorio
TodosExploit-DB 22.467Referência 19.791GitHub PoC 13.086VulnCheck XDB 8069Nuclei 4187Metasploit 3462✓ solo verificadosrecientespopularesriesgo
71.062 exploits
VulnCheck XDB
initial-access
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RIESGO
abrir ↗VulnCheck XDB
local
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities wa
86RIESGO
abrir ↗GitHub PoC★ 2
Educational, defensive kit for two Linux page-cache-corruption LPEs (DirtyClone CVE-2026-43503, pedit COW CVE-2026-46331): hardening, detection, verification, seccomp + validation harness. Detection and prevention only — no exploit code. TLP:CLEAR.
net: skbuff: propagate shared-frag marker through frag-transfer helpers
41RIESGO
abrir ↗GitHub PoC
PoC for CVE-2026-5366: git argument injection in Prefect's GitRepository leading to RCE on the worker.
Git Argument Injection in prefecthq/prefect
48RIESGO
abrir ↗GitHub PoC★ 1
WP Full Stripe Free <= 8.4.3 - Missing Authorization
Stripe Payment Forms by WP Full Pay <= 8.4.3 - Missing Authorization to Unauthenticated Payment Record Manipulation via 'paymentIntentId' Parameter
33RIESGO
abrir ↗VulnCheck XDB
local
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment
100RIESGO
abrir ↗VulnCheck XDB
initial-access
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment
100RIESGO
abrir ↗GitHub PoC★ 56
cve-2026-48907 scanner
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RIESGO
abrir ↗GitHub PoC
CVE-2026-48907 is a CVSS 10.0 pre-auth RCE in Joomla Content Editor affecting all versions ≤ 2.9.99.4. The Grayxploit team breaks down the 3-weakness chain — missing auth, no extension validation, and an unsafe upload flag — that lets attackers pop a shell in 3 HTTP requests.
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RIESGO
abrir ↗VulnCheck XDB
initial-access
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RIESGO
abrir ↗GitHub PoC
Hunt-Benito/traefik-stripprefix-auth-bypass-cve-2026-48020-path-normalization
Traefik StripPrefix Route-Level Auth Bypass via Path Normalization
41RIESGO
abrir ↗GitHub PoC
patched ffmpeg-tools for jellyfin to patch CVE-2026-8461 aka PixelSmash
Heap out-of-bounds write via odd slice_height in FFmpeg MagicYUV decoder
41RIESGO
abrir ↗VulnCheck XDB
initial-access
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RIESGO
abrir ↗GitHub PoC★ 7
OpenSTAManager-RCE-Exploit-CVE-2026-38751
OpenSTAManager version 2.10 and earlier contains an arbitrary file upload vulnerability in the module update functionali
41RIESGO
abrir ↗GitHub PoC★ 2
CVE-2026-0073-Android-ADBD-bypass-POC汉化版
In adbd_tls_verify_cert of auth.cpp, there is a possible bypass of wireless ADB mutual authentication due to a logic err
41RIESGO
abrir ↗GitHub PoC
CVE-2026-46331 - Draft
net/sched: fix pedit partial COW leading to page cache corruption
41RIESGO
abrir ↗VulnCheck XDB
local
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by lev
93RIESGO
abrir ↗GitHub PoC★ 105
CVE-2026-43499 PoC
rtmutex: Use waiter::task instead of current in remove_waiter()
41RIESGO
abrir ↗GitHub PoC
SugiB3o/CVE-2026-31431
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir ↗GitHub PoC★ 26
CVE-2026-46331
net/sched: fix pedit partial COW leading to page cache corruption
41RIESGO
abrir ↗GitHub PoC
A local package installation helper trusted caller-supplied package names too much. In yeoman-environment, missing generators could be installed without user confirmation, turning attacker-controlled project metadata into a package-install and code-execution path.
yeoman-environment Vulnerable to Arbitrary Package Installation without User Confirmation
41RIESGO
abrir ↗VulnCheck XDB
initial-access
Unauthenticated Arbitrary File Creation and Truncation in a PostgreSQL Sidecar Service Endpoint in Splunk Enterprise
100RIESGO
abrir ↗GitHub PoC
Plane’s V2 asset subsystem trusted workspace slugs and asset UUIDs without enforcing the right membership checks, which let one authenticated user read, copy, delete, and overwrite assets in other workspaces.
Plane: Cross-workspace asset authorization bypass lets any authenticated user read, copy, delete, and overwrite assets in other Plane workspaces
41RIESGO
abrir ↗GitHub PoC
A public share looked clean in the page tree, but the search endpoint told a different story. In Docmost, restricted child pages hidden from public share viewers could still leak through public share search results.
Docmost's Public Share Search Exposes Metadata of Restricted Children
33RIESGO
abrir ↗GitHub PoC
CVE-2026-54807 WooCommerce Privilege Escalation ║ ║ Unauthenticated Admin Role Assignment via Reg. Form
WordPress Registration Form for WooCommerce plugin <= 1.0.9 - Privilege Escalation vulnerability
48RIESGO
abrir ↗GitHub PoC
A low-privileged Docmost user could supply a victim attachmentId to the generic upload endpoint and overwrite another page's stored attachment inside the same workspace.
Docmost has cross-page attachment overwrite via flawed attachmentId overwrite validation
33RIESGO
abrir ↗GitHub PoC★ 15
mooder1/dirtyclone-CVE-2026-43503
net: skbuff: propagate shared-frag marker through frag-transfer helpers
41RIESGO
abrir ↗Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.