Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.062exploits catalogados
31.617CVEs com exploração pública
0testados em laboratório
8.069 exploits
VulnCheck XDB
initial-access
CVE-2021-42013CRITICALsob ataqueransomware24 jun 2026
Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-57819CRITICALsob ataque24 jun 2026
FreePBX Affected by Authentication Bypass Leading to SQL Injection and RCE
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2021-22205CRITICALsob ataqueransomware24 jun 2026
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validati
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-32432CRITICALsob ataque24 jun 2026
Craft CMS Allows Remote Code Execution
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALsob ataqueransomware24 jun 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-58034MEDIUMsob ataque24 jun 2026
An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] vul
90RISCO
abrir
VulnCheck XDB
initial-access
CVE-2019-023223 jun 2026
When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0
60RISCO
abrir
VulnCheck XDB
initial-access
CVE-2020-11651CRITICALsob ataque23 jun 2026
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs cla
100RISCO
abrir
VulnCheck XDB
client-side
CVE-2024-21413CRITICALsob ataque23 jun 2026
Microsoft Outlook Remote Code Execution Vulnerability
100RISCO
abrir
VulnCheck XDB
local
CVE-2019-2215HIGHsob ataque23 jun 2026
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interacti
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2021-41773HIGHsob ataqueransomware23 jun 2026
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
100RISCO
abrir
VulnCheck XDB
local
CVE-2021-4034HIGHsob ataque22 jun 2026
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2026-48908CRITICAL22 jun 2026
Joomla Extension - joomshaper.com - Remote Code Execution in SP Pagebuilder extension for Joomla < 6.6.2
48RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALsob ataqueransomware22 jun 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISCO
abrir
VulnCheck XDB
denial-of-service
CVE-2026-42945CRITICAL22 jun 2026
NGINX ngx_http_rewrite_module vulnerability
60RISCO
abrir
VulnCheck XDB
initial-access
CVE-2022-23131CRITICALsob ataque22 jun 2026
Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2026-48907CRITICALsob ataque22 jun 2026
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2026-48907CRITICALsob ataque22 jun 2026
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2026-23744CRITICAL22 jun 2026
REC in MCPJam inspector due to HTTP Endpoint exposes
75RISCO
abrir
VulnCheck XDB
info-leak
CVE-2023-23752MEDIUMsob ataque21 jun 2026
[20230201] - Core - Improper access check in webservice endpoints
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2026-21858CRITICAL21 jun 2026
n8n Vulnerable to Unauthenticated File Access via Improper Webhook Request Handling
85RISCO
abrir
VulnCheck XDB
initial-access
CVE-2026-49777CRITICAL21 jun 2026
WordPress Product Slider Pro for WooCommerce plugin < 3.5.4 - Backdoor vulnerability
63RISCO
abrir
VulnCheck XDB
info-leak
CVE-2026-32202MEDIUMsob ataque21 jun 2026
Windows Shell Spoofing Vulnerability
75RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALsob ataque21 jun 2026
Remote code execution as guest via SolrSearchMacros request in xwiki
100RISCO
abrir
VulnCheck XDB
remote-with-credentials
CVE-2025-68613CRITICALsob ataque21 jun 2026
n8n Vulnerable to Remote Code Execution via Expression Injection
100RISCO
abrir
VulnCheck XDB
info-leak
CVE-2025-24071MEDIUM21 jun 2026
Microsoft Windows File Explorer Spoofing Vulnerability
38RISCO
abrir
VulnCheck XDB
local
CVE-2025-32463CRITICALsob ataque21 jun 2026
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled director
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-29927CRITICAL21 jun 2026
Authorization Bypass in Next.js Middleware
85RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-55182CRITICALsob ataqueransomware21 jun 2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2022-0543CRITICALsob ataque19 jun 2026
It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific
100RISCO
abrir

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.