Publicly Disclosed
PoC Exploits

🔴 Alway take caution when working with PoC Exploits 🔴

Discovered just now...

PoC for CVE-2026-31431

LinuxLinux7.8HIGH
Vulnerability in Linux Kernel Affecting Crypto Operations

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

PoC for CVE-2026-34486

ApacheApache Tomcat7.5HIGH
Missing Encryption of Sensitive Data Vulnerability in Apache Tomcat

A vulnerability has been identified in Apache Tomcat that arises from missing encryption mechanisms for sensitive data, which could lead to data exposure. This issue was introduced as a result of the fix for another vulnerability, allowing the EncryptInterceptor to be bypassed. Users running vers...

PoC for CVE-2026-23918

ApacheApache Http Server8.8HIGH
Double Free and Remote Code Execution Vulnerability in Apache HTTP ...

A double free vulnerability has been identified in Apache HTTP Server that may lead to remote code execution, particularly concerning the HTTP/2 protocol. This issue affects version 2.4.66, and it is crucial for users to upgrade to version 2.4.67 to mitigate any potential security risks associate...

Discovered 2 hours ago

PoC for CVE-2026-8321

InkeepAgents6.9MEDIUM
Authentication Bypass Vulnerability in inkeep Agents by inkeep

A vulnerability has been identified in inkeep agents version 0.58.14, specifically within the createDevContext function of the runAuth.ts file in the runAuth Middleware component. This flaw allows an attacker to perform an authentication bypass via an alternate channel, potentially exposing sensi...

PoC for CVE-2026-8320

JishenghuaJsherp5.1MEDIUM
Server-Side Request Forgery in jishenghua jshERP by jishenghua

A security vulnerability exists in jishenghua's jshERP prior to version 3.6. This vulnerability affects the getUserByWeixinCode function within the UserService.java component of the updatePlatformConfigByKey endpoint. An attacker can manipulate the weixinUrl argument, enabling the execution of a ...

Discovered 3 hours ago

PoC for CVE-2026-8319

Aiwaves-cnAgents6.9MEDIUM
Uncontrolled Resource Consumption in aiwaves-cn agents Affecting Ch...

A weakness has been identified in aiwaves-cn agents, specifically within the 'recall_relevant_memories_to_working_memory' function of the 'stray_cat.py' file in the 'cheshire_cat_core' component. This vulnerability can lead to significant resource exhaustion if exploited, allowing attackers to co...

Discovered 4 hours ago

PoC for CVE-2026-8318

VectifyaiPageindex6.9MEDIUM
Infinite Loop Vulnerability in VectifyAI PageIndex PDF Table of Con...

A security flaw in VectifyAI PageIndex has been identified within the PDF Table of Contents Handler, specifically in the toc_transformer function of page_index.py. This vulnerability allows an attacker to exploit the software remotely, triggering an infinite loop that disrupts normal operations. ...

Discovered 5 hours ago

PoC for CVE-2026-43640

BitwardenServer8.6HIGH
Authentication Bypass in Bitwarden Server Affects API Key Management

Bitwarden Server versions prior to v2026.4.1 contain a critical flaw that allows authenticated users with SCIM management privileges to bypass the re-authentication requirement when accessing or rotating an organization's SCIM API key. This vulnerability enables unauthorized retrieval of sensitiv...

PoC for CVE-2026-43639

BitwardenServer8.9HIGH
Missing Authorization Vulnerability in Bitwarden Server by Bitwarden

A vulnerability in Bitwarden Server versions prior to v2026.4.0 allows a provider service user to exploit a missing authorization mechanism. This flaw enables the user to add an arbitrary organization to their provider through a specific API endpoint, effectively taking over the target organizati...

PoC for CVE-2026-43638

BitwardenServer5.3MEDIUM
Missing Authorization in Bitwarden Server Allows Unauthorized Ciphe...

A vulnerability in Bitwarden Server prior to v2026.4.1 allows any authenticated user to exploit a missing authorization check. By sending an empty `collections` array in a request to `POST /ciphers/import-organization`, attackers can bypass the server-side permission validation. This flaw enables...

PoC for CVE-2026-8305

OpenClawOpenclaw6.9MEDIUM
Improper Authentication Vulnerability in OpenClaw's Bluebubbles Web...

A vulnerability has been identified in OpenClaw's Bluebubbles Webhook component, specifically in the handleBlueBubblesWebhookRequest function located in monitor.ts. This flaw can allow unauthorized access due to improper authentication mechanisms. Remote attackers may exploit this vulnerability, ...

Discovered 7 hours ago

PoC for CVE-2026-8292

Open5GS ProjectOpen5gs5.3MEDIUM
Denial of Service Vulnerability in Open5GS by Open5GS Project

A security flaw has been identified in the Open5GS framework, affecting versions up to 2.7.7. The vulnerability resides in the function yuarel_parse within the NRF component's library /lib/sbi/conv.c. Attackers can exploit this weakness by manipulating the hnrf-uri argument, potentially leading t...

Discovered 8 hours ago

PoC for CVE-2026-4257

WordPressContact Form By Supsystic🟣 EPSS 26%9.8CRITICAL
Server-Side Template Injection in Contact Form by Supsystic for Wor...

The Contact Form by Supsystic plugin for WordPress is susceptible to a Server-Side Template Injection (SSTI) vulnerability that may lead to Remote Code Execution (RCE). This exposure affects all versions up to and including 1.7.36. The flaw arises from the plugin's integration of the Twig `Twig_L...

PoC for CVE-2026-43284

LinuxLinux8.8HIGH
Vulnerability in Linux Kernel Affects Shared skb Fragments

A vulnerability exists in the Linux kernel that concerns the handling of shared skb fragments during the decryption process in ESP-in-UDP packets. When pages are attached from a pipe directly to an skb using MSG_SPLICE_PAGES, the kernel marked these SKBs with SKBFL_SHARED_FRAG, which plays a cruc...

PoC for CVE-2026-8291

Open5GSOpen5gs5.3MEDIUM
Denial of Service Vulnerability in Open5GS NRF Component

A vulnerability has been discovered in Open5GS versions up to 2.7.7, specifically within the ogs_nnrf_nfm_handle_nf_profile function in the NRF component's lib/sbi/nnrf-handler.c file. This issue allows for a remote attacker to cause a denial of service, potentially disrupting service availabilit...

Discovered 9 hours ago

PoC for CVE-2026-8290

Open5GSOpen5gs5.3MEDIUM
Denial of Service Vulnerability in Open5GS SMF by Open5GS

A security flaw has been identified in the Open5GS SMF component, specifically in the smf_nsmf_handle_update_data_in_vsmf function within /src/smf/nsmf-handler.c. This vulnerability allows for remote exploitation, potentially leading to a denial of service condition. Attackers can leverage this i...

PoC for CVE-2026-8289

Open5GS ProjectOpen5gs5.3MEDIUM
Denial of Service Vulnerability in Open5GS by Open5GS Project

A vulnerability in Open5GS affects the SMF component, particularly the smf_nsmf_handle_update_data_in_vsmf function. This vulnerability arises from improper handling of the qosFlowProfile argument, leading to potential denial of service attacks. The exploitation can be conducted remotely, and pub...

Discovered 10 hours ago

PoC for CVE-2026-8288

Open5GSOpen5gs5.3MEDIUM
Denial of Service Vulnerability in Open5GS by Open5GS

A denial of service vulnerability has been identified in Open5GS software up to version 2.7.7. Specifically, the issue resides in the function gsm_handle_pdu_session_modification_qos_flow_descriptions located in the file src/smf/gsm-handler.c. By manipulating the argument n1SmMsg, an attacker can...

Discovered 11 hours ago

PoC for CVE-2025-41242

VmwareSpring Framework5.9MEDIUM
Path Traversal Vulnerability in Spring Framework MVC Applications

The Spring Framework MVC is susceptible to a Path Traversal Vulnerability when deployed on certain Servlet containers that do not adhere to compliance norms. The vulnerability arises when applications deployed as WAR files or with embedded Servlet containers accept unvalidated input leading to fi...

Discovered 13 hours ago

PoC for CVE-2019-10744

SnykLodash9.1CRITICAL
Lodash Vulnerable to Prototype Pollution

Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.

Discovered 16 hours ago

PoC for CVE-2026-6433

WordPressCustom Css-js-PHP7.3HIGH
SQL Injection Vulnerability in Custom CSS-JS-PHP WordPress Plugin b...

The Custom CSS-JS-PHP WordPress plugin prior to version 2.0.7 contains a vulnerability that allows attackers to inject malicious SQL code due to inadequate input sanitization. This flaw enables unauthenticated users to execute arbitrary PHP code on the server by passing unverified data to an eval...

Discovered 17 hours ago

PoC for CVE-2025-20700

Airoha Technology...Ab156x, Ab157x, Ab158x...8.8HIGH
Permission Bypass in Airoha Bluetooth Audio SDK

The Airoha Bluetooth audio SDK contains a vulnerability that enables a permission bypass, granting unauthorized access to sensitive data associated with the RACE protocol via Bluetooth LE GATT service. This flaw allows potential escalations in privilege without requiring additional execution priv...

PoC for CVE-2026-8276

BettercapBettercap6.3MEDIUM
Integer Coercion Flaw in Bettercap's MySQL Server Component

An integer coercion error has been identified in the MySQL Server component of Bettercap, affecting versions up to 2.41.5. This vulnerability can be exploited remotely, presenting a complex challenge for potential attackers. The flaw resides in the 'modules/mysql_server/mysql_server.go' file, whi...

PoC for CVE-2026-8275

BettercapBettercap6.3MEDIUM
Integer Coercion Vulnerability in Bettercap's Zerogod IPP Service

A vulnerability has been identified in Bettercap's Zerogod IPP Service, specifically within the ippReadChunkedBody function in the zerogod_ipp_primitives.go file. This issue allows for potential exploitation through a remote attack that manipulates data, leading to an integer coercion error. The ...

PoC for CVE-2026-8274

NpitreCramfs-tools4.8MEDIUM
Path Traversal Vulnerability in Npitre Cramfs-tools Directory Handler

A security vulnerability has been identified in Npitre cramfs-tools versions up to 2.1, specifically within the do_directory function in cramfsck.c. This issue allows local attackers to manipulate the path and access restricted directories through path traversal exploits. The problem has been pub...

Discovered 18 hours ago

PoC for CVE-2026-8272

D-linkDns-3205.1MEDIUM
OS Command Injection Vulnerability in D-Link DNS-320 File Management

A security flaw has been identified in the D-Link DNS-320, specifically in the /cgi-bin/webfile_mgr.cgi file management functionalities. This vulnerability allows attackers to perform OS command injection, enabling unauthorized remote manipulation of file operations such as delete, rename, copy, ...

PoC for CVE-2026-8271

D-linkDns-3205.1MEDIUM
OS Command Injection Vulnerability in D-Link ShareCenter NAS Devices

A significant vulnerability has been found in the D-Link DNS-320 ShareCenter NAS, particularly in the network_mgr.cgi script. This vulnerability allows remote attackers to inject operating system commands via specific parameters in multiple CGI functions. Given that the exploit is already publicl...

PoC for CVE-2026-8270

Open5GSOpen5gs5.3MEDIUM
Denial of Service Vulnerability in Open5GS SMF

A vulnerability exists in Open5GS up to version 2.7.7 within the SMF component's ogs_nas_parse_qos_rules function. An attacker can remotely exploit this flaw through crafted inputs, resulting in denial of service. The issue has been publicly disclosed, highlighting significant risks for users and...

PoC for CVE-2026-8269

Open5GSOpen5gs5.3MEDIUM
Denial of Service Vulnerability in Open5GS by Open5GS

A vulnerability has been identified in Open5GS versions up to 2.7.7, specifically within the SMF component in the function smf_nsmf_handle_create_sm_context. This vulnerability allows for manipulation that can lead to a denial of service, enabling remote exploitation. Despite being reported early...

Discovered 19 hours ago

PoC for CVE-2026-8268

Open5GSOpen5gs5.3MEDIUM
Denial of Service Vulnerability in Open5GS by Open5GS

A vulnerability in Open5GS’s SMF component, specifically within the OpenAPI_list_create function, allows a remote attacker to execute a denial of service attack. This issue has been disclosed publicly, making affected installations potentially vulnerable to disruptions. The Open5GS project was no...

PoC for CVE-2026-8267

Open5GSOpen5gs5.3MEDIUM
Denial of Service Vulnerability in Open5GS by Open5GS

A vulnerability has been identified in Open5GS versions up to 2.7.7, specifically in the SMF component's function smf_nsmf_handle_created_data_in_vsmf. This flaw allows attackers to initiate remote denial of service attacks, disrupting the service's functionality. Despite being reported, there ha...

PoC for CVE-2026-8266

Open5GSOpen5gs5.3MEDIUM
Denial of Service Vulnerability in Open5GS by Open5GS

A vulnerability exists in Open5GS versions up to 2.7.7, specifically in the gsm_build_pdu_session_establishment_accept function located in /src/smf/gsm-build.c. This flaw allows an attacker to remotely exploit the vulnerability, resulting in a denial of service. Despite initial reporting to the p...

PoC for CVE-2020-0423

GoogleAndroid7.8HIGH
Local Privilege Escalation Vulnerability in Android Kernel by Google

A vulnerability exists within the Android kernel's binder subsystem, where improper locking in the binder_release_work function can result in a use-after-free condition. This flaw enables a local attacker to escalate their privileges on the device without requiring any additional execution permis...

PoC for CVE-2026-8265

TendaAc65.1MEDIUM
OS Command Injection Vulnerability in Tenda AC6 Router

A security vulnerability has been identified in the Tenda AC6 router firmware version 15.03.06.23, specifically in the get_log_file function of the httpd component. This issue arises from improper handling of the 'wans.flag' argument, which can lead to OS command injection attacks. Malicious acto...

Discovered 20 hours ago

PoC for CVE-2026-8264

TendaAc65.3MEDIUM
Command Injection Vulnerability in Tenda AC6 Router

A vulnerability has been discovered in the Tenda AC6 router affecting firmware version 15.03.06.23. Specifically, the flaw resides within the formWifiApScan function located in the httpd component of the router's software. By manipulating the wl2g.public.country or wl5g.public.country arguments, ...

PoC for CVE-2026-8263

TendaAc65.1MEDIUM
OS Command Injection Vulnerability in Tenda AC6 Router

A security flaw exists in the Tenda AC6 router's firmware version 15.03.06.49_multi_TDE01, specifically in the functionality associated with the fromSetWirelessRepeat function. This vulnerability allows for OS command injection through manipulation of the mac/ssid parameters within the /goform/Wi...

PoC for CVE-2026-8262

Devs PalaceErp Online4.8MEDIUM
Cross-Site Scripting Vulnerability in Devs Palace ERP Online

A vulnerability in Devs Palace ERP Online versions up to 4.0.0 allows attackers to execute arbitrary JavaScript code via an inadequate validation mechanism in the /accounts/chart-save endpoint. This flaw can be exploited remotely and poses a risk for users as it enables the injection of malicious...

PoC for CVE-2026-8261

Squirrel TeamSquirrel5.1MEDIUM
Heap-Based Buffer Overflow in Squirrel Product by Squirrel Team

A vulnerability affecting Squirrel versions up to 3.2 is identified, stemming from issues in the SQFunctionProto::Load function located in the squirrel/sqobject.cpp file. This vulnerability enables a heap-based buffer overflow, which can be triggered through local execution. Publicly disclosed ex...

Discovered 21 hours ago

PoC for CVE-2026-8260

D-linkDcs-935l8.7HIGH
Buffer Overflow Vulnerability in D-Link DCS-935L HNAP Service

A buffer overflow vulnerability affects the D-Link DCS-935L camera models running firmware versions up to 1.10.01. The flaw exists in the SetDeviceSettings function of the HNAP Service, located at /web/cgi-bin/hnap/hnap_service. This vulnerability enables an attacker to manipulate the AdminPasswo...

PoC for CVE-2026-8259

TendaAc65.1MEDIUM
OS Command Injection Vulnerability in Tenda AC6 Router

A vulnerability has been discovered in the Tenda AC6 router affecting the HTTP daemon component, specifically within the '/goform/telnet' function. This issue arises from improper handling of the 'lan.ip' argument, which can lead to OS command injection. Attackers can exploit this vulnerability r...

PoC for CVE-2026-8258

SquirrelSquirrel4.8MEDIUM
Buffer Overflow Vulnerability in Squirrel Library Affecting Local E...

A vulnerability has been identified in the Squirrel library, particularly affecting versions up to 3.2. This flaw exists within the 'validate_format' function located in 'sqstdlib/sqstdstring.cpp'. An attacker with local access can manipulate this function, leading to a stack-based buffer overflo...

PoC for CVE-2026-8257

WebassemblyBinaryen4.8MEDIUM
WebAssembly Binaryen Denial of Service Vulnerability in BrOn Parser

A vulnerability in WebAssembly Binaryen's BrOn Parser has been identified, which can lead to a Denial of Service condition. Specifically, the issue lies within the function IRBuilder::makeBrOn in the wasm-ir-builder.cpp file. Manipulation of this function could trigger a reachable assertion failu...

Discovered 23 hours ago

PoC for CVE-2026-8252

Open5GS ProjectOpen5gs5.3MEDIUM
Null Pointer Dereference Vulnerability in Open5GS by Open5GS Project

A significant vulnerability has been identified in Open5GS versions up to 2.7.7, specifically within the SMF component's function smf_nsmf_handle_create_data_in_hsmf. This issue allows attackers to exploit a null pointer dereference, which can lead to denial of service. Importantly, this vulnerab...

PoC for CVE-2026-8251

Open5GSOpen5gs5.3MEDIUM
Denial of Service Vulnerability in Open5GS SMF by Open5GS

A denial of service vulnerability has been identified in the Open5GS SMF, specifically in the function update_authorized_pcc_rule_and_qos located in the file /src/smf/npcf-handler.c. This vulnerability allows an attacker to disrupt the service functionality remotely by performing manipulation on ...

PoC for CVE-2026-8250

Open5GSOpen5gs5.3MEDIUM
Denial of Service Vulnerability in Open5GS SMF by Open5GS

A denial of service vulnerability has been identified in Open5GS versions up to 2.7.7, specifically affecting the SMF component. The issue arises from a flaw in the function smf_n4_build_qos_flow_to_modify_list located in the /src/smf/n4-build.c file. This vulnerability allows remote attackers to...

PoC for CVE-2026-8249

Open5GSOpen5gs5.3MEDIUM
Denial of Service Vulnerability in Open5GS SMF by Open5GS

A vulnerability in Open5GS SMF impacting version 2.7.7 allows unauthorized manipulation of the function update_authorized_pcc_rule_and_qos within the source file /src/smf/npcf-handler.c. This results in a Denial of Service (DoS) condition, permitting remote exploitation. Despite being reported to...

Discovered 1 day ago

PoC for CVE-2026-8248

Open5GSOpen5gs5.3MEDIUM
Denial of Service Vulnerability in Open5GS SMF Component

A vulnerability in Open5GS, specifically within the SMF component, has been identified that could lead to a denial of service. The issue lies within the function update_authorized_pcc_rule_and_qos in the npcf-handler.c file. This flaw, present in versions up to 2.7.7, can be exploited remotely, p...

PoC for CVE-2020-25213

WordpressFile Manager🟣 EPSS 94%10CRITICAL
Remote Code Execution in File Manager Plugin for WordPress

The File Manager plugin for WordPress prior to version 6.9 contains a vulnerability that permits remote attackers to upload and execute arbitrary PHP code. The issue arises from the renaming of an insecure example elFinder connector file to have a .php extension. This flaw facilitates attackers t...

PoC for CVE-2026-25253

OpenclawOpenclaw8.8HIGH
WebSocket Vulnerability in OpenClaw by OpenClaw AI

An identified vulnerability in OpenClaw products before version 2026.1.29 allows the software to retrieve a gateway URL from a query string. This triggers an automatic WebSocket connection, which then sends a sensitive token value without user interaction. This flaw may expose users to unauthoriz...

PoC for CVE-2025-68664

Langchain-aiLangchain9.3CRITICAL
Serialization Injection Vulnerability in LangChain Framework

The LangChain framework, designed for building agents and LLM-powered applications, contains a serialization injection vulnerability in its dumps() and dumpd() functions. This flaw arises from the handling of user-controlled data, specifically when dictionaries containing 'lc' keys are serialized...