Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.114exploits catalogados
31.649CVEs con explotación pública
0probados en laboratorio
71.114 exploits
VulnCheck XDB
info-leak
CVE-2024-38475CRITICALbajo ataque31 may 2026
Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path.
100RIESGO
abrir
GitHub PoC1
CVE-2026-45585
CVE-2026-45585MEDIUM31 may 2026
Windows BitLocker Security Feature Bypass Vulnerability
33RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2023-6553CRITICAL31 may 2026
Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution
85RIESGO
abrir
VulnCheck XDB
local
CVE-2024-1086HIGHbajo ataqueransomware31 may 2026
Use-after-free in Linux kernel's netfilter: nf_tables component
76RIESGO
abrir
GitHub PoC1
SrGinebras/CVE-2026-23744-RCE-for-MCPjam-inspector-v1.4.2
CVE-2026-23744CRITICAL31 may 2026
REC in MCPJam inspector due to HTTP Endpoint exposes
75RIESGO
abrir
GitHub PoC2
CVE-2026-23744 RCE + Privilege Escalation
CVE-2026-23744CRITICAL31 may 2026
REC in MCPJam inspector due to HTTP Endpoint exposes
75RIESGO
abrir
GitHub PoC
Dungsocool/CVE-2014-3120
CVE-2014-3120HIGHbajo ataque31 may 2026
The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execut
100RIESGO
abrir
GitHub PoC
Jeanback1/CVE-2019-0211-exploit
CVE-2019-0211HIGHbajo ataque31 may 2026
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privilege
83RIESGO
abrir
GitHub PoC
CVE-2026-23744 PoC
CVE-2026-23744CRITICAL31 may 2026
REC in MCPJam inspector due to HTTP Endpoint exposes
75RIESGO
abrir
GitHub PoC
CVE-2026-23744 — Proof of concept exploit for an unauthenticated Remote Code Execution vulnerability in MCPJam Inspector <= 1.4.2.
CVE-2026-23744CRITICAL31 may 2026
REC in MCPJam inspector due to HTTP Endpoint exposes
75RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2021-44228CRITICALbajo ataqueransomware31 may 2026
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RIESGO
abrir
GitHub PoC
Remote Code Execution in MCPJam 1.4.2 and older.
CVE-2026-23744CRITICAL31 may 2026
REC in MCPJam inspector due to HTTP Endpoint exposes
75RIESGO
abrir
GitHub PoC
Jeanback1/CVE-2019-9053-exploit
CVE-2019-905331 may 2026
An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve
35RIESGO
abrir
GitHub PoC
b1nhack/CVE-2024-1086
CVE-2024-1086HIGHbajo ataqueransomware31 may 2026
Use-after-free in Linux kernel's netfilter: nf_tables component
76RIESGO
abrir
GitHub PoC
This exploit is based on CVE-2023-6553 and was built upon the original exploit by Chocapik, it was added that a direct reverse shell can be obtained.
CVE-2023-6553CRITICAL31 may 2026
Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution
85RIESGO
abrir
GitHub PoC
CVE-2026-8836 — lwIP SNMPv3 stack-based buffer overflow PoC (CVSS 9.8)
CVE-2026-8836CRITICAL31 may 2026
lwIP snmpv3 USM snmp_msg.c snmp_parse_inbound_frame stack-based overflow
48RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-23744CRITICAL31 may 2026
REC in MCPJam inspector due to HTTP Endpoint exposes
75RIESGO
abrir
GitHub PoC1
Interactive Ruby shell for authorized CVE-2025-55182 (react2shell) testing
CVE-2025-55182CRITICALbajo ataqueransomware31 may 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RIESGO
abrir
VulnCheck XDB
local
CVE-2019-0211HIGHbajo ataque31 may 2026
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privilege
83RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-23744CRITICAL31 may 2026
REC in MCPJam inspector due to HTTP Endpoint exposes
75RIESGO
abrir
GitHub PoC
kavin-jindal/CVE-2026-48800-PoC
CVE-2026-48800HIGH31 may 2026
Notepad++: Arbitrary Code Execution via shortcuts.xml UserCommand Injection
41RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-23744CRITICAL31 may 2026
REC in MCPJam inspector due to HTTP Endpoint exposes
75RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-23744CRITICAL31 may 2026
REC in MCPJam inspector due to HTTP Endpoint exposes
75RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2014-3120HIGHbajo ataque31 may 2026
The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execut
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-23744CRITICAL31 may 2026
REC in MCPJam inspector due to HTTP Endpoint exposes
75RIESGO
abrir
GitHub PoC
CVE-2024-38475 exploitation & scanning tool with Mullvad VPN rotation
CVE-2024-38475CRITICALbajo ataque31 may 2026
Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path.
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALbajo ataqueransomware31 may 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RIESGO
abrir
VulnCheck XDB
local
CVE-2025-38352HIGHbajo ataque30 may 2026
posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()
71RIESGO
abrir
GitHub PoC
HAERIN-L/poc_cve-2026-42208
CVE-2026-42208CRITICALbajo ataque30 may 2026
LiteLLM: SQL injection in Proxy API key verification
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2024-21413CRITICALbajo ataque30 may 2026
Microsoft Outlook Remote Code Execution Vulnerability
100RIESGO
abrir
anteriorpágina 38 / 2371siguiente

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.