Publicly Disclosed
PoC Exploits
🔴 Alway take caution when working with PoC Exploits 🔴
Discovered 3 hours ago
PoC for CVE-2026-15202
A security flaw has been identified in the YzmCMS component 'Header Handler' in versions up to 7.5, specifically within the get_url function located in the yzmphp.php file. This vulnerability arises from improper validation of the HTTP_HOST argument, allowing attackers to perform cross-site scrip...
PoC for CVE-2026-40473
The Apache Camel MinaConverter component is prone to a vulnerability that permits an attacker to exploit the serialization process by sending a crafted serialized Java object over the network. This issue occurs due to the lack of ObjectInputFilter or class-loading restrictions when the MinaConver...
PoC for CVE-2026-15194
A security flaw has been identified in Open5GS version 2.7.7 affecting the AMF component's function amf_context_final located in src/amf/context.c. This vulnerability arises from improper handling of memory, leading to a use after free condition. An attacker with local access can exploit this fla...
PoC for CVE-2026-15193
AidanPark's openclaw-android is susceptible to an OS command injection vulnerability due to a flaw in the Android WebView Bridge component. This issue arises from improper handling of functions within JsBridge.kt, which allows local attackers to inject arbitrary commands into the system. As this ...
Discovered 4 hours ago
PoC for CVE-2026-15192
A vulnerability has been identified in Mettle Sendportal, specifically in the APIv1 Webhooks component that handles sendgrid, postmark, postal, and mailjet functionalities. This flaw results in missing authentication, allowing potential attackers to exploit the system remotely. The vulnerability ...
PoC for CVE-2026-15191
A vulnerability has been identified in Mettle SendPortal, specifically within the Campaign Creation Endpoint. This flaw allows an attacker to bypass authorization controls by manipulating the request handling mechanism in the CampaignStoreRequest.php file. The vulnerability is remotely exploitabl...
PoC for CVE-2021-3712
ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) b...
PoC for CVE-2026-15190
A security vulnerability has been identified in SourceCodester's Simple and Nice Shopping Cart Script 1.0 that allows for SQL injection attacks via the '/login.php' file. By manipulating the 'Username' argument, attackers can exploit this weakness to execute unauthorized SQL commands remotely, po...
Discovered 5 hours ago
PoC for CVE-2026-15188
A vulnerability has been discovered in the Django Job Portal's Employee Dashboard Endpoint, specifically within the function EditEmployeeProfileAPIView. This weakness allows for improper access control due to manipulation of the role argument. Attackers may exploit this flaw remotely, as the nece...
Discovered 6 hours ago
PoC for CVE-2026-15187
A security flaw has been identified in the Enquirer library, impacting versions up to 2.4.1. The vulnerability lies within the Enquirer.set function of the Public Package API, where improper handling of the question.name argument leads to uncontrolled modifications of object prototype attributes....
Discovered 8 hours ago
PoC for CVE-2026-15185
A vulnerability has been identified in GPAC's MP4Box, specifically in the vobsub_read_idx function found within the /src/media_tools/vobsub.c file. A local attacker can exploit this vulnerability by manipulating the num_langs argument, potentially leading to an out-of-bounds read. The exploit has...
PoC for CVE-2026-15184
A local vulnerability exists in GNU LibreDWG's DWG File Handler due to a null pointer dereference in the dwg_next_entity function. This issue can be exploited by manipulating the next_obj argument, potentially leading to application crashes. Users are strongly advised to upgrade to version 0.14 t...
Discovered 9 hours ago
PoC for CVE-2026-15182
A vulnerability exists in the BMP Image Handler of GNU LibreDWG versions up to 0.13.4, specifically in the dwg_bmp function within src/dwg.c. This flaw allows for a locally executed heap-based buffer overflow, which can lead to potential exploitation of memory corruption. To mitigate this risk, u...
PoC for CVE-2026-53571
The vulnerability in Vite, a widely-used frontend tooling framework for JavaScript, poses a significant security risk on Windows systems. Prior to specific versions (8.0.16, 7.3.5, and 6.4.3), the server.fs.deny configuration meant to prevent access to sensitive files can be bypassed. Due to impr...
Discovered 10 hours ago
PoC for CVE-2026-50746
A vulnerability exists in the UniFi Connect Application due to improper access control mechanisms. This flaw allows a malicious actor with network access to exploit the system by executing arbitrary commands on the host device. As a result, unauthorized actions could be performed, potentially com...
Discovered 11 hours ago
PoC for CVE-2026-50131
The Fedify TypeScript library, used for building federated server applications powered by ActivityPub, has a critical vulnerability relating to Server-Side Request Forgery. While prior updates attempted to address internal network access by adding public URL validation for outbound fetches, the v...
PoC for CVE-2026-43499
A vulnerability exists in the Linux kernel's rtmutex component where the remove_waiter() function incorrectly utilizes current instead of waiter::task during a dequeue operation within various mutex handling paths. This mismanagement leads to multiple issues, including potential use-after-free vu...
Discovered 14 hours ago
PoC for CVE-2026-12517
The Fediverse Embeds WordPress plugin, prior to version 1.5.8, contains a vulnerability that permits unauthenticated users to conduct Server-Side Request Forgery (SSRF) attacks. Through a compromised site-info endpoint, attackers can send requests to internal and private-network URLs, thereby obt...
PoC for CVE-2026-11875
The WP Support Plus Responsive Ticket System plugin for WordPress, up to version 9.1.2, is vulnerable due to its lack of signing and verification of guest-session cookies. This flaw enables unauthenticated users to create forged cookies, allowing them to impersonate legitimate ticket owners. Cons...
PoC for CVE-2026-11571
The Everest Forms plugin for WordPress, prior to version 3.5.0, fails to properly manage temporary CSV files created during email notification processes. This oversight leaves the files accessible in the public uploads directory. As a result, unauthenticated attackers can exploit this vulnerabili...
PoC for CVE-2026-12516
The Fediverse Embeds WordPress plugin prior to version 1.5.8 is susceptible to a security flaw that permits unauthenticated users to submit server-side requests to arbitrary URLs. This vulnerability arises from the lack of validation checks on the destination of the requests made through a media-...
PoC for CVE-2026-12270
The Everest Forms WordPress plugin prior to version 3.5.0 contains an access control issue that allows unauthenticated users to exploit vulnerabilities in its onboarding assistant features. This flaw arises from insufficient checks on specific REST API endpoints, enabling attackers to bypass capa...
PoC for CVE-2026-11869
The WP DSGVO Tools (GDPR) plugin for WordPress, prior to version 3.1.40, contains a security flaw that lacks proper authorization checks in its data subject access request processing. This vulnerability enables unauthenticated attackers to generate and download full personal data exports, which m...
Discovered 16 hours ago
PoC for CVE-2023-0386
A vulnerability exists in the Linux kernel's OverlayFS subsystem that enables a local user to gain unauthorized access to a setuid file with capabilities. This issue arises when a user copies a capable file from a nosuid mount to another mount, leading to potential privilege escalation. The uid m...
Discovered 17 hours ago
PoC for CVE-2025-27636
A bypass and injection vulnerability exists in Apache Camel stemming from a flaw in its default header filtering mechanism. This flaw allows attackers to circumvent protective measures by manipulating the casing of header names. As a result, they can inject malicious headers which may invoke arbi...
Discovered 18 hours ago
PoC for CVE-2026-44825
A vulnerability in Apache Solr allows for remote unauthorized access due to hardcoded default credentials in the Basic Authentication setup tool. Versions 9.4.0 through 9.10.1 and 10.0.0 are particularly exposed, as attackers can leverage these known credentials to gain full control over the Solr...
Discovered 19 hours ago
PoC for CVE-2026-40048
The FileBasedKeyLifecycleManager class in Apache Camel allows deserialization of `<keyId>.key` files using java.io.ObjectInputStream without implementing ObjectInputFilter or restricting class loading. This flaw can lead to arbitrary code execution due to unsanitized deserialization methods being...
Discovered 20 hours ago
PoC for CVE-2021-40346
An integer overflow vulnerability is present in HAProxy versions 2.0 through 2.5. This flaw is associated with the htx_add_header function, enabling attackers to exploit the vulnerability to conduct an HTTP request smuggling attack. By bypassing all configured HTTP request Access Control Lists (A...
PoC for CVE-2026-15138
A security vulnerability has been identified in Tumf's MCP Text Editor, specifically in the _validate_file_path function found in text_editor.py. This vulnerability allows an attacker to perform path traversal by manipulating the 'file_path' argument, potentially gaining unauthorized access to se...
PoC for CVE-2026-15137
A vulnerability has been discovered in the Code-Projects Interview Management System version 1.0, specifically affecting the View.php file located in the inc/classes directory. This weakness facilitates SQL injection through manipulated argument IDs. Attackers can exploit this vulnerability remot...
Discovered 21 hours ago
PoC for CVE-2026-15135
A security vulnerability has been identified in the Online Food Order System by Code-Projects, specifically in the edit_food_items.php file. This flaw allows for SQL injection through manipulated inputs in the 'update' argument. Attackers can exploit this vulnerability remotely, potentially leadi...
PoC for CVE-2026-15134
A vulnerability exists in the CodeAstro Simple Online Leave Management System version 1.0, specifically related to inadequate input validation in the /SimpleOnlineLeave/index.php file. By manipulating the 'email' parameter, an attacker may execute SQL injection attacks, potentially accessing sens...
Discovered 22 hours ago
PoC for CVE-2026-15105
A deserialization flaw exists in davenardella's Snap7 product, impacting the TS7Worker::PerformFunctionRead function within the ReadVar Request Handler component. This vulnerability allows for manipulation of data structures, which can lead to remote exploitation on local networks. The problem ha...
Discovered 23 hours ago
PoC for CVE-2026-35204
A security issue has been identified in Helm, the package manager for Kubernetes Charts. Versions 4.0.0 through 4.1.3 are impacted by a flaw that allows a specially crafted Helm plugin to write files to arbitrary locations on the filesystem when installed or updated. To mitigate this risk, it is ...
Discovered 1 day ago
PoC for CVE-2026-40047
A command injection vulnerability exists in the Apache Camel Docling component due to improper validation of custom CLI arguments. The vulnerability arises when the DoclingProducer constructs an argument list for the external 'docling' command-line tool, where insufficient validation may allow an...
PoC for CVE-2026-59807
The Composio SDK is affected by a path validation bypass vulnerability that allows malicious actors to read and exfiltrate sensitive files. This issue arises from the missing assertSafeFileUploadPath check in the readFileFromDisk function located in tool-file-uploads.ts. By exploiting prompt inje...
PoC for CVE-2026-59806
Gradio, an application developed by Gradio App, contains a vulnerability that impacts versions prior to 6.20.0. This security issue involves an open redirect and server-side request forgery that can be exploited by attackers. By manipulating the file_fetch() function in the /gradio_api/file= endp...
PoC for CVE-2026-59804
The Midscene Bridge Server, up to version 1.10.3, is susceptible to a vulnerability that enables unauthenticated remote attackers to hijack active bridge sessions. This exploit works by opening a cross-origin WebSocket connection to the local Socket.IO server, which fails to validate the Origin h...
PoC for CVE-2026-59803
The rpcx library, prior to version 1.9.3, is susceptible to a denial-of-service attack due to inadequate controls in the message decoding process. When handling messages with a compression flag, the payload is decompressed without restrictions on size, which can result in significant heap allocat...
PoC for CVE-2026-60104
A vulnerability in Bitwarden Server prior to version 2026.6.0 allows a low-privileged member of an organization to exploit the authentication request process. By creating a Trusted Device Encryption request using an attacker-controlled public key, the malicious actor can obtain another user's vau...
PoC for CVE-2025-54136
In Cursor Code Editor versions prior to 1.3, a significant vulnerability exists allowing attackers to execute arbitrary code remotely. This occurs through manipulation of a trusted MCP configuration file either within a shared GitHub repository or on the target machine. If an attacker can alter t...
PoC for CVE-2021-21974
The OpenSLP service in VMware ESXi contains a heap overflow vulnerability that could allow an attacker within the same network segment to execute arbitrary code. By sending specially crafted packets to port 427, an unauthorized actor may exploit this flaw, potentially compromising the entire syst...
PoC for CVE-2026-43499
A vulnerability exists in the Linux kernel's rtmutex component where the remove_waiter() function incorrectly utilizes current instead of waiter::task during a dequeue operation within various mutex handling paths. This mismanagement leads to multiple issues, including potential use-after-free vu...
PoC for CVE-2026-15036
A vulnerability exists in the Harness platform, specifically within the gitspaces component, affecting versions up to 2.28.2. The issue is located in the getAuthorizedSpaces function of the app/api/controller/gitspace/list_all.go file. It allows unauthorized users to bypass authorization, potenti...
PoC for CVE-2026-15035
A command injection vulnerability has been identified in the OpenLLM 0.6.30, specifically within the async_run_command function located in src/openllm/common.py. This flaw allows an attacker to manipulate the cmd argument, potentially leading to unauthorized command execution on affected systems....
PoC for CVE-2026-56290
The Joomla extension Page Builder CK contains a vulnerability that allows unauthenticated attackers to upload arbitrary files. This weakness can be exploited to upload executable files, resulting in remote code execution on the server. The implications of this vulnerability are severe, as it may ...
PoC for CVE-2026-15034
A vulnerability identified in Flask-MonitoringDashboard, up to version 5.0.2, facilitates cross-site request forgery attacks. This issue allows attackers to exploit certain functions without proper authorization, potentially leading to unauthorized actions performed on behalf of legitimate users....
PoC for CVE-2026-46242
A memory management vulnerability in the Linux kernel's eventpoll subsystem allows for a misuse of freed memory, resulting from improper handling of file structures during critical operations. The flaw occurs when an ep_remove operation clears a file pointer under lock while allowing concurrent o...
Discovered 2 days ago
PoC for CVE-2026-12378
The Appointment Booking Calendar Plugin for WordPress, up to version 1.1.28, fails to validate user input before it is processed by a PHP deserialization function. This flaw exposes the plugin to attacks from unauthenticated users, who could exploit the vulnerability to inject arbitrary PHP objec...
PoC for CVE-2026-12277
The Frontend File Manager Plugin for WordPress, version 23.6, is susceptible to a vulnerability that allows unauthenticated users to delete arbitrary files on the server without proper validation of file paths derived from user input. This issue is particularly concerning when guest upload mode i...