Publicly Disclosed
PoC Exploits
🔴 Alway take caution when working with PoC Exploits 🔴
Discovered just now...
PoC for CVE-2026-34197
Apache ActiveMQ Broker is prone to a code injection vulnerability due to improper input validation in the Jolokia JMX-HTTP bridge. By default, this bridge exposes a web console that allows the execution of operations on all ActiveMQ MBeans. An authenticated attacker can exploit this vulnerability...
PoC for CVE-2026-48907
A flaw in the JCE editor extension for Joomla permits unauthorized users to create new editor profiles. This malicious capability exposes the site to risks, including the ability to upload PHP code and execute it, potentially leading to a full compromise of the website security. Site administrato...
Discovered 2 hours ago
PoC for CVE-2026-14622
A missing authentication vulnerability has been identified in the jairiidriss Restaurant Website PHP MySQL, specifically within the AJAX Endpoint component. An attacker could exploit this flaw to bypass authentication mechanisms, allowing unauthorized remote access to critical functionality withi...
PoC for CVE-2026-14621
A vulnerability exists in the OSX Broker of FederatedAI FATE versions up to 2.2.0, specifically in the function QueuePushReqStreamObserver.initEggroll. This issue arises from improper handling of the rollSiteSessionId, dstRole, and dstPartyId arguments, which could allow an attacker to compromise...
Discovered 4 hours ago
PoC for CVE-2026-12194
PHPIPAM is subjected to an authenticated local file inclusion vulnerability that enables users with API access to execute or include arbitrary PHP files from the web server's file system. Although the API feature is not enabled by default, if activated, the flaw could potentially allow attackers ...
PoC for CVE-2026-14619
A vulnerability has been identified in the itsourcecode Hospital Management System version 1.0 that allows for SQL injection through crafted input passed to the 'editid' parameter in the /medicine.php file. This flaw may enable remote attackers to manipulate database queries, leading to unauthori...
PoC for CVE-2026-14618
A vulnerability has been identified in Open5GS's AMF component that could lead to a denial of service condition. Specifically, the issue resides in the `amf_nnrf_handle_nf_discover` function within the source file `src/amf/nnrf-handler.c`. This vulnerability can be exploited remotely, allowing an...
Discovered 5 hours ago
PoC for CVE-2017-12615
A security vulnerability exists in Apache Tomcat versions 7.0.0 through 7.0.79 on Windows when HTTP PUT requests are enabled. This flaw allows an attacker to upload a malicious JSP file to the server through crafted requests. If successfully executed, the uploaded JSP file can be accessed and run...
Discovered 6 hours ago
PoC for CVE-2024-1561
A significant vulnerability exists within the Gradio product where the `/component_server` endpoint inadequately manages method invocations on the `Component` class while allowing input directed by attackers. By leveraging the `move_resource_to_block_cache()` method from the `Block` class, an att...
Discovered 8 hours ago
PoC for CVE-2026-14459
The TUBITAK BILGEM Software Technologies Research Institute's pardus-software is vulnerable to argument injection due to improper neutralization of argument delimiters. This flaw allows malformed input to be interpreted in unintended ways, potentially compromising the software's integrity. Affect...
Discovered 13 hours ago
PoC for CVE-2026-14617
A security flaw has been identified in the NousResearch hermes-agent, specifically in the Streaming Reasoning Tag Filter functionality. The vulnerability occurs within the GatewayStreamConsumer._filter_and_accumulate method in the file gateway/stream_consumer.py. The issue relates to improper han...
Discovered 14 hours ago
PoC for CVE-2026-14610
A vulnerability exists in the Open Asset Import Library Assimp within the CSM File Handler, specifically in the function Assimp::CSMImporter::InternReadFile. This flaw results in a heap-based buffer overflow, which can be exploited through local execution of crafted inputs. An exploit for this vu...
Discovered 15 hours ago
PoC for CVE-2026-14607
A vulnerability has been identified in RT-Thread versions up to 5.0.2 that affects the function sys_getaddrinfo. This weakness allows an attacker with local access to manipulate the argument ai_addr, which can lead to memory corruption. Current exploits of this vulnerability are publicly availabl...
PoC for CVE-2026-14606
A vulnerability has been identified in the RT-Thread SWM341 CAN Handler up to version 5.0.2, specifically in the CAN_Receive function found in the CMSIS DeviceSupport library. This flaw allows for a stack-based buffer overflow, which can be exploited locally to manipulate the application's execut...
PoC for CVE-2026-14605
A vulnerability has been discovered in the RT-Thread Real-Time Operating System (RTOS) related to the ls1c CAN Handler. Specifically, the issue lies within the 'recvmsg' function located in bsp/loongson/ls1cdev/libraries/ls1c_can.h. This vulnerability can lead to a stack-based buffer overflow, wh...
Discovered 16 hours ago
PoC for CVE-2026-14604
A vulnerability in the Open Asset Import Library Assimp affects the PLY Model Handler's ExportToBlob function. This issue allows for a double free, which can be exploited remotely. The vulnerability could lead to destabilization of applications utilizing the affected component. The Assimp project...
Discovered 19 hours ago
PoC for CVE-2026-49468
A security vulnerability in LiteLLM, an AI Gateway proxy server designed to facilitate calls to LLM APIs, was identified in all versions prior to 1.84.0. This flaw potentially exposes users to various security risks. It is critical for users to update to version 1.84.0 or newer to mitigate these ...
Discovered 1 day ago
PoC for CVE-2022-36021
Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands (like `SCAN` or `KEYS`) with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions ...
PoC for CVE-2022-36021
Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands (like `SCAN` or `KEYS`) with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions ...
PoC for CVE-2026-13768
Gardyn devices are susceptible to a severe security flaw that exposes a privileged iothubowner key. This key grants malicious users the ability to manipulate the IoTHub Registry Manager, potentially revealing critical connection information for all connected Gardyn Home Kit and Studio devices. Fu...
PoC for CVE-2026-38751
OpenSTAManager versions up to and including 2.10 contain a vulnerability that allows an attacker to upload arbitrary files via the module update functionality. This flaw exists in the 'upload_modules.php' script, which does not adequately validate file uploads, potentially enabling unauthorized a...
PoC for CVE-2025-57819
FreePBX, an open-source web-based GUI, suffers from a vulnerability that permits unauthenticated users to gain access to the FreePBX Administrator interface. This is primarily due to insufficient sanitization of user-provided data. The flaw can lead to unauthorized database manipulation and may a...
Discovered 2 days ago
PoC for CVE-2026-58460
The react-native-receive-sharing-intent library is susceptible to a path traversal vulnerability. This flaw permits a co-resident malicious application to exploit the system by manipulating the _display_name value to include dot-dot path components. Through this vulnerability, attackers can lever...
PoC for CVE-2026-58467
Cockpit CMS prior to version 364 is susceptible to a path traversal and local file inclusion vulnerability, allowing unauthenticated attackers to access arbitrary files or execute PHP scripts by manipulating the REQUEST_URI. This flaw occurs due to improper validation of the PATH_INFO variable du...
PoC for CVE-2026-59102
Forgejo, a platform developed by Codeberg, is vulnerable to a stored cross-site scripting attack that can be exploited by authenticated users. Attackers can embed malicious JavaScript code into the display name field. When the DEFAULT_SHOW_FULL_NAME option is activated, this name gets rendered in...
PoC for CVE-2026-59100
LobeChat version 2.2.9 has a broken object level authorization vulnerability that allows authenticated users to manipulate other users' chat-group agent data. By using arbitrary group identifiers, attackers can perform unauthorized actions such as retrieving agent listings, altering agent roles a...
PoC for CVE-2026-59099
Apereo CAS versions prior to 8.0.0-RC6 are susceptible to a cryptographic vulnerability that enables remote unauthenticated attackers to recover plaintext conversation state. This issue arises from AES-GCM initialization vector reuse, where the use of a constant all-zero IV in conjunction with a ...
PoC for CVE-2026-59098
LobeChat versions up to 2.2.9 are affected by a broken access control vulnerability in its retrieval-augmented-generation semantic search functionality. This flaw allows authenticated attackers to exploit missing user-identifier checks, granting them unauthorized access to other users' data. By m...
PoC for CVE-2026-59097
Taiga, a popular project management tool, has a security flaw that allows unauthorized remote attackers to create default due-date records in any project by exploiting unprotected POST endpoints. This vulnerability affects users of version 6.10.1 and earlier, where attackers can bypass permission...
PoC for CVE-2026-59095
LobeChat versions prior to 2.2.10-canary.18 contain a server-side request forgery vulnerability. This issue allows authenticated attackers to manipulate internal HTTP requests by exploiting user-controlled inputs in services such as skill import and topic cover updates. Through these entry points...
PoC for CVE-2026-59094
The Pathway Document Store is susceptible to a denial of service attack due to its handling of caller-supplied glob patterns. From the unauthenticated HTTP endpoints, an attacker can submit malicious patterns that lead to high CPU consumption, as the application evaluates these patterns without s...
PoC for CVE-2026-58579
RAGFlow versions prior to 0.26.3 are exposed to a stored cross-site scripting vulnerability due to insufficient sanitization of agent pipeline node names. The normalize_dsl function validates JSON serialization but does not sanitize the node name itself. This leads to scenarios where an authentic...
PoC for CVE-2026-58578
The vulnerability in LobeChat enables authenticated attackers to exploit regular expression denial of service (ReDoS) by injecting catastrophic-backtracking patterns into a GitHub repository URL path during skill import. This flaw allows attackers to obstruct the Node.js event loop, leading to si...
PoC for CVE-2026-33017
Langflow, a tool for constructing and deploying AI-driven agents and workflows, is susceptible to a vulnerability in the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint in versions before 1.9.0. This vulnerability enables an attacker to build public flows without authentication, leveraging ...
PoC for CVE-2021-27877
A vulnerability in Veritas Backup Exec allows attackers to exploit outdated SHA authentication support, which has not been disabled in versions prior to 21.2. By leveraging this weakness, an attacker can gain unauthorized access to an Agent, enabling them to execute privileged commands remotely. ...
PoC for CVE-2024-58352
Landray OA is affected by a serious unauthenticated HQL injection vulnerability, which enables attackers to manipulate the system's database queries by injecting harmful HQL syntax via the uid POST parameter of the wechatLoginHelper.do endpoint. This vulnerability stems from a failure to adequate...
PoC for CVE-2022-50973
Yonyou KSOA 9.0 is vulnerable to an unauthenticated file upload issue in the com.sksoft.bill.ImageUpload servlet. This flaw allows attackers to upload arbitrary files simply by submitting a POST request with manipulated filepath and filename parameters, bypassing crucial authentication, file type...
PoC for CVE-2022-50973
Yonyou KSOA 9.0 is vulnerable to an unauthenticated file upload issue in the com.sksoft.bill.ImageUpload servlet. This flaw allows attackers to upload arbitrary files simply by submitting a POST request with manipulated filepath and filename parameters, bypassing crucial authentication, file type...
PoC for CVE-2022-50973
Yonyou KSOA 9.0 is vulnerable to an unauthenticated file upload issue in the com.sksoft.bill.ImageUpload servlet. This flaw allows attackers to upload arbitrary files simply by submitting a POST request with manipulated filepath and filename parameters, bypassing crucial authentication, file type...
PoC for CVE-2021-1931
This security vulnerability is caused by improper validation of the buffer length when processing fast boot commands across various Qualcomm Snapdragon products. An attacker could exploit this flaw to execute arbitrary code or cause unintended behavior, potentially compromising the affected devices.
PoC for CVE-2024-14037
Redsea Cloud eHR is affected by an arbitrary file upload vulnerability that permits unauthenticated attackers to execute remote code. By exploiting the PtFjk.mob servlet endpoint, attackers can submit multipart POST requests containing malicious files disguised as image/jpeg, thereby circumventin...
PoC for CVE-2024-14037
Redsea Cloud eHR is affected by an arbitrary file upload vulnerability that permits unauthenticated attackers to execute remote code. By exploiting the PtFjk.mob servlet endpoint, attackers can submit multipart POST requests containing malicious files disguised as image/jpeg, thereby circumventin...
PoC for CVE-2026-53753
Crawl4AI, an open-source LLM-friendly web crawler, prior to version 0.8.7, contains a critical vulnerability in its computed fields feature. The _safe_eval_expression() function employs an AST validator that inadequately restricts attribute access, allowing attributes without an underscore prefix...
PoC for CVE-2025-69212
OpenSTAManager, an open source management tool for technical assistance and invoicing, has a vulnerability in the P7M file decoding functionality. Versions 2.9.8 and earlier allow authenticated attackers to upload a ZIP file containing a maliciously crafted .p7m file. This could lead to the execu...
PoC for CVE-2026-11578
The Fluent Forms WordPress plugin, prior to version 6.2.5, has a serious vulnerability related to improper access control. Specifically, it fails to restrict a Manager's ability to delete form submission entries associated with forms they are not authorized to manage. This could result in unautho...
PoC for CVE-2026-11965
The User Registration & Membership plugin for WordPress prior to version 5.2.0 allows unauthenticated individuals to activate paid membership subscriptions without completing payment. This flaw occurs due to the lack of enforcement on payment verification during the account registration process, ...
PoC for CVE-2026-10077
The Yootheme WordPress theme prior to version 5.0.35 is vulnerable to stored Cross-Site Scripting (XSS) attacks. This occurs as the theme fails to adequately sanitize certain HTML attributes, allowing users with the Author role to inject malicious scripts. When a post containing such scripts is v...
PoC for CVE-2026-11781
The Adminify WordPress plugin prior to version 4.2.10 fails to enforce appropriate read-capability checks for its administration search functionality. This oversight enables users with lower privileges, such as Contributors, to access and reveal sensitive information that should remain protected....
PoC for CVE-2026-38751
OpenSTAManager versions up to and including 2.10 contain a vulnerability that allows an attacker to upload arbitrary files via the module update functionality. This flaw exists in the 'upload_modules.php' script, which does not adequately validate file uploads, potentially enabling unauthorized a...
PoC for CVE-2025-69212
OpenSTAManager, an open source management tool for technical assistance and invoicing, has a vulnerability in the P7M file decoding functionality. Versions 2.9.8 and earlier allow authenticated attackers to upload a ZIP file containing a maliciously crafted .p7m file. This could lead to the execu...