Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.062exploits catalogados
31.617CVEs con explotación pública
0probados en laboratorio
8069 exploits
VulnCheck XDB
initial-access
CVE-2026-24061CRITICALbajo ataque06 jun 2026
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment
100RIESGO
abrir
VulnCheck XDB
local
CVE-2022-0847HIGHbajo ataque06 jun 2026
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in cop
100RIESGO
abrir
VulnCheck XDB
remote-with-credentials
CVE-2026-34197HIGHbajo ataque06 jun 2026
Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Authenticated users could perform RCE via Jolokia MBeans
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-23744CRITICAL05 jun 2026
REC in MCPJam inspector due to HTTP Endpoint exposes
75RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-42945CRITICAL05 jun 2026
NGINX ngx_http_rewrite_module vulnerability
60RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-8206CRITICAL05 jun 2026
Kirki 6.0.0 - 6.0.6 - Unauthenticated Privilege Escalation via 'handle_forgot_password'
48RIESGO
abrir
VulnCheck XDB
local
CVE-2026-43284HIGH05 jun 2026
xfrm: esp: avoid in-place decrypt on shared skb frags
78RIESGO
abrir
VulnCheck XDB
info-leak
CVE-2025-49132CRITICAL05 jun 2026
Pterodactyl Panel Allows Unauthenticated Arbitrary Remote Code Execution
68RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-3300CRITICAL05 jun 2026
Everest Forms Pro <= 1.9.12 - Unauthenticated Remote Code Execution via Calculation Field
75RIESGO
abrir
VulnCheck XDB
local
CVE-2026-31431HIGHbajo ataque05 jun 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALbajo ataqueransomware05 jun 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RIESGO
abrir
VulnCheck XDB
local
CVE-2026-31431HIGHbajo ataque05 jun 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-23744CRITICAL05 jun 2026
REC in MCPJam inspector due to HTTP Endpoint exposes
75RIESGO
abrir
VulnCheck XDB
info-leak
CVE-2013-611704 jun 2026
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive informatio
60RIESGO
abrir
VulnCheck XDB
info-leak
CVE-2024-1698CRITICAL04 jun 2026
NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With Elementor <= 2.8.2 - Unauthenticated SQL Injection
85RIESGO
abrir
VulnCheck XDB
denial-of-service
CVE-2026-41089CRITICAL04 jun 2026
Windows Netlogon Remote Code Execution Vulnerability
70RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-23744CRITICAL04 jun 2026
REC in MCPJam inspector due to HTTP Endpoint exposes
75RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-34234CRITICAL04 jun 2026
CtrlPanel: Unauthenticated RCE using installer script
48RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2020-10148CRITICALbajo ataque04 jun 2026
SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2021-44228CRITICALbajo ataqueransomware04 jun 2026
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RIESGO
abrir
VulnCheck XDB
info-leak
CVE-2026-0257HIGHbajo ataque03 jun 2026
PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2024-36401CRITICALbajo ataque03 jun 2026
Remote Code Execution (RCE) vulnerability in evaluating property name expressions in Geoserver
100RIESGO
abrir
VulnCheck XDB
local
CVE-2026-31431HIGHbajo ataque03 jun 2026
crypto: algif_aead - Revert to operating out-of-place
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-41089CRITICAL03 jun 2026
Windows Netlogon Remote Code Execution Vulnerability
70RIESGO
abrir
VulnCheck XDB
local
CVE-2026-43500HIGH03 jun 2026
rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present
78RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-23744CRITICAL03 jun 2026
REC in MCPJam inspector due to HTTP Endpoint exposes
75RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-8206CRITICAL02 jun 2026
Kirki 6.0.0 - 6.0.6 - Unauthenticated Privilege Escalation via 'handle_forgot_password'
48RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-23744CRITICAL02 jun 2026
REC in MCPJam inspector due to HTTP Endpoint exposes
75RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-23744CRITICAL02 jun 2026
REC in MCPJam inspector due to HTTP Endpoint exposes
75RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2026-8181CRITICAL02 jun 2026
Burst Statistics 3.4.0 - 3.4.1.1 - Authentication Bypass to Admin Account Takeover
68RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.