Publicly Disclosed
PoC Exploits
🔴 Alway take caution when working with PoC Exploits 🔴
Discovered 25 minutes ago
PoC for CVE-2026-21045
An out-of-bounds write vulnerability exists in the TIFF parsing component of libimagecodec.media.quram.so. This flaw allows remote attackers to exploit the system by writing to areas of memory that are not allocated for that purpose, potentially leading to arbitrary code execution or crashes. Use...
Discovered 2 hours ago
PoC for CVE-2026-12979
The FunnelKit WordPress plugin prior to version 3.15.0.6 suffers from a path traversal vulnerability. This issue arises when the plugin does not properly validate user-supplied paths during file deletion operations related to template imports. Administrators, if compromised, could exploit this vu...
PoC for CVE-2026-12907
The RTMKit WordPress plugin prior to version 2.0.9 suffers from an authorization bypass vulnerability that permits users with Author role privileges to invoke a specific AJAX action. This flaw enables unauthorized users to create and activate site-wide templates, allowing them to modify critical ...
PoC for CVE-2026-12869
The Header Footer Builder plugin for Elementor allows users with the 'edit_posts' capability, such as Contributors, to import dashboard templates without proper administrative control. This oversight enables these users to inject potentially harmful JavaScript through an Elementor HTML widget. As...
PoC for CVE-2026-12906
The RTMKit plugin for WordPress prior to version 2.0.9 is affected by an access control vulnerability. It fails to implement a necessary capability check for one of its AJAX actions, allowing users with just the Contributor role to exploit this flaw. This vulnerability enables them to gain unauth...
PoC for CVE-2026-12978
The FunnelKit WordPress plugin versions prior to 3.15.0.6 are vulnerable to reflected cross-site scripting attacks due to improper handling of user-supplied parameters in its AJAX actions. This flaw enables unauthenticated attackers to inject malicious scripts that are executed in the context of ...
PoC for CVE-2026-12684
The Customer Reviews for WooCommerce WordPress plugin, prior to version 5.113.0, lacks necessary authentication and nonce checks in its AJAX actions related to media uploads. When the review media attachment feature is activated, this flaw permits unauthorized users to upload files to the Media L...
PoC for CVE-2026-11866
The Appointment Booking Plugin for WordPress, prior to version 5.6.3, is vulnerable to Cross-Site Request Forgery (CSRF) due to inadequate validation of CSRF nonces across several actions managed by its central request dispatcher. This flaw permits attackers to exploit logged-in administrators, e...
PoC for CVE-2026-12492
The Happy Coders OTP Login for WooCommerce plugin prior to version 2.8 suffers from an authentication bypass issue. This flaw allows attackers to bypass the one-time password validation mechanism, enabling them to log in as any user, including administrative accounts. Furthermore, this vulnerabil...
PoC for CVE-2026-12510
The AI Engine WordPress plugin, prior to version 3.5.5, has a security flaw that allows users with subscriber-level access to improperly access private conversations of other users. This issue arises from the plugin's failure to confirm user ownership of a specified chatbot conversation based on ...
PoC for CVE-2026-12395
The WP Job Portal plugin for WordPress prior to version 2.5.5 is susceptible to SQL injection due to improper sanitization and escaping of parameters in SQL queries. This flaw can be exploited by authenticated users with subscriber-level accounts to execute unauthorized SQL commands, potentially ...
PoC for CVE-2026-12525
The Redux Framework plugin for WordPress prior to version 4.5.13 contains a vulnerability that allows unauthorized users with Subscriber roles to write arbitrary user meta keys when saving custom profile fields. This flaw can lead to privilege escalation, enabling these users to gain Administrato...
PoC for CVE-2026-12585
The Abandoned Cart Lite for WooCommerce plugin prior to version 6.8.2 presents a significant security concern by failing to safeguard the integrity of its cart-recovery tokens. This vulnerability enables unauthenticated attackers to generate fraudulent recovery links, potentially allowing them to...
PoC for CVE-2026-11371
The BetterDocs WordPress plugin prior to version 4.5.5 fails to properly sanitize AI-generated documentation summaries. This oversight allows unauthenticated users to exploit the feature by injecting malicious payloads through prompt injection. Once stored, these payloads can execute in the brows...
PoC for CVE-2026-48909
The SP LMS component (com_splms) version prior to 4.1.4 by JoomShaper contains a vulnerability that allows unauthenticated attackers to execute arbitrary code on the server. This issue arises from the unsanitized deserialization of user-controlled cookie data, posing significant security risks fo...
Discovered 4 hours ago
PoC for CVE-2026-46591
The Apache Camel Neo4J component suffers from a vulnerability that allows for improper neutralization of special elements in data query logic. Specifically, it arises from how the camel-neo4j producer constructs Cypher queries from the CamelNeo4jMatchProperties map. Despite prior measures address...
PoC for CVE-2026-58138
An unauthenticated remote code execution vulnerability in Orkes Conductor versions prior to 3.30.2 could allow remote attackers to execute arbitrary operating system commands by submitting malicious JavaScript or Python expressions through workflow definitions to the workflow API endpoint without...
PoC for CVE-2026-3891
The Pix for WooCommerce plugin for WordPress is susceptible to arbitrary file uploads due to a lack of capability checks and insufficient file type validation within the 'lkn_pix_for_woocommerce_c6_save_settings' function. This vulnerability exists across all versions through 1.5.0. An unauthenti...
Discovered 7 hours ago
PoC for CVE-2026-15409
A Server-side Request Forgery (SSRF) vulnerability has been identified within the Work Place interface of the SMA1000 Appliance. This security flaw allows a remote attacker, without authentication, to exploit the appliance, enabling it to make requests to unintended and potentially malicious loca...
Discovered 10 hours ago
PoC for CVE-2026-46590
The deserialization vulnerability in Apache Camel's PQC component allows malicious actors to exploit untrusted data during key lifecycle operations. This vulnerability arises from the use of raw object deserialization without proper input filtering, particularly affecting pluggable KeyLifecycleMa...
PoC for CVE-2024-5082
A Remote Code Execution vulnerability has been discovered in Sonatype Nexus Repository 2. This issue affects Nexus Repository 2 OSS/Pro versions up to and including 2.15.1.
Discovered 11 hours ago
PoC for CVE-2026-46588
An improper input validation vulnerability has been identified in Apache Camel. This flaw allows attackers to submit invalid input data, potentially leading to unexpected behavior in applications using vulnerable versions of the software. It is crucial for users to promptly update to secure versi...
Discovered 13 hours ago
PoC for CVE-2026-46587
An improper input validation vulnerability in Apache Camel has been identified, impacting versions up to 4.14.7, from 4.15.0 to 4.18.2, and from 4.19.0 to 4.20.0. This flaw can lead to potential exploitation if untrusted input is processed. It is strongly advised for users to upgrade to Apache Ca...
PoC for CVE-2026-43499
A vulnerability exists in the Linux kernel's rtmutex component where the remove_waiter() function incorrectly utilizes current instead of waiter::task during a dequeue operation within various mutex handling paths. This mismanagement leads to multiple issues, including potential use-after-free vu...
PoC for CVE-2026-43499
A vulnerability exists in the Linux kernel's rtmutex component where the remove_waiter() function incorrectly utilizes current instead of waiter::task during a dequeue operation within various mutex handling paths. This mismanagement leads to multiple issues, including potential use-after-free vu...
Discovered 14 hours ago
PoC for CVE-2026-40501
Cherry Studio is vulnerable to remote code execution due to a misconfiguration in the SearchService component. Versions 1.2.2 through 1.9.12 have been identified as affected, enabling attackers to exploit controlled search provider content delivered via malicious JavaScript. If the Electron Brows...
Discovered 15 hours ago
PoC for CVE-2026-59258
Immich versions before 3.0.3 are susceptible to a broken access control vulnerability in the PUT /albums/:id/user/:userId endpoint. This issue allows users with editor access to improperly alter member roles within shared albums, enabling them to demote the actual album owner to an editor positio...
PoC for CVE-2026-59255
BloodHound versions up to 9.4.0 contain a vulnerability within the custom-nodes API endpoints due to inadequate authorization checks. This flaw permits any authenticated user to manipulate the global graph schema. Exploitable by attackers holding valid session tokens, it enables the creation, mod...
PoC for CVE-2026-58660
A vulnerability exists in Kanboard's BoardAjaxController, where the save() method fails to properly validate task ownership during drag-and-drop operations. This allows authenticated users to manipulate tasks across different projects, even those they do not have direct access to. By exploiting t...
PoC for CVE-2026-58659
A vulnerability in PyTorch Lightning allows attackers to execute arbitrary code through the _load_state function. By crafting malicious checkpoint files that manipulate checkpoint _instantiator hyperparameters, an attacker can bypass the weights_only=True protection mechanism. When the LightningM...
PoC for CVE-2026-58658
The vulnerability in GPUStack before version 2.2.1 allows unauthenticated attackers to exploit the unprotected /serveLogs and /debug endpoints on the worker port. This exploitation enables attackers to access sensitive inference logs, including enumerating model instance IDs, streaming logs conta...
PoC for CVE-2026-59827
Metabase, an open-source business intelligence and embedded analytics tool, suffers from a deserialization vulnerability in versions prior to 1.58.15, 1.59.12, 1.60.6.3, and 1.61.1.4. When configured with an H2 database connection, including the default sample database, this flaw permits authenti...
PoC for CVE-2026-46585
The Apache Camel Lucene Component is susceptible to an improper input validation and authorization bypass vulnerability. This flaw occurs when the camel-lucene producer processes input headers that are not properly filtered due to missing Camel prefix checks, allowing any HTTP client to manipulat...
Discovered 16 hours ago
PoC for CVE-2026-27483
MindsDB, a data-driven AI platform, has a vulnerability in its /api/files interface that allows authenticated attackers to exploit path traversal in the 'Upload File' module. This weakness is due to insufficient validation of file paths, permitting attackers to incorporate '../' sequences in the ...
Discovered 17 hours ago
PoC for CVE-2026-27944
Nginx UI, a web interface for the Nginx web server, has a critical security flaw where the /api/backup endpoint is accessible without authentication. This vulnerability allows unauthenticated attackers to retrieve a complete system backup that includes sensitive information such as user credentia...
Discovered 19 hours ago
PoC for CVE-2025-27591
A privilege escalation vulnerability was identified in the Below service prior to version 0.9.0. This vulnerability arises from the creation of a world-writable directory located at /var/log/below. As a result, local unprivileged users can exploit this flaw through symlink attacks, potentially ma...
PoC for CVE-2026-43499
A vulnerability exists in the Linux kernel's rtmutex component where the remove_waiter() function incorrectly utilizes current instead of waiter::task during a dequeue operation within various mutex handling paths. This mismanagement leads to multiple issues, including potential use-after-free vu...
Discovered 20 hours ago
PoC for CVE-2026-15410
A vulnerability has been identified in the SMA1000 Appliance Management Console that allows a post-authentication improper control of code generation. Under specific conditions, an authenticated remote attacker could exploit this flaw to execute arbitrary operating system commands. This vulnerabi...
PoC for CVE-2026-15409
A Server-side Request Forgery (SSRF) vulnerability has been identified within the Work Place interface of the SMA1000 Appliance. This security flaw allows a remote attacker, without authentication, to exploit the appliance, enabling it to make requests to unintended and potentially malicious loca...
Discovered 1 day ago
PoC for CVE-2026-26718
A Cross-Site Request Forgery vulnerability has been identified in the XXL-Job-Admin web application version 3.0.0. This flaw permits attackers to execute unauthorized modifications to Glue IDE shell scripts. The vulnerability arises due to inadequate CSRF token validation and the acceptance of ar...
PoC for CVE-2026-11580
The Kali Forms — Contact Form & Drag-and-Drop Builder WordPress plugin prior to version 2.4.17 is susceptible to an insufficient access control vulnerability. This flaw allows users with Contributor-level access or higher to duplicate any post, circumventing ownership restrictions. As a result, t...
PoC for CVE-2026-12281
The Shibboleth plugin for WordPress before version 2.5.4 is vulnerable to an authentication bypass due to a flaw in its HTTP header identity mode. When this mode is activated without an anti-spoofing key, the plugin erroneously authenticates any request carrying identity headers without proper ve...
PoC for CVE-2026-11579
The Kali Forms plugin for WordPress, specifically versions before 2.4.17, contains a significant vulnerability where it fails to verify if a file upload is associated with an existing form that has a file-upload field. This oversight allows unauthorized users to upload files directly to the WordP...
PoC for CVE-2026-12512
The Quotes Llama WordPress plugin prior to version 3.1.6 is susceptible to SQL injection due to improper sanitization and escaping of user-supplied parameters in SQL queries. This vulnerability enables unauthenticated attackers to manipulate the database, potentially allowing them to retrieve sen...
PoC for CVE-2026-23744
MCPJam Inspector, designed for local-first development on MCP servers, has a vulnerability allowing remote code execution (RCE) due to improper binding settings. In versions 1.4.2 and earlier, the platform listens on 0.0.0.0 by default, enabling attackers to exploit this configuration through cra...
PoC for CVE-2026-46584
An improper input validation vulnerability in the Apache Camel Mail Component allows for the potential exposure of sensitive information due to untrusted input being processed without proper filtering. Specifically, the MailProducer may construct JavaMail sessions with headers from untrusted sour...
PoC for CVE-2026-0740
The Ninja Forms - File Uploads plugin for WordPress contains a vulnerability allowing unauthenticated attackers to upload arbitrary files due to inadequate file type validation in the upload handling function. This oversight affects all versions upto and including 3.3.26, potentially enabling att...
PoC for CVE-2026-43499
A vulnerability exists in the Linux kernel's rtmutex component where the remove_waiter() function incorrectly utilizes current instead of waiter::task during a dequeue operation within various mutex handling paths. This mismanagement leads to multiple issues, including potential use-after-free vu...
PoC for CVE-2026-15753
A critical vulnerability has been identified in the Zhinianboke Xianyu-Auto-Reply server that allows an attacker to manipulate server-side HTTP permission methods through the vulnerable 'review' functionality at /api/v1/payment/withdraw/review?action=approve. This manipulation can facilitate unau...
PoC for CVE-2026-15751
A security vulnerability has been discovered in the Mastergo Design Magic MCP tool, particularly affecting the function execute in the component mcp__getComponentGenerator located in mastergo/component-workflow.md. This vulnerability allows unauthorized access to file paths due to improper handli...