Publicly Disclosed
PoC Exploits

🔴 Alway take caution when working with PoC Exploits 🔴

Discovered just now...

PoC for CVE-2026-0740

WordPressNinja Forms - File Upl...9.8CRITICAL
Arbitrary File Upload Vulnerability in Ninja Forms File Uploads Plu...

The Ninja Forms - File Uploads plugin for WordPress contains a vulnerability allowing unauthenticated attackers to upload arbitrary files due to inadequate file type validation in the upload handling function. This oversight affects all versions upto and including 3.3.26, potentially enabling att...

PoC for CVE-2026-41177

SquidexSquidex5.5MEDIUM
Blind Server-Side Request Forgery Vulnerability in Squidex CMS

Squidex, an open-source headless content management system, suffers from a vulnerability in its Restore API prior to version 7.23.0. The flaw arises from insufficient validation of the URI scheme within the user-supplied 'Url' parameter. This oversight permits an authenticated administrator to ex...

Discovered 2 hours ago

PoC for CVE-2026-7015

MaxsiteCms4.8MEDIUM
Cross Site Scripting Vulnerability in MaxSite CMS Guestbook Plugin

A vulnerability exists in MaxSite CMS affecting the Guestbook Plugin, allowing for cross site scripting (XSS) attacks. This issue is due to improper handling of inputs such as f_text, f_slug, f_limit, and f_email, which can be exploited remotely. The vendor has identified this issue and issued a ...

PoC for CVE-2026-3844

WordPressBreeze Cache9.8CRITICAL
Arbitrary File Upload Vulnerability in Breeze Cache Plugin for Word...

The Breeze Cache plugin for WordPress has a security flaw that allows unauthenticated attackers to perform arbitrary file uploads. This vulnerability is due to inadequate file type validation in the 'fetch_gravatar_from_remote' function. The risk is present in all versions up to 2.4.4, specifical...

PoC for CVE-2026-7014

MaxsiteCms4.8MEDIUM
Cross Site Scripting Vulnerability in MaxSite CMS Down_Count Plugin

A Cross Site Scripting vulnerability has been identified in the down_count plugin of MaxSite CMS, affecting versions up to 109.3. The issue originates from improper handling of the f_file and f_prefix parameters, allowing attackers to inject malicious scripts that can be executed in the context o...

Discovered 3 hours ago

PoC for CVE-2026-7013

MaxsiteCms4.8MEDIUM
Cross-Site Scripting Vulnerability in MaxSite CMS Mail_Send Plugin

A security vulnerability within the mail_send plugin of MaxSite CMS versions up to 109.3 allows attackers to exploit improper input handling, leading to cross-site scripting attacks. This issue arises when the arguments f_subject, f_files, and f_from are manipulated, enabling remote execution of ...

PoC for CVE-2026-39987

Marimo-teamMarimo🟣 EPSS 46%9.3CRITICAL
Pre-Authentication Remote Code Execution in Marimo Python Notebook

Marimo, a reactive Python notebook, exhibits a significant security vulnerability prior to version 0.23.0. The terminal WebSocket endpoint (/terminal/ws) allows unauthenticated access, enabling attackers to gain a complete pseudo-terminal shell and execute arbitrary commands on the host system. U...

Discovered 4 hours ago

PoC for CVE-2026-7012

MaxsiteCms4.8MEDIUM
Cross Site Scripting in MaxSite CMS Redirect Plugin by MaxSite

A cross site scripting vulnerability has been identified in MaxSite CMS, specifically affecting version 109.3 of the Redirect Plugin. This flaw allows remote attackers to manipulate the argument 'f_all/f_all404', leading to potential XSS attacks. The vendor addressed the vulnerability by implemen...

Discovered 5 hours ago

PoC for CVE-2023-32629

CanonicalUbuntu Kernel🟣 EPSS 63%7.8HIGH
Local Privilege Escalation Vulnerability in Ubuntu Kernels

The local privilege escalation vulnerability in the overlayfs implementation of Ubuntu Kernels allows attackers to bypass permission checks during certain attribute-setting operations. Specifically, when invoking 'ovl_do_setxattr', the requisite permission checks are skipped, potentially leading ...

Discovered 8 hours ago

PoC for CVE-2019-14287

Sudo ProjectSudo🟣 EPSS 86%8.8HIGH
Sudo Vulnerability in Unix-like Systems by Sudo Developers

In Sudo versions prior to 1.8.28, a security flaw allows an attacker with access to a Runas ALL sudoer account to circumvent specified policy blacklists and session PAM modules. This vulnerability can lead to misleading logging and improper user privileges when the attacker invokes Sudo with a cr...

Discovered 10 hours ago

PoC for CVE-2026-6993

Go-kratosKratos6.9MEDIUM
Security Flaw in go-kratos Affecting HTTP Server Functionality

A security flaw exists in go-kratos up to version 2.9.2 that affects the NewServer function in the transport/http/server.go file. This vulnerability impacts the http.DefaultServeMux Fallback Handler, allowing for unintended intermediary exposure. The vulnerability can be exploited remotely, posin...

Discovered 11 hours ago

PoC for CVE-2024-3273

D-linkDns-320l🟣 EPSS 94%7.3HIGH
Command Injection Vulnerability in D-Link Network Attached Storage ...

A significant vulnerability has been identified in several models of D-Link Network Attached Storage devices, specifically in the HTTP GET request handler of the nas_sharing.cgi component. This vulnerability allows for command injection via manipulation of the 'system' argument, enabling remote a...

PoC for CVE-2026-6992

LinksysMr96008.6HIGH
OS Command Injection Vulnerability in Linksys MR9600 by Linksys

An OS command injection vulnerability exists in the Linksys MR9600 router, specifically within the JNAP Action Handler. The issue arises from inadequate validation of the 'pin' argument in the function BTRequestGetSmartConnectStatus located in the run_central2.sh script. By exploiting this vulner...

PoC for CVE-2026-6990

Projeto-sigaSiga5.1MEDIUM
Cross Site Scripting Vulnerability in projeto-siga Application by p...

A cross site scripting vulnerability exists in the projeto-siga application version 11.0.3.18, specifically in an unknown function within the file /sigawf/app/responsavel/novo. This flaw allows an attacker to manipulate parameters, particularly the Nome/Descrição arguments, to execute arbitrary s...

Discovered 12 hours ago

PoC for CVE-2026-6989

TendaF4535.3MEDIUM
Command Injection Vulnerability in Tenda F453 Router by Tenda

A command injection vulnerability has been detected in the Tenda F453 router, specifically impacting the TendaTelnet function within the Telnet Service. This flaw allows an attacker to execute arbitrary commands remotely through the /goform/telnet endpoint, leading to potential unauthorized acces...

PoC for CVE-2026-6988

TendaHg108.7HIGH
Buffer Overflow Vulnerability in Tenda HG10 Series Routers

A critical security flaw exists in the Boa Service within Tenda HG10 and related router models, specifically in the formRoute function of the /boaform/formRouting file. This vulnerability allows an attacker to manipulate the nextHop argument, leading to a buffer overflow condition. If exploited, ...

PoC for CVE-2026-6986

CesantaMongoose6.3MEDIUM
Improper Verification of Cryptographic Signature in Cesanta Mongoose

A security flaw has been identified in Cesanta Mongoose version up to 7.20, specifically within the GCM Authentication Tag Handler implementation. This vulnerability pertains to the function mg_aes_gcm_decrypt found in the /src/tls_aes128.c file. The weakness allows for improper verification of c...

Discovered 13 hours ago

PoC for CVE-2026-6985

CesantaMongoose6.9MEDIUM
Remote Denial of Service in Cesanta Mongoose TCP Option Handler

A vulnerability has been identified in Cesanta Mongoose versions up to 7.20 that allows for remote denial of service attacks. This issue arises within the TCP Option Handler's `handle_opt` function in the `/src/net_builtin.c` file, where improper manipulation of the `optlen` argument can lead to ...

PoC for CVE-2026-6984

AstrbotdevsAstrbot5.1MEDIUM
Server-Side Template Injection Vulnerability in AstrBot by AstrBotDevs

A security vulnerability has been identified in the Dashboard API of AstrBot, specifically within the create_template function located at astrbot/dashboard/routes/t2i.py. The flaw allows for improper neutralization of special elements utilized in a template engine, which can potentially enable re...

Discovered 14 hours ago

PoC for CVE-2026-6983

Pagekit TeamPagekit5.1MEDIUM
Server-Side Request Forgery Vulnerability in Pagekit by Pagekit Team

A server-side request forgery issue has been identified in Pagekit up to version 1.0.18. This vulnerability arises from the manipulation of the 'url' argument in the /index.php/admin/system/update/download functionality. An attacker can exploit this loophole to send unauthorized requests from the...

Discovered 15 hours ago

PoC for CVE-2026-6981

Ihatecreatinguser...Airahub25.3MEDIUM
Server-Side Request Forgery in IhateCreatingUserNames2 AiraHub2

A server-side request forgery vulnerability was identified in the AiraHub component of IhateCreatingUserNames2's AiraHub2. This flaw exists within the connect_stream_endpoint/sync_agents function of the AiraHub.py file, allowing attackers to manipulate server requests. Exploitation of this vulner...

Discovered 16 hours ago

PoC for CVE-2026-6980

Divyanshu-hashGitpilot-mcp6.9MEDIUM
Command Injection Vulnerability in Divyanshu-hash GitPilot-MCP

A command injection vulnerability exists in the GitPilot-MCP product developed by Divyanshu-hash. This issue is rooted in the manipulation of the argument within the repo_path function located in main.py. Attackers can exploit this vulnerability remotely by crafting malicious input that alters th...

PoC for CVE-2026-41651

PackagekitPackagekit8.8HIGH
D-Bus Abstraction Layer Vulnerability in PackageKit from Vendor Pac...

A vulnerability exists in PackageKit, specifically in versions 1.0.2 to 1.3.4, allowing unprivileged users to exploit a time-of-check time-of-use (TOCTOU) race condition. This flaw enables attackers to manipulate transaction flags, facilitating the installation of arbitrary RPM packages as root w...

Discovered 17 hours ago

PoC for CVE-2026-6979

DevlikeaproWaha5.3MEDIUM
Server-Side Request Forgery Vulnerability in devlikeapro WAHA API

A vulnerability in the devlikeapro WAHA API (up to version 2026.3.4) allows attackers to initiate server-side request forgery (SSRF) through an unknown function in the src/api/media.controller.ts file. This issue enables remote exploitation, potentially leading to unauthorized access to internal ...

PoC for CVE-2026-6978

JiZhiJizhicms5.1MEDIUM
SQL Injection Vulnerability in JiZhiCMS Product by JiZhi

A vulnerability has been identified in JiZhiCMS versions up to 2.5.6, affecting the htmlspecialchars_decode function located in /index.php/admins/Sys/addcache.html. This flaw allows an attacker to manipulate the sqls argument, leading to SQL injection attacks that can be executed remotely. The ex...

Discovered 19 hours ago

PoC for CVE-2026-6977

Vanna-aiVanna6.9MEDIUM
Improper Authorization Vulnerability in vanna-ai vanna by Vanna

A security flaw has been identified in vanna-ai vanna versions up to 2.0.2, specifically within an unknown function of the Legacy Flask API. This vulnerability enables attackers to exploit improper authorization mechanisms, potentially granting unauthorized access to sensitive API endpoints. The ...

Discovered 21 hours ago

PoC for CVE-2025-55177

FacebookWhatSAPp Desktop For Mac5.4MEDIUM
Incomplete Authorization in WhatsApp for iOS and Mac Linked Device ...

A vulnerability in WhatsApp allows unauthorized users to exploit incomplete authorization of linked device synchronization messages. This affects multiple versions of WhatsApp on iOS and Mac, enabling attackers to potentially trigger the processing of content from arbitrary URLs on targeted devic...

Discovered 22 hours ago

PoC for CVE-2011-2523

VsftpdVsftpd🟣 EPSS 94%9.8CRITICAL
Backdoor Vulnerability in vsftpd 2.3.4 by Academy of Linux

A serious backdoor vulnerability was discovered in vsftpd 2.3.4, affecting downloads made between June 30 and July 3, 2011. This vulnerability allows an attacker to exploit the software and open a remote shell on port 6200/tcp, granting unauthorized access to the system. It poses significant risk...

PoC for CVE-2026-25895

FrangoteamFuxa9.5CRITICAL
Path Traversal Vulnerability in FUXA Process Visualization Software

FUXA, a web-based Process Visualization software, is vulnerable to a path traversal flaw that permits an unauthenticated attacker to write files to arbitrary locations on the server's filesystem. This allows malicious actors to potentially compromise server integrity and execute unauthorized acti...

Discovered 23 hours ago

PoC for CVE-2025-47812

WftpserverWing Ftp Server🟣 EPSS 92%10CRITICAL
Remote Code Execution Vulnerability in Wing FTP Server

In Wing FTP Server prior to version 7.4.4, both user and admin web interfaces improperly handle null ('\0') bytes, which can lead to the injection of arbitrary Lua code into user session files. This vulnerability enables attackers to execute arbitrary system commands with the privileges of the FT...

Discovered 1 day ago

PoC for CVE-2026-41473

UsmannasirCyberpanel8.8HIGH
Authentication Bypass Vulnerability in CyberPanel by Etherparty

CyberPanel versions before 2.4.4 are exposed to an authentication bypass vulnerability that affects the AI Scanner worker API endpoints. This flaw enables unauthenticated remote attackers to gain unauthorized access and potentially write arbitrary data to the database. By manipulating requests se...

PoC for CVE-2026-41651

PackagekitPackagekit8.8HIGH
D-Bus Abstraction Layer Vulnerability in PackageKit from Vendor Pac...

A vulnerability exists in PackageKit, specifically in versions 1.0.2 to 1.3.4, allowing unprivileged users to exploit a time-of-check time-of-use (TOCTOU) race condition. This flaw enables attackers to manipulate transaction flags, facilitating the installation of arbitrary RPM packages as root w...

PoC for CVE-2026-3844

WordPressBreeze Cache9.8CRITICAL
Arbitrary File Upload Vulnerability in Breeze Cache Plugin for Word...

The Breeze Cache plugin for WordPress has a security flaw that allows unauthenticated attackers to perform arbitrary file uploads. This vulnerability is due to inadequate file type validation in the 'fetch_gravatar_from_remote' function. The risk is present in all versions up to 2.4.4, specifical...

PoC for CVE-2026-3844

WordPressBreeze Cache9.8CRITICAL
Arbitrary File Upload Vulnerability in Breeze Cache Plugin for Word...

The Breeze Cache plugin for WordPress has a security flaw that allows unauthenticated attackers to perform arbitrary file uploads. This vulnerability is due to inadequate file type validation in the 'fetch_gravatar_from_remote' function. The risk is present in all versions up to 2.4.4, specifical...

Discovered 2 days ago

PoC for CVE-2026-39920

Bridgehead SoftwareFilestore9.3CRITICAL
Remote Command Execution Vulnerability in BridgeHead FileStore by B...

BridgeHead FileStore versions prior to 24A are vulnerable due to the exposure of the Apache Axis2 administration module on network-accessible endpoints using default credentials. This allows unauthenticated attackers to gain access to the admin console, upload malicious Java archives as web servi...

PoC for CVE-2026-31429

LinuxLinux
Memory Management Vulnerability in Linux Kernel Affecting skb Heads

In the Linux kernel, a notable vulnerability related to memory management has been identified within the skb (socket buffer) heads concerning allocation and deallocation. The flaw arises when KFENCE is activated, leading to misclassification during the free path of allocated memory objects. Speci...

PoC for CVE-2025-55292

MeshtasticFirmware8.2HIGH
Authentication Bypass Vulnerability in Meshtastic Networking Soluti...

The Meshtastic networking solution presents an authentication bypass vulnerability due to its architecture, where a Node is identified by a NodeID derived from the MAC address instead of its public key. This weakness allows an attacker to exploit the HAM mode, which lacks encryption, and forge No...

PoC for CVE-2023-44487

IetfHttp🟣 EPSS 94%7.5HIGH
HTTP/2 Protocol Vulnerability Allows for Rapid Stream Cancellation ...

The HTTP/2 protocol is susceptible to a denial of service vulnerability that can be exploited via rapid stream resets. This allows attackers to overwhelm servers by rapidly canceling requests, leading to significant resource consumption and potential service disruption. Exploitation of this vulne...

PoC for CVE-2026-3844

WordPressBreeze Cache9.8CRITICAL
Arbitrary File Upload Vulnerability in Breeze Cache Plugin for Word...

The Breeze Cache plugin for WordPress has a security flaw that allows unauthenticated attackers to perform arbitrary file uploads. This vulnerability is due to inadequate file type validation in the 'fetch_gravatar_from_remote' function. The risk is present in all versions up to 2.4.4, specifical...

PoC for CVE-2026-34159

Ggml-orgLlama.cpp9.8CRITICAL
Remote Code Execution in llama.cpp - Affected by Insecure RPC Backend

The llama.cpp product has a critical vulnerability in its RPC backend where the deserialize_tensor() function fails to perform proper bounds validation if a tensor's buffer field is set to zero. This oversight allows unauthenticated attackers to exploit the system by reading and writing arbitrary...

PoC for CVE-2025-5880

Whistle TechnologiesWhistle5.3MEDIUM
Path Traversal Vulnerability in Whistle by Whistle Technologies

A vulnerability exists in Whistle version 2.9.98, located in the file /cgi-bin/sessions/get-temp-file, which allows attackers to manipulate the filename argument. This leads to a path traversal issue that may enable unauthorized access to sensitive files on the server. Although the vendor was not...

PoC for CVE-2026-29145

ApacheApache Tomcat9.1CRITICAL
Authentication Flaw in Apache Tomcat and Tomcat Native Software

An authentication flaw exists in Apache Tomcat and Apache Tomcat Native, where the CLIENT_CERT authentication process does not fail as expected under certain configurations when soft fail is disabled. This vulnerability potentially allows unauthorized access in scenarios where proper validation i...

PoC for CVE-2026-26210

Kvcache-aiKtransformers9.3CRITICAL
Unsafe Deserialization in KTransformers Affects Backend Security

KTransformers version 0.5.3 and earlier contains a serious vulnerability in its balance_serve backend that allows unsafe deserialization through the scheduler RPC server. The ZMQ ROUTER socket is bound to all network interfaces without proper authentication, enabling attackers to exploit this fla...

PoC for CVE-2026-6942

RadareorgRadare29.3CRITICAL
OS Command Injection Vulnerability in radare2-mcp Software by Radar...

The radare2-mcp software, specifically version 1.6.0 and earlier, is susceptible to an os command injection vulnerability that allows remote attackers to execute arbitrary commands. This is done by circumventing command filters through the use of shell metacharacters within user-controlled input ...

PoC for CVE-2026-6941

RadareorgRadare26.9MEDIUM
Path Traversal Vulnerability in radare2 Affects Project Notes Handling

radare2, prior to version 6.1.4, is susceptible to a path traversal vulnerability affecting its project notes handling feature. By exploiting a crafted .zrp archive containing a symlinked notes.txt file, an attacker can circumvent directory confinement measures. This can lead to unauthorized file...

PoC for CVE-2026-6940

RadareorgRadare26.9MEDIUM
Path Traversal Vulnerability in radare2 by radareorg

The radare2 tool, prior to version 6.1.4, contains a path traversal vulnerability related to project deletion. This flaw enables local attackers to exploit absolute paths, allowing for the recursive deletion of directories outside the configured project storage boundary. By manipulating the proje...

PoC for CVE-2026-25874

Hugging FaceLerobot9.3CRITICAL
Unsafe Deserialization Issue in LeRobot by Hugging Face

LeRobot has a vulnerability that allows attackers to exploit unsafe deserialization within its async inference pipeline. The misuse of pickle.loads() for data deserialization over unauthenticated gRPC channels poses a significant risk. Attackers can send maliciously crafted pickle payloads throug...

Discovered 3 days ago

PoC for CVE-2026-23751

Tungsten AutomationKofax Capture9.3CRITICAL
Unprotected .NET Remoting Channel in Kofax Capture by Tungsten Auto...

Kofax Capture exposes a deprecated .NET Remoting HTTP channel on port 2424, accessible without authentication. This vulnerability allows an unauthenticated remote attacker to utilize .NET Remoting techniques to manipulate various system objects. By leveraging these techniques, attackers may read ...

PoC for CVE-2026-32201

MicrosoftMicrosoft Sharepoint E...6.5MEDIUM
Spoofing Vulnerability in Microsoft Office SharePoint

An input validation issue in Microsoft Office SharePoint facilitates unauthorized spoofing attacks over the network. Attackers can exploit this vulnerability to impersonate legitimate users, potentially leading to unauthorized access and data breaches. Proper validation mechanisms must be in plac...

PoC for CVE-2026-4512

WordPressRecaptcha By Webdesignby3.5LOW
Cross-Site Scripting in reCaptcha Plugin for WordPress by WebDesignBy

The reCaptcha plugin developed by WebDesignBy for WordPress prior to version 2.0 is vulnerable to Cross-Site Scripting (XSS). The vulnerability arises from improper sanitization and escaping of the Site Key setting, which is outputted directly in a JavaScript context within the grecaptcha_js() fu...