Publicly Disclosed
PoC Exploits

đź”´ Alway take caution when working with PoC Exploits đź”´

Discovered just now...

PoC for CVE-2026-31431

LinuxLinux7.8HIGH
Vulnerability in Linux Kernel Affecting Crypto Operations

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

PoC for CVE-2026-31431

LinuxLinux7.8HIGH
Vulnerability in Linux Kernel Affecting Crypto Operations

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

PoC for CVE-2026-33715

ChamiloChamilo-lms7.2HIGH
Authentication Bypass in Chamilo LMS Open-Source Learning Managemen...

Chamilo LMS, an open-source learning management system, faces a significant security issue in version 2.0-RC.2 due to unauthenticated access to the public/main/inc/ajax/install.ajax.php file. Unlike other AJAX endpoints, this file does not incorporate necessary authentication checks. The vulnerab...

PoC for CVE-2026-27825

SoopersetMcp-atlassian9.1CRITICAL
Arbitrary Code Execution in MCP Atlassian Server for Confluence and...

The MCP Atlassian server, utilized in Confluence and Jira, harbors a vulnerability that allows arbitrary code execution due to inadequate directory boundary enforcement in the `confluence_download_attachment` tool. Attackers can exploit this flaw by manipulating the `download_path` parameter, all...

PoC for CVE-2026-34160

ChamiloChamilo-lms8.6HIGH
Unauthenticated SSRF in Chamilo LMS Plugin Affects Internal Network...

The Chamilo LMS is affected by a security issue in its PENS plugin, allowing unauthenticated access to an endpoint that fetches user-controlled URLs. Malicious actors can leverage this vulnerability to probe internal network services, access sensitive cloud metadata endpoints, and manipulate inte...

PoC for CVE-2026-34975

UseplunkPlunk8.5HIGH
CRLF Header Injection Vulnerability in Plunk Open-Source Email Plat...

Plunk, an open-source email platform built on AWS SES, contains a CRLF header injection vulnerability that affects versions prior to 0.8.0. This issue allows an authenticated API user to manipulate email headers by injecting carriage return or line feed characters into fields such as from.name, s...

PoC for CVE-2026-34940

Kubeai-projectKubeai8.7NONE
Shell Command Injection in KubeAI Operator for Kubernetes

The KubeAI operator for Kubernetes exposes a critical security vulnerability due to improper sanitization of model URL components within the ollamaStartupProbeScript() function. Prior to version 0.23.2, this function constructs a shell command using unsanitized inputs, allowing an attacker with p...

PoC for CVE-2026-32247

GetzepGraphiti8.1HIGH
Cypher Injection Vulnerability in Graphiti Framework by Getzep

Graphiti, a framework designed for building and querying temporal context graphs for AI agents, has a significant Cypher injection vulnerability present in versions prior to 0.28.2. The flaw arises in the shared construction of search filters, where attacker-controlled label values supplied throu...

PoC for CVE-2026-31431

LinuxLinux7.8HIGH
Vulnerability in Linux Kernel Affecting Crypto Operations

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

PoC for CVE-2026-31431

LinuxLinux7.8HIGH
Vulnerability in Linux Kernel Affecting Crypto Operations

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

PoC for CVE-2026-31431

LinuxLinux7.8HIGH
Vulnerability in Linux Kernel Affecting Crypto Operations

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

Discovered 1 hour ago

PoC for CVE-2026-31431

LinuxLinux7.8HIGH
Vulnerability in Linux Kernel Affecting Crypto Operations

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

Discovered 2 hours ago

PoC for CVE-2026-41940

CpanelCpanel9.3CRITICAL
Authentication Bypass Vulnerability in cPanel and WHM

The affected versions of cPanel and WHM contain a serious authentication bypass flaw in the login flow. This vulnerability enables unauthenticated remote attackers to bypass authentication mechanisms, allowing them to gain unauthorized access to the control panel. Users of the specified versions ...

Discovered 4 hours ago

PoC for CVE-2026-3854

GithubEnterprise Server8.7HIGH
Remote Code Execution Vulnerability in GitHub Enterprise Server

An improper neutralization of special elements vulnerability has been identified in GitHub Enterprise Server, which allows an attacker with push access to a repository to execute arbitrary code. During a 'git push' operation, user-supplied push option values were not adequately sanitized before b...

PoC for CVE-2026-30824

FlowiseaiFlowise7.7HIGH
Unauthenticated Access Issue in Flowise by NVIDIA

Flowise, a drag-and-drop interface for building customized large language model flows, was found to have a significant security flaw prior to version 3.0.13. This vulnerability specifically allows unauthenticated users to access privileged operations through the NVIDIA NIM router API (/api/v1/nvi...

PoC for CVE-2026-7468

1024-labSmart-admin6.9MEDIUM
Access Control Issues in 1024-lab Smart-Admin Demo Site

A security vulnerability has been identified in the 1024-lab Smart-Admin product, specifically within the Demo Site component. The vulnerability arises from improper access controls related to a function found in the /smart-admin-api/druid/index.html file. This flaw allows unauthorized remote att...

Discovered 5 hours ago

PoC for CVE-2026-7447

SourcecodesterPet Grooming Managemen...5.3MEDIUM
SQL Injection Vulnerability in SourceCodester Pet Grooming Manageme...

A flaw in SourceCodester's Pet Grooming Management Software version 1.0 allows for SQL injection through manipulation of the /admin/update_customer.php file. This vulnerability arises due to improper validation of argument types and parameter length, enabling remote attackers to execute arbitrary...

Discovered 6 hours ago

PoC for CVE-2026-7443

BurtthecoderMcp-dnstwist6.9MEDIUM
OS Command Injection Vulnerability in BurtTheCoder MCP-DNSTwist

A critical security issue has been discovered in the BurtTheCoder MCP-DNSTwist application, specifically within the fuzz_domain function located in src/index.ts. This vulnerability allows attackers to manipulate request arguments, resulting in potential OS command injection. The issue is concerni...

Discovered 7 hours ago

PoC for CVE-2026-7420

UttHiper 1250gw8.7HIGH
Buffer Overflow Vulnerability in UTT HiPER 1250GW by UTT

A security vulnerability has been identified in UTT HiPER 1250GW, specifically in the strcpy function located in the route/goform/ConfigAdvideo file. This flaw allows an attacker to manipulate the Profile argument, leading to a buffer overflow condition. The vulnerability can be exploited remotel...

PoC for CVE-2026-7419

UttHiper 1250gw8.7HIGH
Buffer Overflow Vulnerability in UTT HiPER 1250GW Device from UTT

A buffer overflow vulnerability has been identified in the UTT HiPER 1250GW device, specifically within the strcpy function in the route/goform/formTaskEdit_ap file. This issue arises from improper handling of the Profile argument, allowing for remote exploitation. An attacker could leverage this...

PoC for CVE-2026-7418

UttHiper 1250gw8.7HIGH
Buffer Overflow Vulnerability in UTT HiPER 1250GW Network Device

A vulnerability exists in the UTT HiPER 1250GW network device, specifically in the strcpy function used within the NTP management interface. By manipulating the Profile argument, an attacker can trigger a buffer overflow, which may potentially allow for remote code execution. This vulnerability h...

PoC for CVE-2026-7417

AlgovateXhs-mcp6.9MEDIUM
Server-Side Request Forgery in Algovate MCP Interface

A vulnerability exists in the Algovate xhs-mcp 0.8.11 version that impacts the xhs_publish_content function within the MCP Interface. Specifically, an attacker can exploit the vulnerability through manipulated media_paths arguments, leading to server-side request forgery that can be initiated rem...

Discovered 8 hours ago

PoC for CVE-2026-7416

PolarvistaXcode-mcp-server6.9MEDIUM
OS Command Injection Vulnerability in PolarVista xcode-mcp-server

A security flaw exists in PolarVista xcode-mcp-server 1.0.0, specifically within the build_project/run_tests function located in the src/index.ts file of the MCP Interface. This vulnerability allows for remote exploitation through argument manipulation in the Request, potentially enabling attacke...

PoC for CVE-2026-7410

SourcecodesterPizzafy Ecommerce System5.3MEDIUM
SQL Injection Vulnerability in SourceCodester Pizzafy Ecommerce System

An SQL injection vulnerability has been identified in the SourceCodester Pizzafy Ecommerce System version 1.0. The flaw resides in the processing of the 'pid' argument within the /admin/ajax.php?action=add_to_cart file. An attacker can exploit this vulnerability remotely to manipulate and execute...

PoC for CVE-2026-7409

SourcecodesterPizzafy Ecommerce System5.1MEDIUM
SQL Injection Vulnerability in SourceCodester Pizzafy Ecommerce System

A vulnerability has been identified in the SourceCodester Pizzafy Ecommerce System 1.0, specifically within the function save_user located in /admin/ajax.php?action=save_user. This flaw allows attackers to execute SQL injection attacks by manipulating input parameters, enabling unauthorized acces...

PoC for CVE-2026-7408

SourcecodesterPizzafy Ecommerce System5.1MEDIUM
SQL Injection Vulnerability in SourceCodester Pizzafy Ecommerce System

A significant SQL injection vulnerability has been identified in the SourceCodester Pizzafy Ecommerce System 1.0, specifically within the 'save_menu' function in the 'admin/ajax.php?action=save_menu' file. This vulnerability enables attackers to execute arbitrary SQL queries, potentially leading ...

Discovered 9 hours ago

PoC for CVE-2026-7407

SourcecodesterPizzafy Ecommerce System5.1MEDIUM
SQL Injection Vulnerability in SourceCodester Pizzafy Ecommerce System

A security vulnerability has been identified in the Save Settings function of the Setting Handler component in SourceCodester's Pizzafy Ecommerce System 1.0. This flaw allows attackers to exploit the remote execution of SQL injection through the ajax.php file, specifically via the 'action=save_se...

PoC for CVE-2026-7404

GetsimpletoolMcpo-simple-server6.9MEDIUM
Path Traversal Vulnerability in Getsimpletool mcpo-simple-server

A path traversal vulnerability exists in the Getsimpletool mcpo-simple-server, particularly within the delete_shared_prompt function in the base_manager.py file. This weakness allows an attacker to manipulate the 'detail' argument, potentially leading to unauthorized file access on the server. Th...

PoC for CVE-2026-7403

GeldataGel-mcp6.9MEDIUM
Path Traversal Vulnerability in Geldata Gel-MCP 0.1.0

A security flaw has been identified in Geldata Gel-MCP version 0.1.0 affecting its fetch_rule function in the server.py file. This vulnerability allows an attacker to exploit the manipulation of the 'rule_name' parameter, potentially leading to unauthorized file access through path traversal. Thi...

PoC for CVE-2026-34965

CockpitCockpit Cms8.7HIGH
Authenticated Remote Code Execution Vulnerability in Cockpit CMS

Cockpit CMS contains an authenticated remote code execution vulnerability that affects the /cockpit/collections/save_collection endpoint. This flaw enables attackers with collection management privileges to inject arbitrary PHP code into collection rules parameters. By exploiting this vulnerabili...

Discovered 10 hours ago

PoC for CVE-2018-25311

Videoflow Ltd.Videoflow Digital Vide...7.1HIGH
Authenticated Directory Traversal Vulnerability in VideoFlow Digita...

The VideoFlow Digital Video Protection DVP 2.10 is susceptible to an authenticated directory traversal vulnerability. This flaw enables authenticated attackers to disclose sensitive files from the system by exploiting the ID parameter with directory traversal sequences. By exploiting endpoints su...

PoC for CVE-2018-25310

Videoflow Ltd.Videoflow Digital Vide...5.3MEDIUM
Remote Code Execution Vulnerability in VideoFlow Digital Video Prot...

VideoFlow Digital Video Protection DVP version 2.10 is susceptible to an authenticated remote code execution vulnerability due to a cross-site request forgery (CSRF) flaw within the web management interface. This vulnerability permits attackers with legitimate credentials to exploit the CSRF weak...

PoC for CVE-2018-25318

TendaFh303/a3009.3CRITICAL
Session Weakness Vulnerability in Tenda FH303/A300 by Tenda

The Tenda FH303/A300 firmware version V5.07.68_EN exposes a session weakness that may enable unauthorized individuals to alter DNS settings. This vulnerability arises from inadequate cookie validation, allowing attackers to utilize specially crafted admin cookies to send GET requests to the /gofo...

PoC for CVE-2018-25317

TendaW3002r9.3CRITICAL
Cookie Session Weakness in Tenda Wireless Routers

The Tenda W3002R, A302, and W309R wireless routers running version V5.07.64_en exhibit a vulnerability related to cookie session validation. This flaw allows unauthenticated attackers to send crafted GET requests to the /goform/AdvSetDns endpoint, enabling them to alter DNS settings. By exploitin...

PoC for CVE-2018-25316

TendaW9.3CRITICAL
Cookie Session Weakness in Tenda W308R v2 by Tenda

The Tenda W308R v2, specifically version V5.07.48, is susceptible to a vulnerability that enables attackers to exploit cookie session weaknesses. By manipulating the admin language cookie, attackers can send crafted GET requests to the goform/AdvSetDns endpoint, successfully altering DNS settings...

PoC for CVE-2018-25315

AlloksoftVideo Joiner8.6HIGH
Buffer Overflow Vulnerability in Alloksoft Video Joiner Software

Alloksoft Video Joiner version 4.6.1217 is affected by a buffer overflow vulnerability that could allow local attackers to execute arbitrary code. This can be triggered by supplying a crafted string in the License Name field during the license registration process. By exploiting this flaw, attack...

PoC for CVE-2018-25314

AlloksoftWmv To Avi Mpeg Dvd Wm...8.6HIGH
Buffer Overflow Vulnerability in Allok Soft WMV to AVI MPEG DVD WMV...

Allok Soft WMV to AVI MPEG DVD WMV Converter 4.6.1217 is susceptible to a buffer overflow vulnerability. This flaw enables local attackers to execute arbitrary code by inputting an oversized string in the License Name field. By crafting malicious input that exploits structured exception handler (...

PoC for CVE-2018-25313

SysgaugeSysgauge6.9MEDIUM
Buffer Overflow Vulnerability in SysGauge by SysGauge Technologies

SysGauge version 4.5.18 is susceptible to a buffer overflow vulnerability in its proxy configuration handler. This issue allows local attackers to exploit the application by injecting an oversized string into the Proxy Server Host Name field within the Options menu. Such an action can lead to an ...

PoC for CVE-2018-25312

LifesizeClearsea7.1HIGH
Directory Traversal Vulnerabilities in LifeSize ClearSea by LifeSize

LifeSize ClearSea 3.1.4 is susceptible to directory traversal vulnerabilities that permit authenticated attackers to manipulate path parameters within the smartgui interface. By exploiting these weaknesses, attackers can upload and download arbitrary files, gaining the potential to write files to...

PoC for CVE-2018-25308

DonmikBuddypress Xprofile Cu...8.7HIGH
Remote Code Execution Vulnerability in BuddyPress Xprofile Custom F...

The BuddyPress Xprofile Custom Fields version 2.6.3 has a vulnerability that enables authenticated users to execute remote code. By manipulating unescaped POST parameters, specifically 'field_hiddenfile' and 'field_deleteimg', attackers can delete arbitrary files from the server during profile ed...

PoC for CVE-2018-25309

MybbMybb Recent Threads5.1MEDIUM
Persistent Cross-Site Scripting Vulnerability in MyBB Recent Thread...

The persistent cross-site scripting vulnerability in MyBB Recent Threads version 17.0 enables attackers to inject malicious JavaScript into the subject lines of threads. When users view the index page, the injected scripts execute in their browsers, compromising user sessions and data privacy. Th...

PoC for CVE-2018-25307

SysgaugeSysgauge Pro8.6HIGH
Local Buffer Overflow in SysGauge Pro by SysGauge Technologies

SysGauge Pro 4.6.12 is susceptible to a local buffer overflow vulnerability in its Register function. This flaw allows local attackers to overwrite the structured exception handler by providing a specially crafted unlock key. The vulnerability enables the execution of arbitrary code with applicat...

PoC for CVE-2018-25306

Poppler-utilsPDFunite6.9MEDIUM
Buffer Overflow Vulnerability in PDFunite by Vendor Poppler

PDFunite version 0.41.0 is susceptible to a buffer overflow vulnerability that may allow local attackers to crash the application when processing specially crafted PDF files during merge operations. The issue arises in the XRef::getEntry function within libpoppler, leading to a segmentation fault...

PoC for CVE-2018-25305

Xen ProjectialRsvg6.9MEDIUM
Buffer Overflow Vulnerability in librsvg2-bin Affects Local Attackers

The librsvg2-bin version 2.40.13 is susceptible to a buffer overflow vulnerability that can be exploited by local attackers. This vulnerability arises when the rsvg conversion tool processes malformed SVG files, which may lead to a denial of service by causing segmentation faults in the cairo ima...

PoC for CVE-2018-25304

FilehippoFree Download Manager8.6HIGH
Local Buffer Overflow Vulnerability in Free Download Manager by Fre...

Free Download Manager version 2.0 Built 417 exposes a local buffer overflow vulnerability within its URL import functionality. By crafting a malicious URL file, attackers can exploit this vulnerability through the File > Import > Import lists of downloads menu. This leads to a buffer overflow in ...

PoC for CVE-2018-25303

AlloksoftAllok Video To Dvd Burner8.6HIGH
Stack-based Buffer Overflow in Allok Video to DVD Burner by Allok S...

A stack-based buffer overflow vulnerability exists within Allok Video to DVD Burner 2.6.1217, specifically in the License Name field. This flaw can be exploited by local attackers to execute arbitrary code through a specially crafted input. By injecting a malicious string of 780 bytes consisting ...

PoC for CVE-2018-25302

AlloksoftAllok Avi To Dvd Svcd ...8.5HIGH
Buffer Overflow Vulnerability in Allok AVI to DVD SVCD VCD Converte...

Allok AVI to DVD SVCD VCD Converter version 4.0.1217 exhibits a structured exception handling (SEH) based buffer overflow vulnerability. This issue allows local attackers to execute arbitrary code by inserting a specially crafted malicious string into the License Name field. When the crafted inpu...

PoC for CVE-2018-25301

Easy MpegEasy Mpeg To Dvd Burner8.6HIGH
Local Buffer Overflow Vulnerability in Easy MPEG to DVD Burner by S...

The Easy MPEG to DVD Burner version 1.7.11 is susceptible to a local buffer overflow due to improper handling of structured exception handling (SEH). Attackers can exploit this vulnerability by crafting a malicious username string that injects arbitrary code into the program. This crafted payload...

PoC for CVE-2018-25299

MersennePrime958.6HIGH
Local Buffer Overflow Vulnerability in Prime95 by Mersenne

The Prime95 29.4b8 version is susceptible to a local buffer overflow vulnerability due to flawed handling of structured exception handling (SEH). This flaw enables attackers to execute arbitrary code by injecting malicious payloads through the optional proxy hostname field in the PrimeNet setting...

PoC for CVE-2018-25300

XataboostXataboost Cms8.8HIGH
Union-based SQL Injection Vulnerability in XATABoost CMS 1.0.0

XATABoost CMS version 1.0.0 is susceptible to a union-based SQL injection flaw which enables unauthenticated attackers to execute arbitrary SQL queries via manipulated input in the id parameter. By crafting specific GET requests to news.php, an attacker can retrieve sensitive information from the...