Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.053exploits catalogados
31.617CVEs con explotación pública
0probados en laboratorio
8069 exploits
VulnCheck XDB
initial-access
CVE-2026-48907CRITICALbajo ataque29 jun 2026
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-48907CRITICALbajo ataque29 jun 2026
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-48907CRITICALbajo ataque29 jun 2026
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RIESGO
abrir
VulnCheck XDB
local
CVE-2023-4911HIGHbajo ataque29 jun 2026
Glibc: buffer overflow in ld.so leading to privilege escalation
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2023-3864629 jun 2026
Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary comman
60RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALbajo ataqueransomware29 jun 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-20253CRITICALbajo ataque29 jun 2026
Unauthenticated Arbitrary File Creation and Truncation in a PostgreSQL Sidecar Service Endpoint in Splunk Enterprise
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-28496CRITICAL29 jun 2026
FOSSBilling: Server-side template injection in Twig template rendering enables information disclosure and RCE
63RIESGO
abrir
VulnCheck XDB
local
CVE-2023-0386HIGHbajo ataque28 jun 2026
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities wa
86RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-48908CRITICAL28 jun 2026
Joomla Extension - joomshaper.com - Remote Code Execution in SP Pagebuilder extension for Joomla < 6.6.2
48RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALbajo ataqueransomware28 jun 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2020-7247CRITICALbajo ataque28 jun 2026
smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-23744CRITICAL28 jun 2026
REC in MCPJam inspector due to HTTP Endpoint exposes
75RIESGO
abrir
VulnCheck XDB
local
CVE-2026-31431HIGHbajo ataque27 jun 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
VulnCheck XDB
local
CVE-2026-24061CRITICALbajo ataque27 jun 2026
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-24061CRITICALbajo ataque27 jun 2026
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-48907CRITICALbajo ataque27 jun 2026
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-48907CRITICALbajo ataque27 jun 2026
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RIESGO
abrir
VulnCheck XDB
local
CVE-2016-5195HIGHbajo ataque27 jun 2026
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by lev
93RIESGO
abrir
VulnCheck XDB
info-leak
CVE-2026-26980CRITICAL26 jun 2026
Ghost has a SQL Injection in its Content API
75RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-20253CRITICALbajo ataque26 jun 2026
Unauthenticated Arbitrary File Creation and Truncation in a PostgreSQL Sidecar Service Endpoint in Splunk Enterprise
100RIESGO
abrir
VulnCheck XDB
client-side
CVE-2025-8088HIGHbajo ataque26 jun 2026
Path traversal vulnerability in WinRAR
93RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-26980CRITICAL26 jun 2026
Ghost has a SQL Injection in its Content API
75RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2023-20198CRITICALbajo ataque25 jun 2026
Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS
100RIESGO
abrir
VulnCheck XDB
local
CVE-2025-61155MEDIUM25 jun 2026
The GameDriverX64.sys kernel-mode anti-cheat driver (v7.23.4.7 and earlier) contains an access control vulnerability in
33RIESGO
abrir
VulnCheck XDB
remote-with-credentials
CVE-2025-8110HIGHbajo ataque25 jun 2026
File overwrite in file update API in Gogs
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-8181CRITICAL25 jun 2026
Burst Statistics 3.4.0 - 3.4.1.1 - Authentication Bypass to Admin Account Takeover
68RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-20230HIGH25 jun 2026
Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability
53RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2021-29441HIGH25 jun 2026
Authentication bypass
78RIESGO
abrir
VulnCheck XDB
local
CVE-2016-5195HIGHbajo ataque25 jun 2026
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by lev
93RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.