Publicly Disclosed
PoC Exploits
đź”´ Alway take caution when working with PoC Exploits đź”´
Discovered just now...
PoC for CVE-2026-43735
A vulnerability has been identified in Safari and related Apple products that allows malicious websites to potentially exfiltrate sensitive data across different origins. The issue has been remediated with enhanced verification protocols in the latest versions, ensuring that requests made to exte...
Discovered 59 minutes ago
PoC for CVE-2026-42945
A vulnerability exists in the ngx_http_rewrite_module of NGINX Plus and NGINX Open Source, triggered when a rewrite directive is followed by an if or set directive that includes a Perl-Compatible Regular Expression (PCRE) capture and a replacement string with a question mark. Attackers can exploi...
Discovered 2 hours ago
PoC for CVE-2026-34117
Guardian language-system passes the id GET parameter directly into a PHP exec() call in text_to_subtitles.php (line 19) without sanitization: exec(\"php jobs/text_to_subtitles.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can ...
Discovered 3 hours ago
PoC for CVE-2026-58454
The JAIOTlink C492A-W6 Wi-Fi IP cameras with firmware version 4.8.30.57701411 are vulnerable to a remote code execution flaw. Authenticated attackers can exploit this vulnerability by saving arbitrary shell scripts in the writable persistent JFFS2 storage. By utilizing the authenticated HTTP endp...
PoC for CVE-2026-58453
The JAIOTlink C492A-W6 Wi-Fi IP cameras have a serious vulnerability where hard-coded credentials allow network-adjacent attackers to access the device. By exploiting default admin credentials and an empty password for the anyka_ipc HTTP service on port 80, unauthorized individuals can gain contr...
PoC for CVE-2026-58452
The JAIOTlink C492A-W6 Wi-Fi IP camera firmware version 4.8.30.57701411 is susceptible to an OS command injection flaw. This vulnerability allows authenticated attackers to execute arbitrary code remotely. By manipulating the Wireless parameter in the HTTP PUT NetSDK/Factory SetMAC endpoint, atta...
PoC for CVE-2026-57517
The vulnerability in Control Web Panel allows unauthenticated attackers to exploit a blind SQL injection flaw. By submitting unsanitized input through the userRes POST parameter at the user endpoint, attackers can execute arbitrary SQL queries. This exploit can lead to unauthorized access to MySQ...
Discovered 4 hours ago
PoC for CVE-2026-58127
PACSgear MediaWriter 5.2.1 exposes a critical vulnerability via its .NET Remoting TCP service on port 9000. The service does not require authentication and allows remote attackers to read and write arbitrary files on the host system. By exploiting the unmarshalling technique of the MarshalByRefOb...
PoC for CVE-2026-58126
PACSgear PACS Scan 5.2.1 is susceptible to an unauthenticated remote code execution vulnerability due to an exposed .NET Remoting TCP service operating on port 22222. This allows attackers to execute unauthorized commands and manipulate files remotely through PGImageExchQueue.exe without any auth...
Discovered 8 hours ago
PoC for CVE-2024-27198
An authentication bypass vulnerability has been identified in JetBrains TeamCity, allowing unauthorized users to perform administrative actions. This flaw exists in versions of TeamCity prior to 2023.11.4 and poses a significant risk to the security of systems utilizing this software. Exploitatio...
Discovered 12 hours ago
PoC for CVE-2026-11570
The User Submitted Posts plugin for WordPress prior to version 20260608 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability. This occurs due to the failure to properly escape submitted values before they are displayed in an admin-configured template. An attacker can exploit this f...
PoC for CVE-2026-11568
The Product Configurator for WooCommerce plugin before version 1.7.3 has a serious flaw where it fails to implement necessary authorization checks before exposing WooCommerce product data via a public AJAX action. This oversight allows anyone, even unauthenticated users, to access sensitive produ...
PoC for CVE-2026-11883
The WebAuthn Provider for Two Factor WordPress plugin prior to version 2.5.6 contains a security flaw that fails to adequately validate the second-factor authentication responses. This vulnerability enables an attacker, who already possesses a user's password, to bypass the two-factor authenticat...
PoC for CVE-2026-11880
The Fluent Forms plugin for WordPress prior to version 6.2.1 contains a vulnerability that allows low-privilege authenticated users to cancel subscriptions of other users. This flaw arises because the plugin fails to adequately verify the ownership of subscriptions before processing cancellation ...
PoC for CVE-2026-11794
The Advanced Form Integration — Connect Forms to 200+ Apps WordPress plugin, prior to version 2.1.1, contains a security flaw that allows unauthenticated users to create user accounts with roles that may include administrator. This exploit arises when public form submissions configured through sp...
PoC for CVE-2026-11887
The Salon Booking System plugin for WordPress lacks adequate authorization checks on specific AJAX actions, allowing authenticated users—such as subscribers—to make unauthorized modifications. This weakness enables them to alter settings and bypass the necessary manual approval process for new bo...
PoC for CVE-2026-11562
The WS Form LITE plugin for WordPress versions prior to 1.11.8 contains an authorization vulnerability that permits authenticated users, with subscriber-level access or higher, to alter the plugin's critical settings without adequate checks. This loophole can lead to unauthorized modifications, p...
PoC for CVE-2026-10750
The Royal MCP WordPress plugin prior to version 1.4.26 lacks sufficient capability checks following token authentication. This deficiency permits authenticated users, even those with low-privileged roles such as Subscribers, to access private content, enumerate users and their roles, and manipula...
Discovered 13 hours ago
PoC for CVE-2025-15666
A security vulnerability exists in Open Asset Import Library (Assimp) prior to version 5.4.3, specifically within the Assimp::SceneCombiner::Copy function located in the Model File Handler component. This issue arises from manipulations involving width and height arguments, leading to a heap-base...
Discovered 14 hours ago
PoC for CVE-2026-58138
An unauthenticated remote code execution vulnerability in Orkes Conductor versions prior to 3.30.2 could allow remote attackers to execute arbitrary operating system commands by submitting malicious JavaScript or Python expressions through workflow definitions to the workflow API endpoint without...
PoC for CVE-2026-46490
The samlify library, used for SAML single sign-on in Node.js applications, is susceptible to an injection vulnerability prior to version 2.13.0. This issue arises because the library's template substitution mechanism fails to properly escape values inserted into XML element texts, allowing an att...
Discovered 15 hours ago
PoC for CVE-2025-40271
A use-after-free vulnerability in the Linux kernel's networking interface may allow an attacker to access freed memory. The issue arises in the `proc_readdir_de()` function when directory entries are concurrently modified while being traversed. During high-stress scenarios, unregistering network ...
PoC for CVE-2026-46300
A vulnerability in the Linux kernel affects the handling of shared-frag markers during packet coalescing. Specifically, the function skb_try_coalesce() can improperly transfer ownership of page-backed fragments without preserving the shared-frag marker. This loss can disrupt later processing, not...
Discovered 17 hours ago
PoC for CVE-2012-1823
This vulnerability in PHP occurs when the software is configured to run as a CGI script. Specifically, when the query string lacks an equals sign, PHP fails to handle it appropriately, which can lead to remote attackers executing arbitrary code. This occurs due to insufficient validation of comma...
Discovered 18 hours ago
PoC for CVE-2026-22557
A Path Traversal vulnerability exists in the UniFi Network Application, allowing attackers within the network to exploit the system. This vulnerability can enable malicious actors to access and manipulate files on the underlying operating system. Successful exploitation may lead to unauthorized a...
Discovered 20 hours ago
PoC for CVE-2025-69212
OpenSTAManager, an open source management tool for technical assistance and invoicing, has a vulnerability in the P7M file decoding functionality. Versions 2.9.8 and earlier allow authenticated attackers to upload a ZIP file containing a maliciously crafted .p7m file. This could lead to the execu...
Discovered 21 hours ago
PoC for CVE-2026-58450
Invoice Ninja versions up to 5.13.26 contain an open redirect vulnerability in the client portal login. This issue allows unauthenticated attackers to craft malicious login links that redirect authenticated users to attacker-controlled external URLs. By injecting a harmful value into the intended...
PoC for CVE-2026-58448
The Yudao Cloud BPM module prior to version 2026.06 is susceptible to a broken access control vulnerability. This flaw enables any authenticated user to manipulate a caller-controlled process-instance identifier to access unprotected endpoints. Consequently, attackers can exploit this vulnerabili...
PoC for CVE-2026-58447
Invidious versions up to 2.20260626.0 are susceptible to a broken object level authorization vulnerability, enabling authenticated attackers to delete videos from any user's playlists by manipulating global video indices in the remove_video action of the playlist endpoint. This vulnerability lack...
PoC for CVE-2026-58446
A security flaw in Presenton versions prior to 0.8.8-beta allows an unauthenticated remote attacker to access the MCP server at an unsecured endpoint. This issue stems from the nginx front-end failing to enforce authentication on the /mcp path. As a result, attackers can exploit the server to inv...
Discovered 22 hours ago
PoC for CVE-2026-31694
The Linux kernel's implementation of FUSE is vulnerable to a directory entry overflow due to improper validation of serialized directory entries. Specifically, the function `fuse_add_dirent_to_cache()` fails to verify whether a directory entry exceeds the maximum allowable size, allowing a malici...
PoC for CVE-2017-7494
Samba versions 3.5.0 up to 4.6.4, along with specific earlier releases, contain a serious vulnerability where a malicious client can upload a shared library to a writable share. This exploit allows the server to load and execute the uploaded file, leading to unauthorized control and potential dam...
Discovered 23 hours ago
PoC for CVE-2019-2215
A use-after-free vulnerability exists in the Android Binder service, which could allow attackers to elevate privileges from an application to the Linux Kernel. Exploitation of this vulnerability does not require any interaction from the user; however, it necessitates either the installation of a ...
Discovered 1 day ago
PoC for CVE-2026-10580
The Hippoo Mobile App for WooCommerce plugin for WordPress contains a vulnerability that allows unauthenticated users to bypass authentication protocols. This security flaw stems from a logic error within the HippooPermissions::get_user_permissions() function, which incorrectly grants full admini...
PoC for CVE-2026-56121
An unsafe deserialization vulnerability in Feast prior to version 0.63.0 enables unauthorized parties to execute arbitrary code remotely. This flaw arises from the mishandling of the user_defined_function.body field within the OnDemandFeatureView specification. The field is decoded from base64 an...
PoC for CVE-2026-46817
A vulnerability exists in the Oracle Payments component of the Oracle E-Business Suite, specifically in the File Transmission functionality. This flaw allows an unauthenticated attacker with network access via HTTP to exploit the Oracle Payments system. If successfully exploited, attackers could ...
PoC for CVE-2026-8037
An OS command injection vulnerability exists in the API of Progress ADC Products, specifically affecting the LoadMaster appliance. This vulnerability allows unauthenticated attackers to execute arbitrary commands through unsanitized input in multiple command endpoints. Exploiting this weakness co...
PoC for CVE-2026-58377
The JeecgBoot framework version 3.9.2 is susceptible to a broken access control vulnerability that allows authenticated users with low privileges to execute create, read, update, and delete operations on OpenAPI credentials. The issue arises due to missing Shiro authorization annotations on criti...
PoC for CVE-2026-58376
Dolibarr ERP software versions up to 23.0.3 are susceptible to an SQL injection vulnerability that enables authenticated users to exfiltrate sensitive database contents. This flaw occurs due to inadequate validation of the sqlfilters query parameter in the setup dictionary and multicurrencies RES...
PoC for CVE-2026-58375
JimuReport versions up to 2.5.0 expose the /jmreport/auto/export endpoint without requiring authentication, due to improper configuration of the JimuNoLoginRequired annotation. This oversight allows any remote attacker to exploit the endpoint, effectively permitting enumeration of Snowflake repor...
PoC for CVE-2026-58371
SeaweedFS versions before 4.30 contain a vulnerability related to the handling of callback query parameters, which are reflected in responses without validation. This affects several JSON endpoints, including those that are accessible without authentication, potentially exposing sensitive informa...
PoC for CVE-2026-58176
RuoYi-Vue-Plus versions up to 5.6.2 have a significant security flaw where workflow task management endpoints lack proper authorization checks. This vulnerability allows any authenticated user, regardless of their role, to manipulate task assignments, circumventing the intended separation of duti...
PoC for CVE-2026-58172
Ocelot, a popular API Gateway developed by ThreeMammals, is vulnerable to a security control bypass that impacts versions up to 24.1.0. This vulnerability arises from the WebSocket upgrade requests that can bypass IP-based access restrictions due to faulty configuration in the OcelotPipelineExten...
PoC for CVE-2026-58166
The OpenBMB ChatDev application through version 2.2.0 is affected by a path traversal vulnerability that allows unauthenticated remote attackers to manipulate file upload operations. By sending a malicious multipart filename to the file upload endpoint, attackers can exploit the inadequate saniti...
PoC for CVE-2026-58165
OpenZiti through version 2.0.0 is vulnerable to a privilege escalation flaw that allows authenticated non-admin users to create enrollments for any identity, including administrative accounts. This is due to insufficient authorization checks in the ApplyCreate function of enrollment_manager.go, w...
PoC for CVE-2024-31317
A vulnerability has been identified in the Android Framework that allows potential code execution through unsafe deserialization in multiple functions of ZygoteProcess.java. This flaw enables local privilege escalation, requiring user execution privileges but eliminating the need for user interac...
PoC for CVE-2026-58116
LLaMA-Factory versions up to 0.9.5 are susceptible to a remote code execution vulnerability that enables users with WebUI access to run arbitrary Python code. This occurs when a malicious model path is provided in the Chat or Training interfaces, allowing the application to pass unsanitized user ...
PoC for CVE-2026-43700
A cross-origin vulnerability has been identified in Safari and various Apple operating systems. This security issue arises from inadequate tracking of security origins, which could allow maliciously crafted web content to expose sensitive user information. Users are advised to update to the lates...
PoC for CVE-2026-44789
An authenticated user with permissions to create or modify workflows in n8n prior to versions 1.123.43, 2.22.1, and 2.20.7 could exploit an unvalidated pagination parameter within the HTTP Request node to perform global prototype pollution. This vulnerability poses a risk of remote code execution...
PoC for CVE-2023-43364
The Searchor application, developed by ArjunSharda, contains a flaw in its command-line interface input processing. Prior to version 2.4.2, the application utilizes the 'eval' function on user-provided input without sufficient validation. This oversight can lead to arbitrary code execution, enabl...