Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.114exploits catalogados
31.649CVEs com exploração pública
0testados em laboratório
13.116 exploits
GitHub PoC
PwnKit (CVE-2021-4034) Safe Checker This tool performs read-only checks and does not attempt exploitation.
CVE-2021-4034HIGHsob ataque19 mai 2026
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool
100RISCO
abrir
GitHub PoC
suil12/CVE-2025-24813_presentation
CVE-2025-24813CRITICALsob ataque19 mai 2026
Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT
100RISCO
abrir
GitHub PoC
imSre9/CVE-2026-42945
CVE-2026-42945CRITICAL19 mai 2026
NGINX ngx_http_rewrite_module vulnerability
60RISCO
abrir
GitHub PoC1
RedCrazyGhost/CVE-2026-42945
CVE-2026-42945CRITICAL19 mai 2026
NGINX ngx_http_rewrite_module vulnerability
60RISCO
abrir
GitHub PoC
SMB Red Team Lab— NTLM Relay via LLMNR Poisoning, CVE-2007-2447, NTLMv2 Hash Cracking & NT AUTHORITY\SYSTEM on Windows 10
CVE-2007-244719 mai 2026
The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands
50RISCO
abrir
GitHub PoC
NGINX CVE-2026-42945 一键修复脚本
CVE-2026-42945CRITICAL19 mai 2026
NGINX ngx_http_rewrite_module vulnerability
60RISCO
abrir
GitHub PoC
Writeup da sala Blue do TryHackMe — exploração do EternalBlue (MS17-010/CVE-2017-0143).
CVE-2017-0143HIGHsob ataqueransomware19 mai 2026
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISCO
abrir
GitHub PoC1
Dirty Frag - kernel Linux critical Vulnerability
CVE-2026-43284HIGH19 mai 2026
xfrm: esp: avoid in-place decrypt on shared skb frags
78RISCO
abrir
GitHub PoC
Maxime288/CVE-2026-8838-RCE
CVE-2026-8838CRITICAL19 mai 2026
Remote Code Execution via eval() Injection in amazon-redshift-python-driver
48RISCO
abrir
GitHub PoC
The code for personally reproducing the corresponding vulnerability
CVE-2026-35029HIGH19 mai 2026
LiteLLM affected by privilege escalation via unrestricted proxy configuration endpoint
61RISCO
abrir
GitHub PoC
The code for personally reproducing the corresponding vulnerability
CVE-2026-35030CRITICAL19 mai 2026
LiteLLM has an authentication bypass via OIDC userinfo cache key collision
48RISCO
abrir
GitHub PoC2
Example application, vulnerable to CVE-2023-32692 (Validation Rule Injection in the PHP Framework CodeIgniter)
CVE-2023-32692CRITICAL19 mai 2026
Remote Code Execution Vulnerability in Validation Placeholders
48RISCO
abrir
GitHub PoC
Shell scanner for CVE-2026-31431 "Copy Fail" — a local privilege escalation via Linux kernel page cache corruption (algif_aead/AF_ALG). Checks kernel version, patch status, module state, setuid exposure and mitigations. Supports Debian 11–13 and Ubuntu 20.04–25.10. CI/CD-ready (exit codes + JSON output).
CVE-2026-31431HIGHsob ataque19 mai 2026
crypto: algif_aead - Revert to operating out-of-place
100RISCO
abrir
GitHub PoC4
IKEv2, ikeext.dll, CVE-2026-33824, double free, heap grooming, ROP, SKF fragmentation, Windows exploit, anti-debug, obfuscation, API hooking, shellcode, reverse shell
CVE-2026-33824CRITICAL18 mai 2026
Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability
60RISCO
abrir
GitHub PoC
cj667113/OCI-Ansible-Fix-CVE-2026-31431
CVE-2026-31431HIGHsob ataque18 mai 2026
crypto: algif_aead - Revert to operating out-of-place
100RISCO
abrir
GitHub PoC
This repository contains information about the CVE-2026-36438
CVE-2026-36438MEDIUM18 mai 2026
An issue in Intelbras VIP-1230-D-G4 Version V2.800.00IB00C.0.T allows a remote attacker to obtain sensitive information
33RISCO
abrir
GitHub PoC
Desc "CVE-2026-8053 CHECKER"-20260518-16h30-GMT+7
CVE-2026-8053HIGH18 mai 2026
FlatBSON Duplicate Field Index Drift
41RISCO
abrir
GitHub PoC
CaginKyr/CVE-2026-5203
CVE-2026-5203MEDIUM18 mai 2026
CMS Made Simple UserGuide Module XML Import class.UserGuideImporterExporter.php _copyFilesToFolder path traversal
33RISCO
abrir
GitHub PoC
Laboratorio automatizado Plug & Play en Docker para auditar y estudiar la vulnerabilidad Log4Shell (CVE-2021-44228)
CVE-2021-44228CRITICALsob ataqueransomware18 mai 2026
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISCO
abrir
GitHub PoC6
Research artifacts, PoC scripts, and lab assets for the Copy Fail Linux local privilege escalation writeup on https://4xura.com/binex/kernel/copy-fail
CVE-2026-31431HIGHsob ataque18 mai 2026
crypto: algif_aead - Revert to operating out-of-place
100RISCO
abrir
GitHub PoC
Research environment and validation scripts for evaluating deserialization behaviors in MLflow and MLServer.
CVE-2026-0596CRITICAL18 mai 2026
Command Injection in mlflow/mlflow
48RISCO
abrir
GitHub PoC
Local Privilege Escalation. Flips the running user's UID to 0 in /etc/passwd's page cache, then invokes su for a root shell.
CVE-2026-31431HIGHsob ataque18 mai 2026
crypto: algif_aead - Revert to operating out-of-place
100RISCO
abrir
GitHub PoC
Detection and mitigation tooling for CVE-2026-31431 (Copy Fail) on Linux kernels. Includes Phalanx-CCS and Silent4Labs scripts plus an Ansible playbook to apply temporary mitigation (block algif_aead module or boot parameter) across servers.
CVE-2026-31431HIGHsob ataque18 mai 2026
crypto: algif_aead - Revert to operating out-of-place
100RISCO
abrir
GitHub PoC3
CVE-2026-33825
CVE-2026-33825HIGHsob ataqueransomware18 mai 2026
Microsoft Defender Elevation of Privilege Vulnerability
71RISCO
abrir
GitHub PoC3
暂无
CVE-2026-39636MEDIUM18 mai 2026
WordPress Livemesh Addons for Elementor plugin <= 9.0 - Cross Site Scripting (XSS) vulnerability
33RISCO
abrir
GitHub PoC
Technical breakdown of CVE-2026-34472, an auth bypass via leaked credentials affecting ZTE H188A routers.
CVE-2026-34472HIGH18 mai 2026
Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2_TE and V6.0.10P3N3_TE allows u
41RISCO
abrir
GitHub PoC1
这是一个面向防守和内网排查的 CVE-2026-42945 静态检测工具,用于检查 NGINX ngx_http_rewrite_module 相关配置是否存在高风险 rewrite 组合。
CVE-2026-42945CRITICAL18 mai 2026
NGINX ngx_http_rewrite_module vulnerability
60RISCO
abrir
GitHub PoC1
这是一个面向防守和内网排查的 Apache ActiveMQ Classic 暴露面检测工具,用于辅助评估 CVE-2026-34197 相关风险。
CVE-2026-34197HIGHsob ataque18 mai 2026
Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Authenticated users could perform RCE via Jolokia MBeans
100RISCO
abrir
GitHub PoC
LAT-06/CVE-2026-34197
CVE-2026-34197HIGHsob ataque18 mai 2026
Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Authenticated users could perform RCE via Jolokia MBeans
100RISCO
abrir
GitHub PoC
Attack and Defense course project focused on CVE-2017-5638 analysis, exploitation, and mitigation.
CVE-2017-5638CRITICALsob ataqueransomware18 mai 2026
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception ha
100RISCO
abrir
anteriorpágina 38 / 438próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.