Publicly Disclosed
PoC Exploits

đź”´ Alway take caution when working with PoC Exploits đź”´

Discovered just now...

PoC for CVE-2026-6643

Asustor Inc.Adm8.6HIGH
Stack-based Buffer Overflow in Asustor VPN Clients

A stack-based buffer overflow vulnerability exists in the VPN Clients on Asustor's ADM platform. This flaw results from the unbounded use of the sscanf() function and the direct incorporation of user-controlled data into printf() calls. The absence of protection mechanisms such as Position Indepe...

Discovered 2 hours ago

PoC for CVE-2026-7240

TotolinkA8000ru9.3CRITICAL
OS Command Injection Vulnerability in Totolink A8000RU Device

A vulnerability exists within the Totolink A8000RU due to improper handling of user input in the setVpnAccountCfg function located in /cgi-bin/cstecgi.cgi. This weakness allows an attacker to execute arbitrary operating system commands via crafted requests. This command injection can be exploited...

PoC for CVE-2026-7238

Code-projectsOnline Music Site5.1MEDIUM
Unrestricted File Upload Vulnerability in Code-projects Online Musi...

A security flaw has been identified in Code-projects Online Music Site version 1.0, specifically in the /Administrator/PHP/AdminUpdateAlbum.php file. This vulnerability allows for the manipulation of the argument 'txtimage', resulting in unrestricted file uploads. The potential for remote exploit...

Discovered 3 hours ago

PoC for CVE-2026-7237

AgiflowScaffold-mcp6.9MEDIUM
Path Traversal Vulnerability in AgiFlow Scaffold-mcp Up to Version ...

A vulnerability exists in the AgiFlow scaffold-mcp tool that impacts the file write functionality. By manipulating the file_path argument in the source file packages/scaffold-mcp/src/server/index.ts, an attacker can exploit this vulnerability to perform path traversal attacks. This allows unautho...

PoC for CVE-2026-7235

ErlichliuClaude-agent-sdk-master6.9MEDIUM
Path Traversal Vulnerability in ErlichLiu Claude-Agent SDK

A security vulnerability exists in the ErlichLiu claude-agent-sdk-master, related to the improper handling of the outputFile argument in the app/api/agent-output/route.ts file. This flaw allows for path traversal attacks, potentially enabling an attacker to access sensitive files on the server. T...

PoC for CVE-2026-7234

BrowseroperatorBrowser-operator-core6.9MEDIUM
Path Traversal Vulnerability in BrowserOperator's Browser-Operator-...

A path traversal vulnerability has been discovered in BrowserOperator's browser-operator-core up to version 0.6.0. The issue arises in the 'startsWith' function within the scripts/component_server/server.js file. Attackers can manipulate the 'request.url' parameter, potentially leading to unautho...

PoC for CVE-2026-7233

ArtifexMuPDF4.8MEDIUM
Out-of-Bounds Read Vulnerability in Artifex MuPDF CFF Index Handler

A vulnerability exists in Artifex MuPDF versions up to 1.28.0 due to improper management of the fz_subset_cff_for_gids function in the subset-cff.c file. This flaw leads to potential out-of-bounds read conditions, enabling an attacker to exploit it locally. Although the problem has been acknowled...

PoC for CVE-2026-5306

WordPressCheck & Log Email
Stored XSS Vulnerability in Check & Log Email WordPress Plugin

The Check & Log Email WordPress plugin, prior to version 2.0.13, is susceptible to stored Cross-Site Scripting (XSS) attacks due to improper handling of email replacement. With the email encoder setting enabled, this vulnerability allows unauthenticated attackers to inject malicious scripts that ...

Discovered 4 hours ago

PoC for CVE-2026-7229

Code-projectsCoaching Management Sy...5.3MEDIUM
SQL Injection Vulnerability in Coaching Management System by Code-P...

A vulnerability identified in Code-Projects' Coaching Management System 1.0 allows attackers to exploit an unknown function within the /cims/modules/admin/reply.php file. This weakness arises during the manipulation of the 'complaintreply' argument, resulting in SQL injection. The nature of this ...

PoC for CVE-2026-21986

OracleOracle Vm Virtualbox7.1HIGH
Unauthenticated Access Vulnerability in Oracle VM VirtualBox

A vulnerability exists in Oracle VM VirtualBox that allows an unauthenticated attacker with access to the infrastructure where the software is deployed to exploit the system. This can lead to unauthorized control over Oracle VM VirtualBox, resulting in potential service disruptions such as freque...

PoC for CVE-2026-7228

SourcecodesterPizzafy Ecommerce System6.9MEDIUM
SQL Injection Vulnerability in SourceCodester Pizzafy Ecommerce System

A vulnerability exists in the Pizzafy Ecommerce System 1.0, specifically within the get_cart_count function located in the /admin/ajax.php file. This flaw allows attackers to manipulate the ID argument, enabling them to execute SQL injection attacks remotely. Exploiting this vulnerability could l...

PoC for CVE-2026-7227

SourcecodesterPizzafy Ecommerce System6.9MEDIUM
SQL Injection Vulnerability in SourceCodester Pizzafy Ecommerce Sys...

A vulnerability has been identified in the Pizzafy Ecommerce System, specifically impacting its login functionality. The flaw resides in the handling of email arguments within the /admin/ajax.php?action=login file. This vulnerability allows for SQL injection attacks, which can be remotely execute...

Discovered 5 hours ago

PoC for CVE-2026-7226

SourcecodesterPizzafy Ecommerce System6.9MEDIUM
SQL Injection Vulnerability in SourceCodester Pizzafy Ecommerce System

A security flaw has been identified in the SourceCodester Pizzafy Ecommerce System version 1.0 that permits SQL injection through the login function at /admin/ajax.php?action=login2. By manipulating the e-mail argument, an attacker can exploit this vulnerability to execute arbitrary SQL commands,...

PoC for CVE-2026-7225

SourcecodesterPizzafy Ecommerce System6.9MEDIUM
SQL Injection Vulnerability in SourceCodester Pizzafy Ecommerce System

A vulnerability has been identified in the SourceCodester Pizzafy Ecommerce System 1.0, specifically in the delete_menu function located in /admin/ajax.php. This flaw arises from improper handling of the argument ID, which can be manipulated by an attacker to execute SQL injection attacks. These ...

PoC for CVE-2026-7224

SourcecodesterPizzafy Ecommerce System6.9MEDIUM
SQL Injection Vulnerability in SourceCodester Pizzafy Ecommerce System

A security flaw has been identified in the SourceCodester Pizzafy Ecommerce System 1.0, specifically affecting the delete_cart function located in /admin/ajax.php. This vulnerability allows for SQL injection through manipulation of the argument ID, potentially enabling attackers to execute arbitr...

PoC for CVE-2026-7223

BigsweetpotatostudioHyperchat6.9MEDIUM
Server-Side Request Forgery Vulnerability in BigSweetPotatoStudio H...

A server-side request forgery vulnerability exists in the AI Proxy Middleware component of BigSweetPotatoStudio HyperChat, specifically within the 'fetch' function located in the file packages/core/src/http/aiProxyMiddleware.mts. This flaw allows an attacker to manipulate the 'baseurl' argument, ...

Discovered 6 hours ago

PoC for CVE-2026-7222

Code-projectsCoaching Management Sy...5.1MEDIUM
Cross Site Scripting Vulnerability in Coaching Management System by...

A cross site scripting vulnerability has been identified in the Coaching Management System 1.0, specifically within the Complaint Form Page functionality located in the file /cims/modules/student/complaint.php. This flaw allows for remote exploitation by manipulating the 'Complaint' argument. Att...

PoC for CVE-2026-7221

TencentcloudbaseCloudbase-mcp6.9MEDIUM
Server-Side Request Forgery in TencentCloudBase CloudBase-MCP

A vulnerability exists in TencentCloudBase CloudBase-MCP up to version 2.17.0 that exposes the open-url API endpoint to server-side request forgery attacks. This flaw allows remote attackers to manipulate the 'req.body.url' argument in the 'openUrl' function, potentially leading to unauthorized a...

PoC for CVE-2026-33453

ApacheApache Camel10CRITICAL
Remote Code Execution Vulnerability in Apache Camel's CoAP Component

A vulnerability exists within Apache Camel's camel-coap component that allows an unauthenticated attacker to exploit message header injection. By sending a single CoAP UDP packet to a Camel route that accepts coap:// input, attackers can inject arbitrary Camel internal headers into the Exchange. ...

PoC for CVE-2026-7220

JackwrichardsFastlymcp6.9MEDIUM
OS Command Injection Vulnerability in jackwrichards FastlyMCP Tool

A vulnerability has been identified in the FastlyMCP tool by jackwrichards, specifically in the fastly-mcp.mjs file. This issue allows for remote OS command injection through manipulated command arguments. Exploiting this flaw may lead to unauthorized command execution, posing significant securit...

PoC for CVE-2026-7219

TotolinkN300rt8.6HIGH
Buffer Overflow Vulnerability in Totolink N300RT Router

A buffer overflow vulnerability exists in the Totolink N300RT router, specifically within the /boafrm/formIpQoS function. An attacker can exploit this flaw by manipulating the argument 'entry_name', potentially leading to unauthorized access or remote code execution. This vulnerability affects us...

Discovered 7 hours ago

PoC for CVE-2026-7218

TotolinkN300rt8.6HIGH
Buffer Overflow Vulnerability in Totolink N300RT Router Software

A significant vulnerability has been identified in Totolink N300RT Router version 3.4.0-B20250430, specifically within the implementation of the 'is_cmd_string_valid' function in the 'libapmib.so' component. This weakness arises from improper handling of the 'localPin' argument, leading to a buff...

PoC for CVE-2026-7217

DeepracticePromptx6.9MEDIUM
Absolute Path Traversal Vulnerability in Deepractice PromptX Docume...

A security flaw has been identified in Deepractice PromptX, affecting versions up to 2.4.0. The issue lies within the Document File Handler's functions responsible for reading various file formats, including DOCX, XLSX, PPTX, and PDF. This vulnerability allows for absolute path traversal due to i...

PoC for CVE-2026-7216

DoncheloProcessing-claude-mcp-...6.9MEDIUM
Path Traversal Vulnerability in Donchelo Processing-claude-mcp-brid...

A vulnerability in the Donchelo processing-claude-mcp-bridge has been identified, specifically in the create_sketch Tool's processing_server.py file. This flaw allows for path traversal due to improper handling of the `sketch_name` parameter. Exploiting this vulnerability could enable remote atta...

PoC for CVE-2026-7215

EgtaiGmx-vmd-mcp6.9MEDIUM
Command Injection Vulnerability in egtai gmx-vmd-mcp Product

A security flaw in the egtai gmx-vmd-mcp product allows for command injection via the VMD Launch Handler. Specifically, the vulnerability is located in the launch_vmd_gui_tool function of the mcp_server.py file. Attackers can manipulate the structure_file and trajectory_file arguments, which coul...

Discovered 8 hours ago

PoC for CVE-2026-7214

EghuzefaEngineer-your-data6.9MEDIUM
Path Traversal Vulnerability in eghuzefa Engineer-Your-Data Product

A path traversal vulnerability exists in the eghuzefa engineer-your-data software, specifically affecting versions up to 0.1.3. The flaw resides in the file management functions—read_file, write_file, list_files, and file_inf—located in src/server.py. An attacker can exploit this vulnerability by...

PoC for CVE-2026-7213

Ef10007Mlops Mcp6.9MEDIUM
Path Traversal Vulnerability in ef10007 MLOps_MCP by ef10007

A path traversal vulnerability exists in the ef10007 MLOps_MCP 1.0.0, specifically within the save_file tool's fastmcp_server.py script. By manipulating the 'filename/destination' argument, an attacker can execute a path traversal attack, potentially allowing unauthorized file system access. This...

PoC for CVE-2026-33439

OpenidentityplatformOpenam9.3CRITICAL
Remote Code Execution in OpenIdentityPlatform OpenAM Access Managem...

OpenIdentityPlatform's OpenAM, an access management solution, is susceptible to a pre-authentication Remote Code Execution vulnerability due to unsafe Java deserialization. This issue arises from the handling of the jato.clientSession HTTP parameter, allowing unauthenticated attackers to execute ...

PoC for CVE-2026-7212

EdvardlindelofNotes-mcp6.9MEDIUM
Path Traversal Vulnerability in edvardlindelof notes-mcp Software

A security vulnerability has been identified in the notes-mcp application developed by edvardlindelof, specifically affecting version 0.1.4. The flaw resides in an unknown function within the notes_mcp.py file, where improper validation of the root_dir/path argument enables unauthorized access to...

Discovered 10 hours ago

PoC for CVE-2026-7200

SourcecodesterPharmacy Sales And Inv...5.3MEDIUM
Cross-Site Scripting Vulnerability in SourceCodester Pharmacy Sales...

A flaw has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0, specifically affecting an unknown functionality of the file /index.php?page=types. By manipulating the argument ID, an attacker could potentially execute cross-site scripting (XSS) attacks, which can be performe...

PoC for CVE-2026-7199

SourcecodesterPharmacy Sales And Inv...6.9MEDIUM
SQL Injection Vulnerability in SourceCodester Pharmacy Sales and In...

A SQL injection vulnerability exists in SourceCodester Pharmacy Sales and Inventory System 1.0, specifically within the AJAX functionality at /ajax.php?action=delete_product. Maliciously crafted requests targeting the argument ID can lead to unauthorized access and potential manipulation of the d...

PoC for CVE-2026-7196

CodeastroOnline Classroom5.3MEDIUM
SQL Injection Vulnerability in CodeAstro Online Classroom by CodeAstro

A security vulnerability has been identified in CodeAstro Online Classroom version 1.0, specifically within the /guestdetails file. The vulnerability arises from improper handling of an argument, 'deleteid', which allows remote attackers to execute SQL injection attacks. This manipulation can lea...

Discovered 11 hours ago

PoC for CVE-2026-7194

SourcecodesterPharmacy Sales And Inv...6.9MEDIUM
SQL Injection Vulnerability in SourceCodester Pharmacy Sales and In...

A security weakness has been discovered in the SourceCodester Pharmacy Sales and Inventory System 1.0, specifically within the file /ajax.php when processing the action save_product. This vulnerability allows attackers to manipulate the argument ID, leading to SQL injection. The flaw can be explo...

PoC for CVE-2026-7179

OspgBinwalk4.8MEDIUM
Path Traversal Vulnerability in OSPG binwalk by Open Source Community

A security vulnerability has been identified in the OSPG binwalk tool, specifically in versions up to 2.4.3, affecting the read_null_terminated_string function within the WinCE Extraction Plugin. This flaw allows local attackers to manipulate the function's arguments and potentially exploit path ...

PoC for CVE-2026-7178

ChatgptnextwebNextchat6.9MEDIUM
Server-Side Request Forgery Vulnerability in ChatGPTNextWeb NextChat

A security flaw exists in the ChatGPTNextWeb NextChat application up to version 2.16.1, primarily affecting the 'storeUrl' function within the 'app/api/artifacts/route.ts' file. This vulnerability allows for server-side request forgery (SSRF) through manipulation of the argument ID, enabling remo...

Discovered 12 hours ago

PoC for CVE-2026-7177

ChatgptnextwebNextchat6.9MEDIUM
Server-Side Request Forgery Vulnerability in ChatGPTNextWeb NextChat

A security flaw in NextChat versions up to 2.16.1 allows attackers to exploit the proxyHandler function within app/api/[provider]/[...path]/route.ts, posing a server-side request forgery vulnerability. This issue can be exploited remotely, potentially allowing unauthorized access to internal reso...

PoC for CVE-2026-7160

TendaHg38.7HIGH
Command Injection Vulnerability in Tenda HG3 Router

A vulnerability has been identified in the Tenda HG3 router involving command injection through the formTracert function located in the /boaform/formTracert file. This flaw allows an attacker to manipulate the datasize argument, potentially enabling remote code execution. Given the public disclos...

PoC for CVE-2026-7159

DouincMkdocs-mcp-plugin6.9MEDIUM
Path Traversal Vulnerability in douinc mkdocs-mcp-plugin Software

A path traversal vulnerability has been identified in the douinc mkdocs-mcp-plugin version 0.4.1. This issue allows attackers to manipulate inputs intended for the read_document and list_documents functions within the server.py file. An attacker could potentially trick the affected function into ...

PoC for CVE-2026-7158

DmitryglhfMcp-url-downloader6.9MEDIUM
Server-Side Request Forgery Vulnerability in Dmitryglhf MCP-URL-Dow...

A vulnerability exists in the dmitryglhf MCP-URL-Downloader that allows for server-side request forgery due to improper validation of URLs in the _validate_url_safe function. This issue can be exploited remotely, allowing attackers to manipulate the URL argument and potentially access sensitive d...

Discovered 13 hours ago

PoC for CVE-2026-7157

DislerAider-mcp-server6.9MEDIUM
Command Injection Vulnerability in disler aider-mcp-server by Disler

A command injection vulnerability exists in the disler aider-mcp-server, specifically within the functionality of src/aider_mcp_server/server.py. This flaw allows attackers to manipulate the argument 'relative_editable_files', making remote exploitation possible. The vulnerability is present in v...

PoC for CVE-2026-7156

TotolinkA8000ru9.3CRITICAL
OS Command Injection Vulnerability in Totolink A8000RU

A vulnerability has been identified in the Totolink A8000RU, specifically in the CGI Handler component's CsteSystem function. This flaw allows for manipulation of the HTTP argument, leading to potential OS command injection. Attackers can exploit this vulnerability remotely, posing a significant ...

PoC for CVE-2026-7155

TotolinkA8000ru9.3CRITICAL
OS Command Injection Vulnerability in Totolink A8000RU

A vulnerability has been found in the Totolink A8000RU version 7.1cu.643_b20200521, specifically within the CGI component. This flaw resides in the setLoginPasswordCfg function within the cgi-bin/cstecgi.cgi file. By manipulating the admpass argument, an attacker can execute arbitrary OS commands...

PoC for CVE-2026-7154

TotolinkA8000ru9.3CRITICAL
OS Command Injection Vulnerability in Totolink A8000RU Product

A security vulnerability has been identified in the Totolink A8000RU version 7.1cu.643_b20200521, particularly in the functionality of the CGI Handler. This weakness arises from the setAdvancedInfoShow method, where an improperly handled input parameter, tty_server, allows an attacker to conduct ...

Discovered 14 hours ago

PoC for CVE-2026-7153

TotolinkA8000ru9.3CRITICAL
OS Command Injection Vulnerability in Totolink A8000RU Router

A security flaw has been identified in the Totolink A8000RU router, specifically within the CGI Handler component. The vulnerability arises from improper handling of the 'sys_info' argument in the 'setMiniuiHomeInfoShow' function of the /cgi-bin/cstecgi.cgi file. This oversight allows an attacker...

PoC for CVE-2026-7152

TotolinkA8000ru9.3CRITICAL
OS Command Injection Vulnerability in Totolink A8000RU

An OS command injection vulnerability exists in the Totolink A8000RU router firmware version 7.1cu.643_b20200521. Specifically, the flaw lies in the 'setTelnetCfg' function within the '/cgi-bin/cstecgi.cgi' CGI Handler component. This vulnerability enables remote attackers to exploit the telnet_e...

PoC for CVE-2026-35022

AnthropicClaude Code9.3CRITICAL
OS Command Injection Vulnerability in Anthropic Claude Code CLI and...

The Anthropic Claude Code CLI and Claude Agent SDK are susceptible to an OS command injection vulnerability in the authentication helper execution. This flaw arises from the lack of input validation in the execution of helper configuration values, allowing an attacker with the ability to manipula...

PoC for CVE-2026-7151

TendaHg38.7HIGH
Stack-based Buffer Overflow in Tenda HG3 Affected by Vulnerability

A stack-based buffer overflow exists in the Tenda HG3 model 2.0 due to insufficient validation in the formUploadConfig function located in the /boaform/formIPv6Routing file. This insecurity can be exploited remotely by manipulating the destNet parameter, potentially allowing an attacker to execut...

PoC for CVE-2026-7150

Dh1011Auto-favicon5.3MEDIUM
Server-Side Request Forgery in dh1011 Auto-Favicon MCP Tool

A vulnerability exists in the dh1011 Auto-Favicon MCP Tool within the generate_favicon_from_url function. The flaw allows an attacker to manipulate the image_url argument, leading to potential server-side request forgery. This manipulation can be executed remotely, putting systems at risk of unau...

Discovered 15 hours ago

PoC for CVE-2026-7149

DexhunterKaggle-mcp6.9MEDIUM
Path Traversal Vulnerability in dexhunter kaggle-mcp Product by dex...

A path traversal vulnerability exists in the dexhunter kaggle-mcp project, specifically within the prepare_kaggle_dataset function located in the src/kaggle_mcp/server.py file. An attacker can exploit this vulnerability by manipulating the competition_id argument, allowing unauthorized access to ...

PoC for CVE-2026-7148

CodeastroOnline Classroom5.3MEDIUM
SQL Injection Vulnerability in CodeAstro Online Classroom by CodeAstro

A security vulnerability has been identified in CodeAstro Online Classroom 1.0. The flaw exists in the /addnewfaculty file, where improper handling of the 'fname' argument allows for SQL injection. This can enable an attacker to manipulate database queries from a remote location, exposing sensiti...