Publicly Disclosed
PoC Exploits

🔴 Alway take caution when working with PoC Exploits 🔴

Discovered just now...

PoC for CVE-2023-34468

ApacheApache Nifi🟣 EPSS 64%8.8HIGH
Apache NiFi: Potential Code Injection with Database Services using H2

The DBCPConnectionPool and HikariCPConnectionPool services in Apache NiFi versions 0.0.2 through 1.21.0 are susceptible to a vulnerability that allows an authenticated and authorized user to configure a Database URL leveraging the H2 driver, leading to potential execution of custom code. The reco...

Discovered 2 hours ago

PoC for CVE-2026-15511

ComfastCf-wr631ax V39.3CRITICAL
OS Command Injection in Comfast CF-WR631AX V3 Due to FastCGI Backen...

An OS command injection vulnerability exists in the Comfast CF-WR631AX V3, specifically in the system_wl_upload_pic_file function within the FastCGI Backend component. This vulnerability arises due to improper handling of the filename argument in the webmgnt interface, allowing an attacker to exe...

Discovered 3 hours ago

PoC for CVE-2026-15510

LeantimeLeantime5.3MEDIUM
Improper Authorization in Leantime Project Management System

A vulnerability exists in the Leantime Project Management System versions up to 3.8.0, where the 'Setting::saveSetting' function in the API does not properly enforce authorization checks. This flaw allows remote attackers to exploit the vulnerability, potentially manipulating critical configurati...

PoC for CVE-2026-15509

LeantimeLeantime5.3MEDIUM
Improper Authorization in Leantime Project Management System

A remote vulnerability exists in the Leantime project management system, specifically affecting versions up to 3.8.0. This flaw involves the JSON-RPC endpoint's editUser/addUser function, where improper authorization due to inadequate role manipulation can be exploited. Despite the vendor being n...

PoC for CVE-2026-15508

HeliconeAi-gateway5.3MEDIUM
Server-Side Request Forgery Vulnerability in Helicone ai-gateway

A vulnerability has been identified in Helicone ai-gateway up to version 0.2.0-beta.30, specifically in the AWS Metadata Service component. The flaw exists within the 'build_target_url' function located in 'ai-gateway/src/dispatcher/service.rs', where improper validation of the 'extracted_path_an...

PoC for CVE-2026-15507

CoollabsioCoolify5.3MEDIUM
Missing Authorization Vulnerability in Coollabsio Coolify Application

A vulnerability has been identified in the Coollabsio Coolify application, where an unknown function within the /app/Policies/ directory of the Policy Handler component lacks proper authorization checks. This oversight allows for the potential exploitation by unauthorized users, enabling them to ...

PoC for CVE-2026-43866

ApacheApache Camel7.3HIGH
Deserialization Vulnerability in Apache Camel JMS Component

A deserialization vulnerability exists in the Apache Camel JMS component where the JmsBinding.extractBodyFromJms() method can integrate untrusted data if the mapJmsMessage option is enabled, allowing attackers to publish arbitrary messages. This flaw permits precise manipulation of routing, heade...

Discovered 4 hours ago

PoC for CVE-2026-15506

SecureageCatcHPulse8.5HIGH
Heap-Based Buffer Overflow in SecureAge Technology's CatchPulse Driver

A security vulnerability has been identified in the SecureAge CatchPulse product, affecting versions up to 10.9.3. The vulnerability resides in an unknown function within the saappctl.sys driver component, which may allow a locally executed attack to manipulate memory, resulting in a heap-based b...

PoC for CVE-2023-38146

MicrosoftWindows 11 Version 21h2🟣 EPSS 39%8.8HIGH
Windows Themes Remote Code Execution Vulnerability

The Windows Themes Remote Code Execution vulnerability allows an attacker to execute arbitrary code on an affected system. By exploiting this vulnerability, an attacker could install programs, view, change, or delete data, or create new accounts with full user rights. The vulnerability arises fro...

Discovered 6 hours ago

PoC for CVE-2026-43499

LinuxLinux7.8HIGH
Linux Kernel Vulnerability in rtmutex Component Affecting Multiple ...

A vulnerability exists in the Linux kernel's rtmutex component where the remove_waiter() function incorrectly utilizes current instead of waiter::task during a dequeue operation within various mutex handling paths. This mismanagement leads to multiple issues, including potential use-after-free vu...

Discovered 7 hours ago

PoC for CVE-2026-43865

ApacheApache Camel8.1HIGH
Deserialization Vulnerability in Apache Camel Hazelcast Component

A deserialization vulnerability exists in the Apache Camel Hazelcast component, where untrusted data can be deserialized without adequate filtering. The component's default configuration allows objects received over the Hazelcast cluster protocol to be deserialized using the Java serialization me...

Discovered 13 hours ago

PoC for CVE-2026-15501

AstrbotdevsAstrbot5.3MEDIUM
Server-Side Request Forgery Vulnerability in AstrBot by AstrBotDevs

A security vulnerability has been identified in AstrBot up to version 4.25.2, impacting the MCP Test Endpoint functionality. Specifically, the issue arises in the function ToolsRoute.test_mcp_connection within the file astrbot/dashboard/routes/tools.py. This vulnerability allows remote attackers ...

PoC for CVE-2026-15500

AstrbotdevsAstrbot5.3MEDIUM
Server-Side Request Forgery in AstrBotDevs AstrBot Affects Multiple...

A vulnerability has been detected in AstrBotDevs AstrBot versions up to 4.25.2, specifically within the get_online_plugins function of the market_list endpoint. By manipulating the custom_registry parameter, an attacker can execute a server-side request forgery (SSRF) from a remote location. This...

Discovered 14 hours ago

PoC for CVE-2026-15499

AstrbotdevsAstrbot5.3MEDIUM
Improper Authorization in AstrBotDevs AstrBot Scheduled Task Handler

A security flaw has been identified in the Scheduled Task Handler of AstrBotDevs AstrBot prior to version 4.25.2. This vulnerability arises from the improper authorization within the FutureTaskTool.call function of the cron_tools.py file. A manipulation of the argument payload['note'] allows for ...

PoC for CVE-2026-15497

SoniccloudorgSonic-agent6.9MEDIUM
Code Injection Vulnerability in SonicCloudOrg Sonic-Agent

A vulnerability in the SonicCloudOrg sonic-agent up to version 2.7.2 has been identified, specifically impacting the JWT Authentication Filter. This flaw resides within the ExchangeController.java file and allows for code injection via an unknown function. Attackers could initiate this exploit re...

PoC for CVE-2026-15496

SoniccloudorgSonic-agent5.3MEDIUM
OS Command Injection in SonicCloudOrg Sonic-Agent Up to Version 2.7.2

A remote code execution vulnerability exists in SonicCloudOrg's sonic-agent, specifically in the evalIsFailed function located within the Groovy Script Handler component. This flaw allows attackers to manipulate operating system commands remotely, potentially leading to unauthorized access or con...

Discovered 15 hours ago

PoC for CVE-2026-15495

SoniccloudorgSonic-agent5.3MEDIUM
OS Command Injection Vulnerability in SonicCloudOrg Sonic-Agent up ...

A remote OS command injection vulnerability exists in the Android WebSocket Server component of SonicCloudOrg's sonic-agent, affecting versions up to 2.7.2. The flaw resides in the AndroidWSServer.java file, where improper handling of the argument path enables an attacker to execute arbitrary com...

PoC for CVE-2026-15494

AmttHotel Broadband Operat...5.1MEDIUM
SQL Injection Vulnerability in AMTT Hotel Broadband Operation Syste...

A vulnerability exists in the AMTT Hotel Broadband Operation System version 1.0, impacting the functionality of the file manager, specifically within the 'switch_status.php' file. This flaw allows remote attackers to manipulate the 'ID' argument, potentially leading to SQL injection attacks. Succ...

Discovered 18 hours ago

PoC for CVE-2019-1003030

JenkinsJenkins Pipeline: Groo...🟣 EPSS 76%9.9CRITICAL
Sandbox Bypass Vulnerability in Jenkins Pipeline Groovy Plugin by J...

A significant vulnerability affecting the Jenkins Pipeline: Groovy Plugin versions 2.63 and earlier allows attackers with control over pipeline scripts to bypass the intended sandbox environment. This flaw permits execution of arbitrary code on the Jenkins master JVM, posing serious security risk...

Discovered 20 hours ago

PoC for CVE-2026-15481

TrendnetTew-635brm8.7HIGH
Command Injection Vulnerability in Trendnet TEW-635BRM Router

A command injection vulnerability exists in the Trendnet TEW-635BRM router with firmware versions up to 1.00.03. This flaw affects the ipoa_test function within the /sbin/rc file for the IPoA WAN Connection Setup component. An attacker can exploit this vulnerability remotely by manipulating the i...

PoC for CVE-2026-15480

TrendnetTew-635brm8.7HIGH
Stack-based Buffer Overflow in Trendnet Router

A stack-based buffer overflow vulnerability has been identified in the web service functionality of Trendnet TEW-635BRM routers running firmware version 1.00.03 and earlier. The flaw resides in the start_httpd function located in the /sbin/rc file, where improper handling of the device_name argum...

PoC for CVE-2026-15479

H3cNx156.9MEDIUM
Weak Password Recovery in H3C NX15 by H3C

A vulnerability in H3C NX15 V100R017 affects the password modification endpoint, allowing attackers to exploit weak password recovery processes through the 'newPass' argument. This issue enables remote manipulation of administrator credentials, posing significant risks to system integrity. The vu...

Discovered 21 hours ago

PoC for CVE-2026-15478

IceHRMIcehrm5.3MEDIUM
SQL Injection Vulnerability in IceHRM UserReport Endpoint

A vulnerability has been identified in IceHRM versions up to 35.0.1, specifically affecting the UserReport Endpoint within the EmployeeAttendanceReport.php file. This flaw allows an attacker to manipulate the 'employeeList' argument, which can result in SQL injection. Such exploitation can be lau...

Discovered 22 hours ago

PoC for CVE-2026-15476

QilingDisk Master4.8MEDIUM
Access Control Vulnerability in QILING Disk Master Kernel Driver

A security flaw has been identified in QILING Disk Master 6.0.0.0, stemming from an unknown function within the diskbckp.sys library of the kernel driver. This vulnerability compromises access controls, leading to potential unauthorized operations within a local environment. Given that the exploi...

Discovered 23 hours ago

PoC for CVE-2026-15475

MinitoolPartition Wizard4.8MEDIUM
Local Privilege Escalation Vulnerability in MiniTool Partition Wiza...

A local privilege escalation vulnerability has been discovered in MiniTool Partition Wizard versions up to 13.6 due to improper access controls in the Signed Kernel Driver component (pwdrvio.sys). This vulnerability allows local attackers to manipulate function calls and gain elevated privileges....

PoC for CVE-2026-42527

ApacheApache Camel8.1HIGH
Deserialization Vulnerability in Apache Camel Components

A deserialization vulnerability exists in Apache Camel components, allowing attackers to send maliciously crafted Java-serialized payloads. When affected consumers deserialize a HashMap that includes java.net.URL keys, the JVM may perform DNS queries to an attacker-controlled host. This happens d...

PoC for CVE-2026-15474

EleveoCall Recording Software5.3MEDIUM
Improper Authorization Vulnerability in Eleveo Call Recording Software

A critical security flaw has been identified in the Eleveo Call Recording Software version 9.7.0, specifically related to the Call Recording Handler component. The vulnerability exists due to improper handling of the 'callId' argument within the audio.jsp file, allowing unauthorized users to gain...

Discovered 1 day ago

PoC for CVE-2026-15473

EleveoCall Recording Software5.3MEDIUM
Improper Authorization Vulnerability in Eleveo Call Recording Softw...

A significant vulnerability exists in Eleveo Call Recording Software version 9.7.0, specifically within the file processing of /callrec/restoreCallAction.do on the Recorded Calls Page. This flaw enables an attacker to manipulate access permissions improperly, potentially allowing unauthorized acc...

PoC for CVE-2026-46215

LinuxLinux7.8HIGH
Race Condition Vulnerability in Linux Kernel Affecting Multiple Pro...

A race condition has been identified in the Linux kernel related to the handling of device resources, specifically within the Direct Rendering Manager (DRM). This vulnerability arises during the prime swap operation where a single object can spawn two ID references. A concurrent operation, such a...

PoC for CVE-2026-15472

EleveoCall Recording Software5.3MEDIUM
Improper Authorization in Eleveo Call Recording Software

A vulnerability in Eleveo Call Recording Software version 9.7.0 has been identified, specifically in the file responsible for email composition functionality (/callrec/composeEmailAction.do). This flaw allows unauthorized manipulation through remote execution, leading to potential security breach...

PoC for CVE-2026-15471

EleveoCall Recording Software5.3MEDIUM
Improper Authorization in Eleveo Call Recording Software by Eleveo

A vulnerability has been identified in Eleveo Call Recording Software version 9.7.0, specifically affecting the /callrec/pci_dss_status.jsp file. This vulnerability allows for improper authorization due to manipulation of the affected part of the software. It poses a risk of remote exploitation, ...

PoC for CVE-2026-23744

McpjamInspector🟣 EPSS 44%9.8CRITICAL
Remote Code Execution Vulnerability in MCPJam Inspector by MCP

MCPJam Inspector, designed for local-first development on MCP servers, has a vulnerability allowing remote code execution (RCE) due to improper binding settings. In versions 1.4.2 and earlier, the platform listens on 0.0.0.0 by default, enabling attackers to exploit this configuration through cra...

PoC for CVE-2026-46331

LinuxLinux7.8HIGH
Page Cache Corruption Vulnerability in Linux Kernel - Vendor: Linux

An issue exists in the Linux Kernel where improper handling of copy-on-write (COW) operations can lead to page cache corruption. This is due to the tcf_pedit_act() function, which computes the COW range without considering runtime header offsets added by typed keys. As a result, portions of the w...

PoC for CVE-2024-13985

Zhejiang Dahua Te...Eims10CRITICAL
Command Injection Vulnerability in Dahua EIMS Products

A command injection vulnerability in Dahua EIMS allows unauthenticated remote attackers to execute arbitrary system commands. This issue arises from inadequate input validation on the captureCommand parameter processed via the capture_handle.action interface. Attackers can exploit this flaw by se...

PoC for CVE-2026-29114

DahuaIpc2.3LOW
Certificate Trust Vulnerability in Dahua Products

A security issue has been discovered in various Dahua security products that may allow an attacker to acquire the device’s CA root certificate. If this certificate is installed and trusted on client systems, it could enable an attacker to create fraudulent certificates that would be accepted as l...

PoC for CVE-2026-29115

DahuaIpc/sd6.9MEDIUM
Denial of Service Vulnerability in Dahua Security Products

A vulnerability identified in various Dahua security products enables an authenticated remote attacker to transmit a specially crafted packet. This can trigger an exception within the system, leading to an unexpected reboot of the device. Consequently, this vulnerability poses a risk of denial of...

PoC for CVE-2026-29116

DahuaIpc/sd/nvr/xvr/evs/vto...8.7HIGH
Remote Denial of Service Vulnerability in Dahua Security Products

A vulnerability has been identified in various Dahua security products that enables an unauthenticated remote attacker to send a specially crafted packet. This can lead to an exception that causes the affected system to reboot unexpectedly, subsequently resulting in a denial of service. Users are...

Discovered 2 days ago

PoC for CVE-2026-46242

LinuxLinux7.8HIGH
Eventpoll Memory Management Flaw in Linux Kernel

A memory management vulnerability in the Linux kernel's eventpoll subsystem allows for a misuse of freed memory, resulting from improper handling of file structures during critical operations. The flaw occurs when an ep_remove operation clears a file pointer under lock while allowing concurrent o...

PoC for CVE-2016-5195

CanonicalUbuntu Linux🟣 EPSS 84%7HIGH
Privilege Escalation Vulnerability in Linux Kernel by The Linux Fou...

A race condition exists in the Linux kernel that allows local users to gain elevated privileges. By exploiting improper handling of copy-on-write (COW) memory mappings, an attacker could modify files that are meant to be read-only. This vulnerability, known as 'Dirty COW', was notably used in att...

PoC for CVE-2021-28235

EtcdEtcd9.8CRITICAL
Authentication Vulnerability in Etcd-io by Etcd.io

The authentication vulnerability in Etcd-io v3.4.10 allows remote attackers to exploit the debug function, potentially enabling them to escalate their privileges. This flaw can be leveraged by malicious entities to gain unauthorized access, exposing sensitive information and compromising the inte...

PoC for CVE-2025-60787

MotionEye ProjectMotionEye🟣 EPSS 19%7.2HIGH
OS Command Injection Vulnerability in MotionEye by MotionEye Project

MotionEye versions up to and including 0.43.1b4 are susceptible to OS Command Injection through improperly sanitized configuration parameters like image_file_name. This vulnerability allows remote authenticated users with administrative privileges to inject malicious commands into Motion configur...

PoC for CVE-2026-9558

9.9CRITICAL
Server-Side Template Injection Vulnerability in Mautic's Theme Engine

A critical vulnerability in Mautic's theme engine allows authenticated users to upload and execute potentially malicious Twig templates. This design flaw grants users with theme upload permissions an opportunity to execute arbitrary code on the hosting server, thereby compromising system integrit...

PoC for CVE-2026-61459

Flux159Mcp-server-kubernetes9.3CRITICAL
Argument Injection Vulnerability in MCP Server Kubernetes

The MCP Server Kubernetes is affected by an argument injection vulnerability that impacts structured tools such as kubectl_get, kubectl_describe, and kubectl_delete. This flaw allows malicious actors to bypass the security checks by using specially crafted resourceType and name parameters with le...

PoC for CVE-2026-61460

KrayinLaravel-crm8.7HIGH
Insecure Direct Object Reference in Krayin CRM by Krayin

Krayin CRM versions up to 2.2.3 are susceptible to an insecure direct object reference vulnerability affecting several key controllers, including LeadController, PersonController, OrganizationController, QuoteController, and ActivityController. This flaw enables authenticated users to gain unauth...

PoC for CVE-2026-40860

ApacheApache Camel9.8CRITICAL
Remote Code Execution Vulnerability in Apache Camel JMS Component

A vulnerability exists in the Apache Camel JMS Component where the deserialization of ObjectMessage payloads occurs without an ObjectInputFilter. This flaw could allow an attacker to publish a specially crafted ObjectMessage to a queue or topic consumed by a Camel application, resulting in remote...

PoC for CVE-2026-61461

LanggeniusDify8.7HIGH
SQL Injection Vulnerability in Dify's MyScale Vector Store by LangG...

Dify, prior to version 1.16.0-rc1, is susceptible to a SQL injection vulnerability within its MyScale vector store backend. This issue arises from the failure to properly sanitize search parameters in the search_by_full_text method, allowing attackers to execute arbitrary SQL commands. By injecti...

PoC for CVE-2026-40859

ApacheApache Camel8.1HIGH
Deserialization of Untrusted Data Vulnerability in Apache Camel by ...

A deserialization vulnerability has been identified in the Apache Camel framework, specifically in the camel-vertx-http component. The flaw arises from improper handling of HTTP response bodies containing the Content-Type application/x-java-serialized-object. When configured with certain options,...

PoC for CVE-2024-51482

ZoneminderZoneminder🟣 EPSS 37%10CRITICAL
ZoneMinder vulnerable to SQL Injection, fix released in 1.37.64

ZoneMinder, a popular open-source closed-circuit television software, has a vulnerability that exposes versions v1.37.* up to and including v1.37.64 to a boolean-based SQL injection attack through the web/ajax/event.php endpoint. This flaw can allow an attacker to manipulate SQL queries, potentia...

PoC for CVE-2026-40858

ApacheApache Camel8.8HIGH
Remote Code Execution Vulnerability in Apache Camel Infinispan Comp...

The vulnerability in Apache Camel's Infinispan component arises from an insecure deserialization process involving ProtoStream. Specifically, the component employs java.io.ObjectInputStream to deserialize data from a remote Infinispan cache without utilizing an ObjectInputFilter, exposing the app...

PoC for CVE-2026-15377

EleveoCall Recording Software5.3MEDIUM
Improper Authorization Vulnerability in Eleveo Call Recording Software

The Eleveo Call Recording Software 9.7.0 contains a vulnerability related to improper authorization in the file handling process of /callrec/sendlogfile. This flaw allows attackers to exploit the system remotely, potentially gaining unauthorized access to sensitive information. The issue was publ...