Publicly Disclosed
PoC Exploits

đź”´ Alway take caution when working with PoC Exploits đź”´

Discovered just now...

PoC for CVE-2026-43724

AppleiOS And iPad OS7.8HIGH
Improper Input Sanitization Vulnerability in Apple Products

A vulnerability has been identified in Apple's iOS, iPadOS, and macOS that could potentially allow an application to lead to unexpected system termination or unauthorized access to kernel memory. This vulnerability results from insufficient input sanitization, which may be exploited by malicious ...

PoC for CVE-2026-38526

WebkulKrayin CRM9.9CRITICAL
Arbitrary File Upload Vulnerability in Webkul Krayin CRM

An authenticated arbitrary file upload vulnerability exists in the /admin/tinymce/upload endpoint of Webkul Krayin CRM version 2.2.x. This flaw enables attackers to upload crafted PHP files, which can subsequently lead to the execution of arbitrary code on the server. Such vulnerabilities can be ...

Discovered 20 minutes ago

PoC for CVE-2026-46456

ApacheApache Camel9.8CRITICAL
Improper Input Validation in Apache Camel AWS2-SQS Component

An improper input validation vulnerability in the Apache Camel AWS2-SQS Component allows unauthorized manipulation of Camel control headers through unfiltered inbound message attributes. This flaw may permit an attacker to influence the behavior of downstream routes by injecting arbitrary headers...

Discovered 2 hours ago

PoC for CVE-2020-14343

PyyamlPyyaml9.8CRITICAL
Arbitrary Code Execution in PyYAML Library Affecting Multiple Versions

The PyYAML library, specifically in versions preceding 5.4, has a vulnerability allowing arbitrary code execution when handling untrusted YAML input via the full_load method or FullLoader. This weakness can be exploited by an attacker to execute malicious code on the affected system, taking advan...

PoC for CVE-2022-1471

SnakeyamlSnakeyaml🟣 EPSS 100%9.8CRITICAL
Remote Code execution in SnakeYAML

SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization...

PoC for CVE-2022-29078

EjsEjs🟣 EPSS 33%9.8CRITICAL
Server-Side Template Injection in Embedded JavaScript Templates for...

The ejs (Embedded JavaScript templates) package version 3.1.6 for Node.js is susceptible to server-side template injection. This occurs when the 'settings[view options][outputFunctionName]' is manipulated, allowing an attacker to replace the outputFunctionName option with a malicious OS command. ...

Discovered 3 hours ago

PoC for CVE-2026-15622

Poco-aiPoco-claw6.9MEDIUM
Authorization Bypass Vulnerability in Poco AI Poco-Claw Workspace API

A vulnerability exists in the Poco AI Poco-Claw Workspace API that allows an unauthorized user to bypass intended access controls. The issue lies within the function get_workspace_file located in executor_manager/app/api/v1/workspace.py. This flaw arises when the user_id argument is manipulated, ...

PoC for CVE-2026-15622

Poco-aiPoco-claw6.9MEDIUM
Authorization Bypass Vulnerability in Poco AI Poco-Claw Workspace API

A vulnerability exists in the Poco AI Poco-Claw Workspace API that allows an unauthorized user to bypass intended access controls. The issue lies within the function get_workspace_file located in executor_manager/app/api/v1/workspace.py. This flaw arises when the user_id argument is manipulated, ...

PoC for CVE-2026-15622

Poco-aiPoco-claw6.9MEDIUM
Authorization Bypass Vulnerability in Poco AI Poco-Claw Workspace API

A vulnerability exists in the Poco AI Poco-Claw Workspace API that allows an unauthorized user to bypass intended access controls. The issue lies within the function get_workspace_file located in executor_manager/app/api/v1/workspace.py. This flaw arises when the user_id argument is manipulated, ...

PoC for CVE-2026-15622

Poco-aiPoco-claw6.9MEDIUM
Authorization Bypass Vulnerability in Poco AI Poco-Claw Workspace API

A vulnerability exists in the Poco AI Poco-Claw Workspace API that allows an unauthorized user to bypass intended access controls. The issue lies within the function get_workspace_file located in executor_manager/app/api/v1/workspace.py. This flaw arises when the user_id argument is manipulated, ...

Discovered 4 hours ago

PoC for CVE-2018-16385

ThinkPHPThinkPHP9.8CRITICAL
SQL Injection Vulnerability in ThinkPHP Framework by Topthink

ThinkPHP versions prior to 5.1.23 are susceptible to SQL injection attacks through the 'public/index/index/test/index' query string. This vulnerability allows malicious actors to execute arbitrary SQL queries on the underlying database, potentially leading to unauthorized access or manipulation o...

PoC for CVE-2026-15620

MosaxivClawlet5.3MEDIUM
Server-Side Request Forgery in mosaxiv Clawlet Affects Multiple Ver...

A security vulnerability has been found in mosaxiv Clawlet versions up to 0.2.10, specifically within the tools.webFetch function located in the tools/tool_web_fetch.go file. This flaw allows attackers to execute server-side request forgery (SSRF) attacks, which can be initiated remotely. The exp...

Discovered 5 hours ago

PoC for CVE-2026-56291

Balbooa.comBalbooa.com Balbooa Fo...10CRITICAL
Unauthenticated Arbitrary File Upload Vulnerability in Balbooa Form...

The Balbooa Forms extension for Joomla contains a vulnerability that allows unauthenticated users to upload arbitrary files, including executable files. This flaw can be exploited to achieve remote code execution (RCE), posing a significant security threat to sites leveraging this extension. It i...

PoC for CVE-2026-15618

MosaxivClawlet5.3MEDIUM
Security Flaw in mosaxiv Clawlet Affects Exec Safety Guard Function...

A security flaw has been identified in the mosaxiv clawlet, specifically in the guardExecCommand function located in the tools/tool_exec.go file. This vulnerability compromises the exec Safety Guard component, leading to a failure in its protection mechanisms. The flaw allows attackers to potenti...

PoC for CVE-2026-15607

TanstackDb5.3MEDIUM
Prototype Pollution in TanStack DB Affects Alias Path Functionality

A vulnerability exists in TanStack DB versions up to 0.6.8, specifically in the select function of the Alias Path Handler located in the src/query/compiler/select.ts file. This vulnerability allows for the improper manipulation of object prototype attributes, which may be exploited remotely. The ...

Discovered 6 hours ago

PoC for CVE-2026-43499

LinuxLinux7.8HIGH
Linux Kernel Vulnerability in rtmutex Component Affecting Multiple ...

A vulnerability exists in the Linux kernel's rtmutex component where the remove_waiter() function incorrectly utilizes current instead of waiter::task during a dequeue operation within various mutex handling paths. This mismanagement leads to multiple issues, including potential use-after-free vu...

PoC for CVE-2026-46454

ApacheApache Camel9.8CRITICAL
Improper Input Validation in Apache Camel Cometd Component

An improper input validation vulnerability exists in the Apache Camel Cometd Component, which maps inbound Bayeux message headers into the Camel Exchange without adequate filtering. The lack of a HeaderFilterStrategy allows unvalidated header names, including sensitive Camel control headers, to b...

Discovered 7 hours ago

PoC for CVE-2026-15597

SourcecodesterClass And Exam Timetab...6.9MEDIUM
SQL Injection Vulnerability in SourceCodester Class and Exam Timeta...

A security flaw has been identified in the SourceCodester Class and Exam Timetabling System, specifically in the edit_exam2.php file. This vulnerability allows attackers to manipulate the argument ID, leading to SQL injection. The attack can be executed remotely, making the system susceptible to ...

PoC for CVE-2026-46453

ApacheApache Camel5.3MEDIUM
Improper Input Validation in Apache Camel ElasticSearch Rest Client

The ElasticSearch Rest Client component of Apache Camel is vulnerable to improper input validation, leading to potential authorization bypass. It allows untrusted HTTP clients to manipulate several Exchange headers that control the component’s behavior, such as SEARCH_QUERY and OPERATION, without...

PoC for CVE-2026-15596

SourcecodesterClass And Exam Timetab...5.3MEDIUM
Cross Site Scripting Vulnerability in SourceCodester Class and Exam...

A cross site scripting vulnerability exists in SourceCodester's Class and Exam Timetabling System 1.0, specifically within an unprotected function located in the /subject.php file. Manipulating the 'subject' argument can allow attackers to execute scripts in the user's browser if they visit a cra...

PoC for CVE-2026-62242

CodecentricSpring-boot-admin7.7HIGH
Server-Side Request Forgery Vulnerability in Spring Boot Admin Pre ...

The Spring Boot Admin Server prior to version 4.1.2 contains a vulnerability that permits unauthenticated attackers to exploit server-side request forgery (SSRF). This flaw allows malicious actors to register instances with manipulated healthUrl and managementUrl parameters, bypassing validation ...

PoC for CVE-2026-62240

CrewaiincCrewai8.3HIGH
Server-Side Request Forgery Vulnerability in CrewAI Software

CrewAI versions prior to 1.15.1 feature a server-side request forgery vulnerability within the validate_url function. This vulnerability allows malicious users to circumvent existing security mechanisms by submitting URLs that redirect to internal network addresses or leveraging DNS rebinding tec...

PoC for CVE-2026-62239

Dao-ailabFlash-attention5.3MEDIUM
Symlink Attack Vulnerability in FlashAttention by Dao-AILab

The FlashAttention product from Dao-AILab, specifically version 2.8.3.post1, is compromised by a symlink attack vulnerability within the download_and_copy() function of hopper/setup.py. This flaw arises as the software extracts NVIDIA toolchain archives without adequate validation of symlinks or ...

Discovered 8 hours ago

PoC for CVE-2026-15595

SourcecodesterClass And Exam Timetab...5.3MEDIUM
Cross-Site Scripting Flaw in SourceCodester Class and Exam Timetabl...

A cross-site scripting vulnerability has been identified in the SourceCodester Class and Exam Timetabling System version 1.0. This security issue arises from inadequate input validation in the '/forsubject.php' file, allowing attackers to manipulate the 'subject' argument. A successful exploit en...

PoC for CVE-2026-15594

WaooaiWaoowaoo6.3MEDIUM
Improper Authorization in Media Handler Component of WaooAI Product

A vulnerability exists in the WaooAI Media Handler's stablePublicIdFromStorageKey function, specifically in the src/lib/media/hash.ts file. This issue arises from improper authorization related to the manipulation of the 'storageKey' argument, potentially allowing attackers to gain unauthorized a...

Discovered 11 hours ago

PoC for CVE-2026-43867

ApacheApache Camel9.8CRITICAL
Deserialization Vulnerability in Apache Camel PQC Component

The Apache Camel PQC Component is susceptible to a vulnerability allowing deserialization of untrusted data. This occurs when the AwsSecretsManagerKeyLifecycleManager reads post-quantum key metadata from AWS Secrets Manager without adequate validation measures, enabling potential code execution w...

PoC for CVE-2026-57830

Joomshaper.comHelix Ultimate Extensi...8.8HIGH
Unauthenticated Arbitrary File Deletion in Helix Ultimate Joomla Ex...

The Helix Ultimate extension for Joomla is exposed to a significant security flaw that allows unauthenticated users to delete files from the server. This vulnerability poses a serious threat as it can lead to data loss and potential service disruptions, making it essential for users to be aware a...

PoC for CVE-2026-57829

Joomshaper.comHelix Ultimate Extensi...8.7HIGH
Unauthenticated Stored XSS Vulnerability in Helix Ultimate Extensio...

The Helix Ultimate extension for Joomla contains a vulnerability that allows unauthenticated users to execute malicious scripts on affected installations. This security flaw can result in stored Cross-Site Scripting (XSS) attacks, where an attacker can input harmful code that is stored and execut...

Discovered 12 hours ago

PoC for CVE-2026-43499

LinuxLinux7.8HIGH
Linux Kernel Vulnerability in rtmutex Component Affecting Multiple ...

A vulnerability exists in the Linux kernel's rtmutex component where the remove_waiter() function incorrectly utilizes current instead of waiter::task during a dequeue operation within various mutex handling paths. This mismanagement leads to multiple issues, including potential use-after-free vu...

PoC for CVE-2026-53805

Nv-tlabsGen3c9.3CRITICAL
Unauthenticated Remote Code Execution Vulnerability in NVIDIA SIL G...

The GEN3C product from NVIDIA's Spatial Intelligence Lab is affected by a serious vulnerability that allows unauthenticated remote code execution. This flaw resides in the inference API server, specifically in the /request-inference and /seed-model endpoints, which utilize Python's pickle.loads()...

Discovered 14 hours ago

PoC for CVE-2026-43499

LinuxLinux7.8HIGH
Linux Kernel Vulnerability in rtmutex Component Affecting Multiple ...

A vulnerability exists in the Linux kernel's rtmutex component where the remove_waiter() function incorrectly utilizes current instead of waiter::task during a dequeue operation within various mutex handling paths. This mismanagement leads to multiple issues, including potential use-after-free vu...

PoC for CVE-2026-43499

LinuxLinux7.8HIGH
Linux Kernel Vulnerability in rtmutex Component Affecting Multiple ...

A vulnerability exists in the Linux kernel's rtmutex component where the remove_waiter() function incorrectly utilizes current instead of waiter::task during a dequeue operation within various mutex handling paths. This mismanagement leads to multiple issues, including potential use-after-free vu...

Discovered 15 hours ago

PoC for CVE-2026-61498

VitecFlamingo9.3CRITICAL
OS Command Injection Vulnerability in Vitec Flamingo by Vitec

Vitec Flamingo version 4.12.2 is susceptible to an OS command injection vulnerability through the admin/ajax/gen_graphs.php endpoint. This vulnerability allows remote attackers to execute arbitrary shell commands by manipulating the HTTP GET parameters, including start, end, key, or format. The l...

PoC for CVE-2026-60121

VitecFlamingo9.3CRITICAL
Unauthenticated OS Command Injection in Vitec Flamingo by Vitec

Vitec Flamingo version 4.12.2 contains an unauthenticated OS command injection vulnerability in the admin/ajax/ping.php endpoint. This flaw enables remote attackers to execute arbitrary commands by taking advantage of a double-evaluation issue in how shell arguments are handled. The endpoint uses...

Discovered 16 hours ago

PoC for CVE-2026-15559

CodeastroSimple Online Leave Ma...5.3MEDIUM
SQL Injection Vulnerability in CodeAstro Simple Online Leave Manage...

A vulnerability has been identified in the CodeAstro Simple Online Leave Management System version 1.0, specifically within the POST Handler component located in the /SimpleOnlineLeave/admin/accept.php file. By manipulating the 'appid' parameter, an attacker may execute SQL injection attacks remo...

Discovered 17 hours ago

PoC for CVE-2026-15558

CodeastroSimple Online Leave Ma...5.3MEDIUM
SQL Injection Vulnerability in CodeAstro Simple Online Leave Manage...

A vulnerability has been identified in the CodeAstro Simple Online Leave Management System 1.0, specifically within the file /SimpleOnlineLeave/admin/deletemp.php. This flaw allows attackers to manipulate the ID argument, leading to SQL injection attacks that can be executed remotely. The nature ...

Discovered 19 hours ago

PoC for CVE-2026-15557

WaooaiWaoowaoo6.9MEDIUM
Improper Authentication in waooAI waoowaoo by WaooAI

A vulnerability has been identified in waooAI waoowaoo, specifically in the library function located in src/lib/api-auth.ts. This weakness affects key authentication processes including getInternalTaskSession, getAuthSession, requireUserAuth, and requireProjectAuth. Attackers can exploit this vul...

Discovered 20 hours ago

PoC for CVE-2026-15547

ShibbyTomato5.3MEDIUM
OS Command Injection in Shibby Tomato Router Firmware

A vulnerability has been identified in Shibby Tomato firmware versions up to 1.28.0000, specifically within the CIFS Mount Handler function sub_2D048. This weakness allows for the manipulation of CIFS arguments, potentially resulting in remote OS command injection. The publicly available exploit ...

PoC for CVE-2026-15546

ShibbyTomato5.3MEDIUM
OS Command Injection Vulnerability in Shibby Tomato Router Firmware

A security vulnerability has been identified in Shibby Tomato firmware versions up to 1.28.0000, affecting the function responsible for handling the execution of JFFS2 commands. This flaw allows an attacker to manipulate the argument within the jffs2_exec function, leading to potential remote OS ...

PoC for CVE-2026-15545

ShibbyTomato8.7HIGH
Out-of-Bounds Write Vulnerability in Shibby Tomato Router Firmware

A significant out-of-bounds write vulnerability has been discovered in the Shibby Tomato firmware, specifically affecting the apcupsd component found in the file www/apcupsd/tomatodata.cgi. This flaw resides within the main function, allowing attackers to manipulate the flow of data, potentially ...

PoC for CVE-2026-43499

LinuxLinux7.8HIGH
Linux Kernel Vulnerability in rtmutex Component Affecting Multiple ...

A vulnerability exists in the Linux kernel's rtmutex component where the remove_waiter() function incorrectly utilizes current instead of waiter::task during a dequeue operation within various mutex handling paths. This mismanagement leads to multiple issues, including potential use-after-free vu...

Discovered 21 hours ago

PoC for CVE-2026-15544

ShibbyTomato8.7HIGH
Stack-Based Buffer Overflow in Shibby Tomato Firmware by Shibby

A vulnerability has been identified in the Shibby Tomato firmware affecting the function getupsvar within the apcupsd component. The flaw, which leads to a stack-based buffer overflow, can be exploited remotely when malformed arguments are passed. This issue is particularly critical given its pub...

PoC for CVE-2026-15543

TendaCh228.7HIGH
Buffer Overflow Vulnerability in Tenda CH22 Router

A vulnerability exists within the Tenda CH22 router, specifically in the formCertListInfo function located at /goform/CertListInfo. This issue arises due to improper handling of the argument Name, leading to a buffer overflow condition. An attacker can exploit this vulnerability remotely, potenti...

Discovered 22 hours ago

PoC for CVE-2026-12582

WordPressLibrary Management System8.6HIGH
SQL Injection Vulnerability in Library Management System Plugin for...

The Library Management System WordPress plugin, prior to version 3.5.8, is susceptible to a SQL injection vulnerability due to inadequate sanitization and escaping of user-supplied parameters. This flaw enables unauthenticated attackers to manipulate SQL queries and gain unauthorized access to se...

PoC for CVE-2026-12275

WordPressTutor Lms7.1HIGH
Unauthorized Access Vulnerability in Tutor LMS Plugin by WordPress

The Tutor LMS WordPress plugin prior to version 3.9.13 is vulnerable due to insufficient access control measures in its Droip and Kirki page-builder integrations. This vulnerability allows authenticated users with only subscriber-level access to enroll in paid or private courses without proper au...

PoC for CVE-2026-12274

WordPressTutor Lms6.5MEDIUM
Authentication Bypass in Tutor LMS Plugin for WordPress

The Tutor LMS plugin for WordPress prior to version 3.9.13 is vulnerable due to a failure to adequately verify user permissions when saving content. This oversight allows authenticated users with instructor-level access to overwrite any post or page, disregarding the ownership of the content. Thu...

PoC for CVE-2026-12273

WordPressTutor Lms4.3MEDIUM
Authorization Flaw in Tutor LMS Plugin Enables Comment Bypass for W...

The Tutor LMS WordPress plugin prior to version 3.9.13 contains a significant security flaw that allows authenticated users, including those with subscriber-level access and above, to post comments without undergoing the appropriate authorization checks. This vulnerability enables the posting of ...

PoC for CVE-2026-12397

WordPressWP Job Portal4.3MEDIUM
Information Disclosure Vulnerability in WP Job Portal by WordPress

The WP Job Portal plugin for WordPress prior to version 2.5.5 contains a vulnerability that fails to verify ownership when returning an employer's contact email for specific job listings. This weakness allows authenticated users with subscriber-level accounts to access and enumerate the private e...

PoC for CVE-2026-12396

WordPressWP Job Portal5.4MEDIUM
Improper Access Control in WP Job Portal WordPress Plugin

The WP Job Portal WordPress plugin prior to version 2.5.5 has a serious flaw in its access control mechanisms. The plugin fails to adequately validate user capabilities or ownership, thereby allowing authenticated users with a subscriber-level account to perform job moderation actions. This could...

PoC for CVE-2026-12081

WordPressDatabase For Contact F...5MEDIUM
PHP Object Injection Vulnerability in WordPress Form Plugins

A vulnerability exists in multiple WordPress form plugins, allowing unauthenticated users to inject arbitrary PHP objects through unserialized form-field values. When an administrator views the stored entry, these injected objects can be instantiated, potentially leading to unauthorized actions o...