Publicly Disclosed
PoC Exploits
π΄ Alway take caution when working with PoC Exploits π΄
Discovered 1 hour ago
PoC for CVE-2026-58138
An unauthenticated remote code execution vulnerability in Orkes Conductor versions prior to 3.30.2 could allow remote attackers to execute arbitrary operating system commands by submitting malicious JavaScript or Python expressions through workflow definitions to the workflow API endpoint without...
Discovered 2 hours ago
PoC for CVE-2026-46490
The samlify library, used for SAML single sign-on in Node.js applications, is susceptible to an injection vulnerability prior to version 2.13.0. This issue arises because the library's template substitution mechanism fails to properly escape values inserted into XML element texts, allowing an att...
PoC for CVE-2025-40271
A use-after-free vulnerability in the Linux kernel's networking interface may allow an attacker to access freed memory. The issue arises in the `proc_readdir_de()` function when directory entries are concurrently modified while being traversed. During high-stress scenarios, unregistering network ...
Discovered 3 hours ago
PoC for CVE-2026-46300
A vulnerability in the Linux kernel affects the handling of shared-frag markers during packet coalescing. Specifically, the function skb_try_coalesce() can improperly transfer ownership of page-backed fragments without preserving the shared-frag marker. This loss can disrupt later processing, not...
Discovered 5 hours ago
PoC for CVE-2012-1823
This vulnerability in PHP occurs when the software is configured to run as a CGI script. Specifically, when the query string lacks an equals sign, PHP fails to handle it appropriately, which can lead to remote attackers executing arbitrary code. This occurs due to insufficient validation of comma...
PoC for CVE-2026-22557
A Path Traversal vulnerability exists in the UniFi Network Application, allowing attackers within the network to exploit the system. This vulnerability can enable malicious actors to access and manipulate files on the underlying operating system. Successful exploitation may lead to unauthorized a...
Discovered 7 hours ago
PoC for CVE-2025-69212
OpenSTAManager, an open source management tool for technical assistance and invoicing, has a vulnerability in the P7M file decoding functionality. Versions 2.9.8 and earlier allow authenticated attackers to upload a ZIP file containing a maliciously crafted .p7m file. This could lead to the execu...
Discovered 9 hours ago
PoC for CVE-2026-58450
Invoice Ninja versions up to 5.13.26 contain an open redirect vulnerability in the client portal login. This issue allows unauthenticated attackers to craft malicious login links that redirect authenticated users to attacker-controlled external URLs. By injecting a harmful value into the intended...
PoC for CVE-2026-58448
The Yudao Cloud BPM module prior to version 2026.06 is susceptible to a broken access control vulnerability. This flaw enables any authenticated user to manipulate a caller-controlled process-instance identifier to access unprotected endpoints. Consequently, attackers can exploit this vulnerabili...
PoC for CVE-2026-58447
Invidious versions up to 2.20260626.0 are susceptible to a broken object level authorization vulnerability, enabling authenticated attackers to delete videos from any user's playlists by manipulating global video indices in the remove_video action of the playlist endpoint. This vulnerability lack...
PoC for CVE-2026-58446
A security flaw in Presenton versions prior to 0.8.8-beta allows an unauthenticated remote attacker to access the MCP server at an unsecured endpoint. This issue stems from the nginx front-end failing to enforce authentication on the /mcp path. As a result, attackers can exploit the server to inv...
PoC for CVE-2026-31694
The Linux kernel's implementation of FUSE is vulnerable to a directory entry overflow due to improper validation of serialized directory entries. Specifically, the function `fuse_add_dirent_to_cache()` fails to verify whether a directory entry exceeds the maximum allowable size, allowing a malici...
PoC for CVE-2017-7494
Samba versions 3.5.0 up to 4.6.4, along with specific earlier releases, contain a serious vulnerability where a malicious client can upload a shared library to a writable share. This exploit allows the server to load and execute the uploaded file, leading to unauthorized control and potential dam...
Discovered 11 hours ago
PoC for CVE-2019-2215
A use-after-free vulnerability exists in the Android Binder service, which could allow attackers to elevate privileges from an application to the Linux Kernel. Exploitation of this vulnerability does not require any interaction from the user; however, it necessitates either the installation of a ...
Discovered 12 hours ago
PoC for CVE-2026-10580
The Hippoo Mobile App for WooCommerce plugin for WordPress contains a vulnerability that allows unauthenticated users to bypass authentication protocols. This security flaw stems from a logic error within the HippooPermissions::get_user_permissions() function, which incorrectly grants full admini...
Discovered 13 hours ago
PoC for CVE-2026-56121
An unsafe deserialization vulnerability in Feast prior to version 0.63.0 enables unauthorized parties to execute arbitrary code remotely. This flaw arises from the mishandling of the user_defined_function.body field within the OnDemandFeatureView specification. The field is decoded from base64 an...
PoC for CVE-2026-46817
A vulnerability exists in the Oracle Payments component of the Oracle E-Business Suite, specifically in the File Transmission functionality. This flaw allows an unauthenticated attacker with network access via HTTP to exploit the Oracle Payments system. If successfully exploited, attackers could ...
PoC for CVE-2026-8037
An OS command injection vulnerability exists in the API of Progress ADC Products, specifically affecting the LoadMaster appliance. This vulnerability allows unauthenticated attackers to execute arbitrary commands through unsanitized input in multiple command endpoints. Exploiting this weakness co...
Discovered 14 hours ago
PoC for CVE-2026-58377
The JeecgBoot framework version 3.9.2 is susceptible to a broken access control vulnerability that allows authenticated users with low privileges to execute create, read, update, and delete operations on OpenAPI credentials. The issue arises due to missing Shiro authorization annotations on criti...
PoC for CVE-2026-58376
Dolibarr ERP software versions up to 23.0.3 are susceptible to an SQL injection vulnerability that enables authenticated users to exfiltrate sensitive database contents. This flaw occurs due to inadequate validation of the sqlfilters query parameter in the setup dictionary and multicurrencies RES...
PoC for CVE-2026-58375
JimuReport versions up to 2.5.0 expose the /jmreport/auto/export endpoint without requiring authentication, due to improper configuration of the JimuNoLoginRequired annotation. This oversight allows any remote attacker to exploit the endpoint, effectively permitting enumeration of Snowflake repor...
PoC for CVE-2026-58372
SeaweedFS, prior to version 4.34, has a path traversal vulnerability in its S3 gateway, specifically within the DeleteMultipleObjectsHandler. This flaw enables authenticated S3 users with write permissions to one bucket to execute deletions on arbitrary objects across different tenant buckets. By...
PoC for CVE-2026-58176
RuoYi-Vue-Plus versions up to 5.6.2 have a significant security flaw where workflow task management endpoints lack proper authorization checks. This vulnerability allows any authenticated user, regardless of their role, to manipulate task assignments, circumventing the intended separation of duti...
PoC for CVE-2026-58172
Ocelot, a popular API Gateway developed by ThreeMammals, is vulnerable to a security control bypass that impacts versions up to 24.1.0. This vulnerability arises from the WebSocket upgrade requests that can bypass IP-based access restrictions due to faulty configuration in the OcelotPipelineExten...
PoC for CVE-2026-58166
The OpenBMB ChatDev application through version 2.2.0 is affected by a path traversal vulnerability that allows unauthenticated remote attackers to manipulate file upload operations. By sending a malicious multipart filename to the file upload endpoint, attackers can exploit the inadequate saniti...
PoC for CVE-2026-58165
OpenZiti through version 2.0.0 is vulnerable to a privilege escalation flaw that allows authenticated non-admin users to create enrollments for any identity, including administrative accounts. This is due to insufficient authorization checks in the ApplyCreate function of enrollment_manager.go, w...
Discovered 15 hours ago
PoC for CVE-2024-31317
A vulnerability has been identified in the Android Framework that allows potential code execution through unsafe deserialization in multiple functions of ZygoteProcess.java. This flaw enables local privilege escalation, requiring user execution privileges but eliminating the need for user interac...
Discovered 17 hours ago
PoC for CVE-2026-58116
LLaMA-Factory versions up to 0.9.5 are susceptible to a remote code execution vulnerability that enables users with WebUI access to run arbitrary Python code. This occurs when a malicious model path is provided in the Chat or Training interfaces, allowing the application to pass unsanitized user ...
Discovered 18 hours ago
PoC for CVE-2026-43700
A cross-origin vulnerability has been identified in Safari and various Apple operating systems. This security issue arises from inadequate tracking of security origins, which could allow maliciously crafted web content to expose sensitive user information. Users are advised to update to the lates...
Discovered 19 hours ago
PoC for CVE-2026-44789
An authenticated user with permissions to create or modify workflows in n8n prior to versions 1.123.43, 2.22.1, and 2.20.7 could exploit an unvalidated pagination parameter within the HTTP Request node to perform global prototype pollution. This vulnerability poses a risk of remote code execution...
Discovered 21 hours ago
PoC for CVE-2023-43364
The Searchor application, developed by ArjunSharda, contains a flaw in its command-line interface input processing. Prior to version 2.4.2, the application utilizes the 'eval' function on user-provided input without sufficient validation. This oversight can lead to arbitrary code execution, enabl...
Discovered 22 hours ago
PoC for CVE-2026-46331
An issue exists in the Linux Kernel where improper handling of copy-on-write (COW) operations can lead to page cache corruption. This is due to the tcf_pedit_act() function, which computes the COW range without considering runtime header offsets added by typed keys. As a result, portions of the w...
Discovered 23 hours ago
PoC for CVE-2026-56782
Gorse versions before 0.5.10 are susceptible to an authentication bypass vulnerability affecting the /api/dump and /api/restore endpoints. This security flaw enables remote attackers to gain unauthorized access to sensitive database functionalities when the admin_api_key is left empty, which is t...
Discovered 1 day ago
PoC for CVE-2026-48907
A flaw in the JCE editor extension for Joomla permits unauthorized users to create new editor profiles. This malicious capability exposes the site to risks, including the ability to upload PHP code and execute it, potentially leading to a full compromise of the website security. Site administrato...
PoC for CVE-2026-53753
Crawl4AI, an open-source LLM-friendly web crawler, prior to version 0.8.7, contains a critical vulnerability in its computed fields feature. The _safe_eval_expression() function employs an AST validator that inadequately restricts attribute access, allowing attributes without an underscore prefix...
PoC for CVE-2023-4911
The first article discusses two different critical vulnerabilities in the GNU C Library (glibc) that allow unprivileged attackers to gain root access on multiple major Linux distributions. The vulnerabilities are tracked as CVE-2023-4911 and CVE-2023-6246 and both can lead to local privilege esca...
PoC for CVE-2026-9576
The Fluent Booking Plugin for WordPress prior to version 2.1.2 is susceptible to improper access control, allowing users with the Calendar Manager role to access and export sensitive attendee information, such as names, emails, phone numbers, addresses, and payment details, from calendar groups t...
PoC for CVE-2026-11590
The WP Support Plus Responsive Ticket System Plugin for WordPress has a vulnerability that allows unauthenticated users to execute SQL injection attacks. The plugin fails to properly sanitize user-supplied array keys prior to their inclusion in SQL statements, creating an opportunity for attacker...
PoC for CVE-2026-11581
The Kali Forms plugin for WordPress, prior to version 2.4.13, is susceptible to an improper input validation vulnerability. It fails to properly sanitize the caption of form fields before displaying them as column headers on the administrator's form-entries interface. This oversight permits users...
PoC for CVE-2026-11589
The WP Support Plus Responsive Ticket System plugin for WordPress prior to version 9.1.2 lacks proper validation for uploaded files, enabling unauthenticated individuals to upload malicious files, including JavaScript code within HTML and SVG formats. This flaw may lead to Stored Cross-Site Scrip...
PoC for CVE-2026-43503
A vulnerability has been identified in the Linux kernel's handling of shared fragment markers within the networking stack. Specifically, two functions responsible for fragment transfers fail to correctly propagate fragment flags when moving data between source and destination sockets. This oversi...
PoC for CVE-2024-24824
Graylog, a widely used open-source log management platform, is susceptible to a vulnerability that enables the loading and instantiation of arbitrary classes. This issue arises from the handling of HTTP PUT requests to the `/api/system/cluster_config/` endpoint, where the system permits the submi...
PoC for CVE-2026-55200
libssh2 contains an out-of-bounds write vulnerability in the ssh2_transport_read() function that fails to impose proper limits on the packet_length field. This flaw allows remote attackers to exploit the vulnerability by sending specially crafted SSH packets with excessively large packet_length v...
PoC for CVE-2026-22226
A command injection vulnerability exists in the VPN server configuration module of the TP-Link Archer BE230 v1.2, which can be exploited after administrative authentication. This flaw allows an attacker to execute arbitrary commands, potentially granting full administrative control over the route...
Discovered 2 days ago
PoC for CVE-2026-13592
A security flaw exists in the bufwriter append function of the EtherNet IP Message Handler within liftoff-sr CIPster, allowing for potential out-of-bounds write operations. This vulnerability could be exploited remotely, posing significant risks to application integrity and security. Users are st...
PoC for CVE-2026-13591
A vulnerability has been discovered in DeepMyst Mysti 0.4.0, specifically within the Contact Tracking component's _isTrackedConversation function found in src/managers/ChannelBridge.ts. This flaw occurs due to improper handling of the _channelType argument, allowing unauthorized access. The vulne...
PoC for CVE-2026-13590
A security flaw has been identified in PcapPlusPlus version 25.05, specifically in the Modbus Protocol Handler's function pcpp::ModbusLayer::getLength. This vulnerability results from improper handling of the length argument, which can lead to a heap-based buffer overflow. Attackers may exploit t...
PoC for CVE-2026-13589
A vulnerability in the seladb PcapPlusPlus library affects the Telnet subnegotiation packet handler. Specifically, the issue lies within the function pcpp::TelnetLayer::getSubCommand in the source file Packet++/src/TelnetLayer.cpp. A remote attacker can exploit this vulnerability through manipula...
PoC for CVE-2026-48907
A flaw in the JCE editor extension for Joomla permits unauthorized users to create new editor profiles. This malicious capability exposes the site to risks, including the ability to upload PHP code and execute it, potentially leading to a full compromise of the website security. Site administrato...
PoC for CVE-2026-13588
A vulnerability has been identified in seladb PcapPlusPlus version 25.05, specifically within the TLS Hello Handler. The issue lies in the function pcpp::SSLClientHelloMessage::getHandshakeVersion located in the file Packet++/src/SSLHandshake.cpp. Manipulating the handshakeVersion argument can re...