Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.062exploits catalogados
31.617CVEs con explotación pública
0probados en laboratorio
8069 exploits
VulnCheck XDB
initial-access
CVE-2021-42013CRITICALbajo ataqueransomware24 jun 2026
Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-57819CRITICALbajo ataque24 jun 2026
FreePBX Affected by Authentication Bypass Leading to SQL Injection and RCE
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2021-22205CRITICALbajo ataqueransomware24 jun 2026
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validati
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-32432CRITICALbajo ataque24 jun 2026
Craft CMS Allows Remote Code Execution
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALbajo ataqueransomware24 jun 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-58034MEDIUMbajo ataque24 jun 2026
An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] vul
90RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2019-023223 jun 2026
When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0
60RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2020-11651CRITICALbajo ataque23 jun 2026
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs cla
100RIESGO
abrir
VulnCheck XDB
client-side
CVE-2024-21413CRITICALbajo ataque23 jun 2026
Microsoft Outlook Remote Code Execution Vulnerability
100RIESGO
abrir
VulnCheck XDB
local
CVE-2019-2215HIGHbajo ataque23 jun 2026
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interacti
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2021-41773HIGHbajo ataqueransomware23 jun 2026
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
100RIESGO
abrir
VulnCheck XDB
local
CVE-2021-4034HIGHbajo ataque22 jun 2026
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-48908CRITICAL22 jun 2026
Joomla Extension - joomshaper.com - Remote Code Execution in SP Pagebuilder extension for Joomla < 6.6.2
48RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALbajo ataqueransomware22 jun 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RIESGO
abrir
VulnCheck XDB
denial-of-service
CVE-2026-42945CRITICAL22 jun 2026
NGINX ngx_http_rewrite_module vulnerability
60RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2022-23131CRITICALbajo ataque22 jun 2026
Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-48907CRITICALbajo ataque22 jun 2026
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-48907CRITICALbajo ataque22 jun 2026
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-23744CRITICAL22 jun 2026
REC in MCPJam inspector due to HTTP Endpoint exposes
75RIESGO
abrir
VulnCheck XDB
info-leak
CVE-2023-23752MEDIUMbajo ataque21 jun 2026
[20230201] - Core - Improper access check in webservice endpoints
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-21858CRITICAL21 jun 2026
n8n Vulnerable to Unauthenticated File Access via Improper Webhook Request Handling
85RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-49777CRITICAL21 jun 2026
WordPress Product Slider Pro for WooCommerce plugin < 3.5.4 - Backdoor vulnerability
63RIESGO
abrir
VulnCheck XDB
info-leak
CVE-2026-32202MEDIUMbajo ataque21 jun 2026
Windows Shell Spoofing Vulnerability
75RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALbajo ataque21 jun 2026
Remote code execution as guest via SolrSearchMacros request in xwiki
100RIESGO
abrir
VulnCheck XDB
remote-with-credentials
CVE-2025-68613CRITICALbajo ataque21 jun 2026
n8n Vulnerable to Remote Code Execution via Expression Injection
100RIESGO
abrir
VulnCheck XDB
info-leak
CVE-2025-24071MEDIUM21 jun 2026
Microsoft Windows File Explorer Spoofing Vulnerability
38RIESGO
abrir
VulnCheck XDB
local
CVE-2025-32463CRITICALbajo ataque21 jun 2026
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled director
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-29927CRITICAL21 jun 2026
Authorization Bypass in Next.js Middleware
85RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALbajo ataqueransomware21 jun 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2022-0543CRITICALbajo ataque19 jun 2026
It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific
100RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.