Publicly Disclosed
PoC Exploits
🔴 Alway take caution when working with PoC Exploits 🔴
Discovered 17 minutes ago
PoC for CVE-2025-22457
A stack-based buffer overflow vulnerability affects multiple Ivanti products, including Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti ZTA Gateways. This flaw allows remote unauthenticated attackers to exploit the vulnerability and achieve remote code execution. It is crucial for users o...
Discovered 36 minutes ago
PoC for CVE-2026-43499
A vulnerability exists in the Linux kernel's rtmutex component where the remove_waiter() function incorrectly utilizes current instead of waiter::task during a dequeue operation within various mutex handling paths. This mismanagement leads to multiple issues, including potential use-after-free vu...
Discovered 2 hours ago
PoC for CVE-2026-49230
A notable vulnerability exists in the jwe-decrypt plugin of Apache APISIX, which permits an authentication bypass under default configurations. This flaw can potentially allow unauthorized access to sensitive data or functions, thereby compromising the security of applications utilizing the affec...
PoC for CVE-2026-12685
The EscortWP escortwp WordPress theme through 3.6.2 was distributed with a vendor-authored, obfuscated backdoor that lets an unauthenticated attacker who supplies a hard-coded, per-build key permanently delete all of the site's content, and that covertly transmits the site URL, administrator emai...
PoC for CVE-2026-12276
The LA-Studio Element Kit for Elementor WordPress plugin before 1.6.1 does not check whether user registration is enabled on the site before creating an account through one of its unauthenticated AJAX actions, allowing unauthenticated attackers to register new accounts even when registration has ...
Discovered 3 hours ago
PoC for CVE-2026-61343
A vulnerability in the email template editor of LibreBooking allows an attacker with admin credentials to manipulate the file path of saved templates. This flaw enables the remote execution of arbitrary code outside the specified template directory. Vulnerable versions of LibreBooking prior to 5....
Discovered 4 hours ago
PoC for CVE-2026-15332
A security flaw in zhayujie CowAgent, affecting version 2.1.0 and earlier, allows remote attackers to exploit an unknown function in channel.py of the Message Endpoint. This vulnerability results in missing authorization checks, potentially compromising the application's security. Despite early n...
PoC for CVE-2026-15330
A server-side request forgery (SSRF) vulnerability was identified in the zhayujie CowAgent Vision Tool, specifically in the function _build_image_content/_download_to_data_url located in agent/tools/vision/vision.py. By manipulating the 'image' argument, an attacker can exploit this vulnerability...
Discovered 5 hours ago
PoC for CVE-2026-15329
A vulnerability exists in the zhayujie CowAgent's Browser Tool that allows for the potential unauthorized disclosure of sensitive information via the BrowserTool._do_navigate function in browser_tool.py. This issue can be triggered remotely, exposing users to data risks. The project maintainers h...
PoC for CVE-2026-53359
A vulnerability has been identified in the Linux kernel concerning the KVM x86 module, specifically a use-after-free scenario due to an unexpected role in shadow paging. This issue arises when a host modifies a Page Directory Entry (PDE) mapping from outside a guest virtual machine and subsequent...
PoC for CVE-2026-15326
A vulnerability has been identified in the Halo framework's theme installation process, specifically in the ThemeUtils.unzipThemeTo function of ThemeUtils.java. This vulnerability arises from unsafe handling of the metadata.name argument, allowing an attacker to manipulate file paths. Such exploi...
Discovered 6 hours ago
PoC for CVE-2026-15321
A cross site scripting vulnerability exists in the MyEMS Admin Backend prior to version 6.5.0, specifically within the on_post function of the svg.py file. This vulnerability allows attackers to manipulate the 'data' argument in a manner that can execute malicious scripts remotely. Although a pat...
PoC for CVE-2026-45585
A security feature bypass vulnerability exists in Microsoft Windows, referred to as 'YellowKey.' This flaw could allow unauthorized access to restricted features, compromising system integrity. A proof of concept has been publicly released, contrary to established security practices. Users are ad...
PoC for CVE-2026-15320
A significant vulnerability exists in Sipeed PicoClaw versions up to 0.2.9, specifically impacting the rt.ReloadConfig function located in pkg/channels/pico/pico.go. By manipulating the message.send argument, attackers can bypass authorization checks, allowing unauthorized access to critical func...
PoC for CVE-2026-57517
The vulnerability in Control Web Panel allows unauthenticated attackers to exploit a blind SQL injection flaw. By submitting unsanitized input through the userRes POST parameter at the user endpoint, attackers can execute arbitrary SQL queries. This exploit can lead to unauthorized access to MySQ...
Discovered 7 hours ago
PoC for CVE-2026-15319
A vulnerability in Sipeed PicoClaw versions up to 0.2.9 has been discovered, affecting the IPAllowlist function located in the access_control.go file of the Launcher component. This flaw allows for improper access control configurations, which can be exploited remotely. The issue has been publicl...
PoC for CVE-2026-15318
A vulnerability exists in the Sipeed PicoClaw MQTT Channel Handler that allows for incorrect authorization due to improper manipulation of the client_id argument in the mqtt.go file. This weakness can be exploited remotely, enabling attackers to bypass authorization mechanisms. The exploit has be...
Discovered 10 hours ago
PoC for CVE-2026-58144
Cotonti Siena versions prior to 0.9.27 are susceptible to a stored cross-site scripting (XSS) vulnerability that occurs when authenticated users with PFS (Personal Files System) access can inject arbitrary script payloads through the ntitle parameter. This malicious HTML code is processed through...
PoC for CVE-2026-15276
A vulnerability has been identified in pdeljanov Symphonia, specifically within the Metadata Handler component, affecting all versions up to 0.6.0. This flaw allows for a denial of service condition that can be exploited through local access. Successful exploitation could disrupt service, and a p...
Discovered 11 hours ago
PoC for CVE-2026-15274
A vulnerability in the lo48576 fbxcel product, specifically in the Node Header Handler within the pull_parser component, can be exploited to cause a denial of service. The issue resides in the src/pull_parser/v7400/parser.rs file, where improper handling can lead to service interruptions. This ex...
Discovered 13 hours ago
PoC for CVE-2026-15270
A vulnerability exists in the D-Link DIR-823G router's web interface, specifically in the /etc/boa/boa.conf file, which can be exploited via remote manipulation. This weakness may allow attackers to bypass privilege restrictions, potentially leading to unauthorized actions within the device. Alth...
Discovered 15 hours ago
PoC for CVE-2026-15202
A security flaw has been identified in the YzmCMS component 'Header Handler' in versions up to 7.5, specifically within the get_url function located in the yzmphp.php file. This vulnerability arises from improper validation of the HTTP_HOST argument, allowing attackers to perform cross-site scrip...
PoC for CVE-2026-40473
The Apache Camel MinaConverter component is prone to a vulnerability that permits an attacker to exploit the serialization process by sending a crafted serialized Java object over the network. This issue occurs due to the lack of ObjectInputFilter or class-loading restrictions when the MinaConver...
PoC for CVE-2026-15194
A security flaw has been identified in Open5GS version 2.7.7 affecting the AMF component's function amf_context_final located in src/amf/context.c. This vulnerability arises from improper handling of memory, leading to a use after free condition. An attacker with local access can exploit this fla...
Discovered 16 hours ago
PoC for CVE-2026-15193
AidanPark's openclaw-android is susceptible to an OS command injection vulnerability due to a flaw in the Android WebView Bridge component. This issue arises from improper handling of functions within JsBridge.kt, which allows local attackers to inject arbitrary commands into the system. As this ...
PoC for CVE-2026-15192
A vulnerability has been identified in Mettle Sendportal, specifically in the APIv1 Webhooks component that handles sendgrid, postmark, postal, and mailjet functionalities. This flaw results in missing authentication, allowing potential attackers to exploit the system remotely. The vulnerability ...
PoC for CVE-2026-15191
A vulnerability has been identified in Mettle SendPortal, specifically within the Campaign Creation Endpoint. This flaw allows an attacker to bypass authorization controls by manipulating the request handling mechanism in the CampaignStoreRequest.php file. The vulnerability is remotely exploitabl...
Discovered 17 hours ago
PoC for CVE-2021-3712
ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) b...
PoC for CVE-2026-15190
A security vulnerability has been identified in SourceCodester's Simple and Nice Shopping Cart Script 1.0 that allows for SQL injection attacks via the '/login.php' file. By manipulating the 'Username' argument, attackers can exploit this weakness to execute unauthorized SQL commands remotely, po...
PoC for CVE-2026-15188
A vulnerability has been discovered in the Django Job Portal's Employee Dashboard Endpoint, specifically within the function EditEmployeeProfileAPIView. This weakness allows for improper access control due to manipulation of the role argument. Attackers may exploit this flaw remotely, as the nece...
Discovered 18 hours ago
PoC for CVE-2026-15187
A security flaw has been identified in the Enquirer library, impacting versions up to 2.4.1. The vulnerability lies within the Enquirer.set function of the Public Package API, where improper handling of the question.name argument leads to uncontrolled modifications of object prototype attributes....
Discovered 20 hours ago
PoC for CVE-2026-15185
A vulnerability has been identified in GPAC's MP4Box, specifically in the vobsub_read_idx function found within the /src/media_tools/vobsub.c file. A local attacker can exploit this vulnerability by manipulating the num_langs argument, potentially leading to an out-of-bounds read. The exploit has...
PoC for CVE-2026-15184
A local vulnerability exists in GNU LibreDWG's DWG File Handler due to a null pointer dereference in the dwg_next_entity function. This issue can be exploited by manipulating the next_obj argument, potentially leading to application crashes. Users are strongly advised to upgrade to version 0.14 t...
Discovered 21 hours ago
PoC for CVE-2026-15182
A vulnerability exists in the BMP Image Handler of GNU LibreDWG versions up to 0.13.4, specifically in the dwg_bmp function within src/dwg.c. This flaw allows for a locally executed heap-based buffer overflow, which can lead to potential exploitation of memory corruption. To mitigate this risk, u...
PoC for CVE-2026-53571
The vulnerability in Vite, a widely-used frontend tooling framework for JavaScript, poses a significant security risk on Windows systems. Prior to specific versions (8.0.16, 7.3.5, and 6.4.3), the server.fs.deny configuration meant to prevent access to sensitive files can be bypassed. Due to impr...
Discovered 22 hours ago
PoC for CVE-2026-50746
A vulnerability exists in the UniFi Connect Application due to improper access control mechanisms. This flaw allows a malicious actor with network access to exploit the system by executing arbitrary commands on the host device. As a result, unauthorized actions could be performed, potentially com...
Discovered 23 hours ago
PoC for CVE-2026-50131
The Fedify TypeScript library, used for building federated server applications powered by ActivityPub, has a critical vulnerability relating to Server-Side Request Forgery. While prior updates attempted to address internal network access by adding public URL validation for outbound fetches, the v...
Discovered 1 day ago
PoC for CVE-2026-43499
A vulnerability exists in the Linux kernel's rtmutex component where the remove_waiter() function incorrectly utilizes current instead of waiter::task during a dequeue operation within various mutex handling paths. This mismanagement leads to multiple issues, including potential use-after-free vu...
PoC for CVE-2026-12517
The Fediverse Embeds WordPress plugin, prior to version 1.5.8, contains a vulnerability that permits unauthenticated users to conduct Server-Side Request Forgery (SSRF) attacks. Through a compromised site-info endpoint, attackers can send requests to internal and private-network URLs, thereby obt...
PoC for CVE-2026-11869
The WP DSGVO Tools (GDPR) plugin for WordPress, prior to version 3.1.40, contains a security flaw that lacks proper authorization checks in its data subject access request processing. This vulnerability enables unauthenticated attackers to generate and download full personal data exports, which m...
PoC for CVE-2026-11571
The Everest Forms plugin for WordPress, prior to version 3.5.0, fails to properly manage temporary CSV files created during email notification processes. This oversight leaves the files accessible in the public uploads directory. As a result, unauthenticated attackers can exploit this vulnerabili...
PoC for CVE-2026-12516
The Fediverse Embeds WordPress plugin prior to version 1.5.8 is susceptible to a security flaw that permits unauthenticated users to submit server-side requests to arbitrary URLs. This vulnerability arises from the lack of validation checks on the destination of the requests made through a media-...
PoC for CVE-2026-11875
The WP Support Plus Responsive Ticket System plugin for WordPress, up to version 9.1.2, is vulnerable due to its lack of signing and verification of guest-session cookies. This flaw enables unauthenticated users to create forged cookies, allowing them to impersonate legitimate ticket owners. Cons...
PoC for CVE-2026-12270
The Everest Forms WordPress plugin prior to version 3.5.0 contains an access control issue that allows unauthenticated users to exploit vulnerabilities in its onboarding assistant features. This flaw arises from insufficient checks on specific REST API endpoints, enabling attackers to bypass capa...
PoC for CVE-2023-0386
A vulnerability exists in the Linux kernel's OverlayFS subsystem that enables a local user to gain unauthorized access to a setuid file with capabilities. This issue arises when a user copies a capable file from a nosuid mount to another mount, leading to potential privilege escalation. The uid m...
PoC for CVE-2025-27636
A bypass and injection vulnerability exists in Apache Camel stemming from a flaw in its default header filtering mechanism. This flaw allows attackers to circumvent protective measures by manipulating the casing of header names. As a result, they can inject malicious headers which may invoke arbi...
PoC for CVE-2026-44825
A vulnerability in Apache Solr allows for remote unauthorized access due to hardcoded default credentials in the Basic Authentication setup tool. Versions 9.4.0 through 9.10.1 and 10.0.0 are particularly exposed, as attackers can leverage these known credentials to gain full control over the Solr...
PoC for CVE-2026-40048
The FileBasedKeyLifecycleManager class in Apache Camel allows deserialization of `<keyId>.key` files using java.io.ObjectInputStream without implementing ObjectInputFilter or restricting class loading. This flaw can lead to arbitrary code execution due to unsanitized deserialization methods being...
PoC for CVE-2021-40346
An integer overflow vulnerability is present in HAProxy versions 2.0 through 2.5. This flaw is associated with the htx_add_header function, enabling attackers to exploit the vulnerability to conduct an HTTP request smuggling attack. By bypassing all configured HTTP request Access Control Lists (A...
PoC for CVE-2026-15138
A security vulnerability has been identified in Tumf's MCP Text Editor, specifically in the _validate_file_path function found in text_editor.py. This vulnerability allows an attacker to perform path traversal by manipulating the 'file_path' argument, potentially gaining unauthorized access to se...