Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.114exploits catalogados
31.649CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.469Referência 19.810GitHub PoC 13.116VulnCheck XDB 8.069Nuclei 4.188Metasploit 3.462✓ só verificadosrecentespopularesrisco
13.116 exploits
GitHub PoC★ 2
nanwinata/nginxrift-CVE-2026-42945
NGINX ngx_http_rewrite_module vulnerability
60RISCO
abrir ↗GitHub PoC
ydking0911/CVE-2026-4060-PoC
Geo Mashup <= 1.13.18 - Unauthenticated Time-Based SQL Injection via 'sort' Parameter
41RISCO
abrir ↗GitHub PoC★ 1
CVE-2026-44403-WingFTP-v8.1.2-POC-Exploit
Wing FTP Server < 8.1.3 Authenticated Remote Code Execution via Session Serialization
41RISCO
abrir ↗GitHub PoC★ 1
Proof of concept exploit for CVE-2026-46391
HAX open-apis: Credential Theft via Server-Side Request Forgery (SSRF) in open-apis
41RISCO
abrir ↗GitHub PoC
These detection scripts are property of the SECPlayground Platform. Two safe detection scripts. Neither drives the close_notify-mid-BDAT trigger, so they will not crash the daemon or leave panic-log entries. Both verdicts are "likely vulnerable" — distinguishing GnuTLS from OpenSSL builds remotely is not reliable without exploitation.
Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing p
48RISCO
abrir ↗GitHub PoC
ChamsBouzaiene/ai-vuln-rediscovery-nginx-cve-2026-42945
NGINX ngx_http_rewrite_module vulnerability
60RISCO
abrir ↗GitHub PoC
User Registration & Membership <= 5.1.5 - Unauthenticated Missing Authorization to Admin Approval Bypass via 'action' Parameter
User Registration & Membership <= 5.1.5 - Unauthenticated Missing Authorization to Admin Approval Bypass via 'action' Parameter
33RISCO
abrir ↗GitHub PoC★ 15
p3Nt3st3r-sTAr/CVE-2026-42945-POC
NGINX ngx_http_rewrite_module vulnerability
60RISCO
abrir ↗GitHub PoC★ 1
Scan your NGINX configuration to determine whether it is affected by CVE-2026-42945.
NGINX ngx_http_rewrite_module vulnerability
60RISCO
abrir ↗GitHub PoC
Test repo: simulates CVE-2025-30066 style compromised GitHub Action (for security research/testing chainradar)
tj-actions changed-files before 46 allows remote attackers to discover secrets by reading actions logs. (The tags v1 thr
83RISCO
abrir ↗GitHub PoC
A comprehensive full-lifecycle penetration testing project on Joomla 4.2.5 exploiting CVE-2023-23752 inside a Dockerized lab environment
[20230201] - Core - Improper access check in webservice endpoints
100RISCO
abrir ↗GitHub PoC★ 5
CVE-2026-8181 - Burst Statistics 3.4.0-3.4.1.1 Unauthenticated Authentication Bypass to Admin Account Takeover | Proof of Concept
Burst Statistics 3.4.0 - 3.4.1.1 - Authentication Bypass to Admin Account Takeover
68RISCO
abrir ↗GitHub PoC
mbanyamer/CVE-2026-22553-InSAT-MasterSCADA-BUK-TS-MMadmServ
InSAT MasterSCADA BUK-TS OS Command Injection
48RISCO
abrir ↗GitHub PoC★ 1
Sentebale/CVE-2026-46300
net: skbuff: preserve shared-frag marker during coalescing
41RISCO
abrir ↗GitHub PoC
0xFuffM3/CVE-2026-31431-CopyFail
crypto: algif_aead - Revert to operating out-of-place
100RISCO
abrir ↗GitHub PoC
Snort 3 IDS → IPS lab on Kali. Custom detection rules + iptables enforcement against ICMP recon, Nmap SYN scans, Hydra FTP brute force, and vsftpd 2.3.4 backdoor (CVE-2011-2523).
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
60RISCO
abrir ↗GitHub PoC
A CopyFail CVE-2026-31431 implementation in python that isnt slop! Bring your own payload
crypto: algif_aead - Revert to operating out-of-place
100RISCO
abrir ↗GitHub PoC★ 33
Nginx Rewrite CVE Scan(CVE-2026-42945 nginx-rift CVE-2026-9256)
NGINX ngx_http_rewrite_module vulnerability
60RISCO
abrir ↗GitHub PoC
There is a path injection vulnerability in OpenPLC-v3, which arises from the program not performing any validity checks on the file path parameters passed in from the command line. Attackers can read any readable file by constructing malicious paths, posing a risk of information leakage.
A path injection vulnerability exists in OpenPLC v3 (2c82b0e79c53f8c1f1458eee15fec173400d6e1a) as the binary program com
33RISCO
abrir ↗GitHub PoC
pixelotes/lab-cve-2023-4863
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to
93RISCO
abrir ↗GitHub PoC
Controlled reproduction of CVE-2017-0144 (EternalBlue) in an isolated AWS EC2 lab — exploit analysis, Wireshark traffic capture, and MITRE ATT&CK mapping
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISCO
abrir ↗GitHub PoC★ 7
🚀 CVE-2026-0073 - Android ADB Wireless Debugging Exploit (CVSS 8.8) 🔓 Zero-click authentication bypass via TLS type confusion. Gain interactive shell, execute commands, scan networks. Educational red-team tool. 🐚⚡
In adbd_tls_verify_cert of auth.cpp, there is a possible bypass of wireless ADB mutual authentication due to a logic err
41RISCO
abrir ↗GitHub PoC
copy-fail-CVE-2026-31431
crypto: algif_aead - Revert to operating out-of-place
100RISCO
abrir ↗GitHub PoC
SessionReaper-CVE-2025-54236
Adobe Commerce | Improper Input Validation (CWE-20)
100RISCO
abrir ↗GitHub PoC
Bencodin/CVE-2026-23918-poc
Apache HTTP Server: http2: double free and possible RCE on early reset
53RISCO
abrir ↗GitHub PoC★ 1
First CTF successfully completed! This repo documents my walkthrough of TryHackMe's Simple CTF. It covers network reconnaissance (Nmap), web exploitation (CVE-2019-9053), and credential cracking. As a dev, it was great to pivot from SQLi to a Root shell by leveraging Sudo misconfigurations. Educational purposes only.
An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve
35RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.