Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.114exploits catalogados
31.649CVEs com exploração pública
0testados em laboratório
8.069 exploits
VulnCheck XDB
initial-access
CVE-2026-3395MEDIUM01 mar 2026
MaxSite CMS MarkItUp Preview AJAX Endpoint preview-ajax.php eval code injection
33RISCO
abrir
VulnCheck XDB
local
CVE-2021-4034HIGHsob ataque01 mar 2026
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool
100RISCO
abrir
VulnCheck XDB
denial-of-service
CVE-2026-2441HIGHsob ataque01 mar 2026
Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside
76RISCO
abrir
VulnCheck XDB
local
CVE-2024-21626HIGH28 fev 2026
runc container breakout through process.cwd trickery and leaked fds
61RISCO
abrir
VulnCheck XDB
remote-with-credentials
CVE-2017-9805HIGHsob ataque28 fev 2026
The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with a
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALsob ataqueransomware28 fev 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2026-21902CRITICAL28 fev 2026
Junos OS Evolved: PTX Series: A vulnerability allows a unauthenticated, network-based attacker to execute code as root
53RISCO
abrir
VulnCheck XDB
client-side
CVE-2022-30190HIGHsob ataqueransomware28 fev 2026
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2022-21445CRITICALsob ataque27 fev 2026
Vulnerability in the Oracle Application Development Framework (ADF) product of Oracle Fusion Middleware (component: ADF
90RISCO
abrir
VulnCheck XDB
info-leak
CVE-2026-1581HIGH27 fev 2026
wpForo Forum <= 2.4.14 - Unauthenticated Time-Based SQL Injection
56RISCO
abrir
VulnCheck XDB
initial-access
CVE-2022-42475CRITICALsob ataqueransomware27 fev 2026
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0
100RISCO
abrir
VulnCheck XDB
local
CVE-2024-35250HIGHsob ataque27 fev 2026
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
91RISCO
abrir
VulnCheck XDB
local
CVE-2022-36804HIGHsob ataque26 fev 2026
Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 bef
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2026-23550CRITICAL26 fev 2026
WordPress Modular DS plugin <= 2.5.1 - Privilege Escalation vulnerability
68RISCO
abrir
VulnCheck XDB
client-side
CVE-2022-26134CRITICALsob ataqueransomware26 fev 2026
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an un
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2023-43208CRITICALsob ataqueransomware26 fev 2026
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2026-27174CRITICAL26 fev 2026
MajorDoMo Unauthenticated Remote Code Execution via Admin Console Eval
63RISCO
abrir
VulnCheck XDB
remote-with-credentials
CVE-2025-32433CRITICALsob ataque26 fev 2026
Erlang/OTP SSH Vulnerable to Pre-Authentication RCE
100RISCO
abrir
VulnCheck XDB
remote-with-credentials
CVE-2023-30258CRITICAL25 fev 2026
Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary com
85RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALsob ataqueransomware25 fev 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISCO
abrir
VulnCheck XDB
local
CVE-2021-22555HIGHsob ataque25 fev 2026
Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE
100RISCO
abrir
VulnCheck XDB
local
CVE-2021-3493HIGHsob ataque25 fev 2026
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting o
98RISCO
abrir
VulnCheck XDB
info-leak
CVE-2021-2291125 fev 2026
A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenti
60RISCO
abrir
VulnCheck XDB
initial-access
CVE-2023-43208CRITICALsob ataqueransomware25 fev 2026
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that
100RISCO
abrir
VulnCheck XDB
remote-with-credentials
CVE-2026-1357CRITICAL25 fev 2026
Migration, Backup, Staging <= 0.9.123 - Unauthenticated Arbitrary File Upload
75RISCO
abrir
VulnCheck XDB
remote-with-credentials
CVE-2025-69985CRITICAL25 fev 2026
FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Execution (RCE). The vulnera
48RISCO
abrir
VulnCheck XDB
initial-access
CVE-2023-43208CRITICALsob ataqueransomware25 fev 2026
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that
100RISCO
abrir
VulnCheck XDB
local
CVE-2022-24481HIGH25 fev 2026
Windows Common Log File System Driver Elevation of Privilege Vulnerability
46RISCO
abrir
VulnCheck XDB
local
CVE-2026-21858CRITICAL24 fev 2026
n8n Vulnerable to Unauthenticated File Access via Improper Webhook Request Handling
85RISCO
abrir
VulnCheck XDB
remote-with-credentials
CVE-2025-32433CRITICALsob ataque24 fev 2026
Erlang/OTP SSH Vulnerable to Pre-Authentication RCE
100RISCO
abrir
anteriorpágina 31 / 269próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.