Publicly Disclosed
PoC Exploits
🔴 Alway take caution when working with PoC Exploits 🔴
Discovered just now...
PoC for CVE-2025-60787
MotionEye versions up to and including 0.43.1b4 are susceptible to OS Command Injection through improperly sanitized configuration parameters like image_file_name. This vulnerability allows remote authenticated users with administrative privileges to inject malicious commands into Motion configur...
Discovered 2 hours ago
PoC for CVE-2026-9558
A critical vulnerability in Mautic's theme engine allows authenticated users to upload and execute potentially malicious Twig templates. This design flaw grants users with theme upload permissions an opportunity to execute arbitrary code on the hosting server, thereby compromising system integrit...
Discovered 5 hours ago
PoC for CVE-2026-61459
The MCP Server Kubernetes is affected by an argument injection vulnerability that impacts structured tools such as kubectl_get, kubectl_describe, and kubectl_delete. This flaw allows malicious actors to bypass the security checks by using specially crafted resourceType and name parameters with le...
PoC for CVE-2026-61460
Krayin CRM versions up to 2.2.3 are susceptible to an insecure direct object reference vulnerability affecting several key controllers, including LeadController, PersonController, OrganizationController, QuoteController, and ActivityController. This flaw enables authenticated users to gain unauth...
PoC for CVE-2026-40860
A vulnerability exists in the Apache Camel JMS Component where the deserialization of ObjectMessage payloads occurs without an ObjectInputFilter. This flaw could allow an attacker to publish a specially crafted ObjectMessage to a queue or topic consumed by a Camel application, resulting in remote...
PoC for CVE-2026-61461
Dify, prior to version 1.16.0-rc1, is susceptible to a SQL injection vulnerability within its MyScale vector store backend. This issue arises from the failure to properly sanitize search parameters in the search_by_full_text method, allowing attackers to execute arbitrary SQL commands. By injecti...
PoC for CVE-2026-40859
A deserialization vulnerability has been identified in the Apache Camel framework, specifically in the camel-vertx-http component. The flaw arises from improper handling of HTTP response bodies containing the Content-Type application/x-java-serialized-object. When configured with certain options,...
Discovered 7 hours ago
PoC for CVE-2024-51482
ZoneMinder, a popular open-source closed-circuit television software, has a vulnerability that exposes versions v1.37.* up to and including v1.37.64 to a boolean-based SQL injection attack through the web/ajax/event.php endpoint. This flaw can allow an attacker to manipulate SQL queries, potentia...
PoC for CVE-2026-40858
The vulnerability in Apache Camel's Infinispan component arises from an insecure deserialization process involving ProtoStream. Specifically, the component employs java.io.ObjectInputStream to deserialize data from a remote Infinispan cache without utilizing an ObjectInputFilter, exposing the app...
PoC for CVE-2026-15377
The Eleveo Call Recording Software 9.7.0 contains a vulnerability related to improper authorization in the file handling process of /callrec/sendlogfile. This flaw allows attackers to exploit the system remotely, potentially gaining unauthorized access to sensitive information. The issue was publ...
Discovered 8 hours ago
PoC for CVE-2026-15376
A serious vulnerability has been identified in Eleveo Call Recording Software version 9.7.0, specifically involving the file /callrec/statisticReportAction.do. This issue allows for improper authorization, which means that unauthorized users can gain access to sensitive functionalities of the sof...
PoC for CVE-2026-15375
A vulnerability has been identified in Eleveo Call Recording Software 9.7.0, affecting the LDAP User Interface located at /callrec/users_ldap.jsp. This security flaw allows unauthorized access, potentially enabling attackers to manipulate files remotely. The exploit has been made public, increasi...
PoC for CVE-2026-15374
A security flaw in Eleveo Call Recording Software version 9.7.0 has been identified, affecting an element of its group interface. This vulnerability allows attackers to manipulate the file /callrec/roleAddAction.do, potentially leading to unauthorized access via remote execution. Despite early no...
Discovered 9 hours ago
PoC for CVE-2026-15373
A vulnerability exists in Eleveo Call Recording Software version 9.7.0, where manipulation of the 'role' argument in the endpoint /callrec/userAddAction.do leads to improper authorization. This flaw allows an attacker to exploit the system remotely, granting unauthorized access to sensitive funct...
PoC for CVE-2026-29519
The Lucee CFML Server versions 5.3.x, 6.1.x, 6.2.x, and 7.0.x are vulnerable to a reflected cross-site scripting vulnerability due to improper input handling in URL path parsing. This flaw allows unauthenticated remote attackers to inject arbitrary JavaScript into the server's responses. Attacker...
Discovered 13 hours ago
PoC for CVE-2026-56423
MISP Core features critical access control flaws that allow authorized users to delete event reports and sharing groups owned by other organizations. Specifically, the deleteSelection handlers for both Event Reports and Sharing Groups leverage broad role permissions instead of stringent ownership...
Discovered 15 hours ago
PoC for CVE-2025-22457
A stack-based buffer overflow vulnerability affects multiple Ivanti products, including Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti ZTA Gateways. This flaw allows remote unauthenticated attackers to exploit the vulnerability and achieve remote code execution. It is crucial for users o...
Discovered 16 hours ago
PoC for CVE-2026-43499
A vulnerability exists in the Linux kernel's rtmutex component where the remove_waiter() function incorrectly utilizes current instead of waiter::task during a dequeue operation within various mutex handling paths. This mismanagement leads to multiple issues, including potential use-after-free vu...
Discovered 17 hours ago
PoC for CVE-2026-49230
A notable vulnerability exists in the jwe-decrypt plugin of Apache APISIX, which permits an authentication bypass under default configurations. This flaw can potentially allow unauthorized access to sensitive data or functions, thereby compromising the security of applications utilizing the affec...
PoC for CVE-2026-12685
The EscortWP WordPress theme, specifically version 3.6.2, contains a vendor-created obfuscated backdoor allowing unauthenticated attackers to execute damaging actions on the site. This vulnerability enables malicious actors to delete all content permanently by utilizing a hard-coded, per-build ke...
PoC for CVE-2026-12276
The LA-Studio Element Kit for Elementor WordPress plugin, prior to version 1.6.1, suffers from a security flaw where it permits unauthenticated users to register accounts even when user registration is disabled across the WordPress site. This vulnerability arises from the plugin's failure to veri...
Discovered 18 hours ago
PoC for CVE-2026-61343
A vulnerability in the email template editor of LibreBooking allows an attacker with admin credentials to manipulate the file path of saved templates. This flaw enables the remote execution of arbitrary code outside the specified template directory. Vulnerable versions of LibreBooking prior to 5....
Discovered 19 hours ago
PoC for CVE-2026-15332
A security flaw in zhayujie CowAgent, affecting version 2.1.0 and earlier, allows remote attackers to exploit an unknown function in channel.py of the Message Endpoint. This vulnerability results in missing authorization checks, potentially compromising the application's security. Despite early n...
PoC for CVE-2026-15330
A server-side request forgery (SSRF) vulnerability was identified in the zhayujie CowAgent Vision Tool, specifically in the function _build_image_content/_download_to_data_url located in agent/tools/vision/vision.py. By manipulating the 'image' argument, an attacker can exploit this vulnerability...
Discovered 20 hours ago
PoC for CVE-2026-15329
A vulnerability exists in the zhayujie CowAgent's Browser Tool that allows for the potential unauthorized disclosure of sensitive information via the BrowserTool._do_navigate function in browser_tool.py. This issue can be triggered remotely, exposing users to data risks. The project maintainers h...
PoC for CVE-2026-53359
A vulnerability has been identified in the Linux kernel concerning the KVM x86 module, specifically a use-after-free scenario due to an unexpected role in shadow paging. This issue arises when a host modifies a Page Directory Entry (PDE) mapping from outside a guest virtual machine and subsequent...
PoC for CVE-2026-15326
A vulnerability has been identified in the Halo framework's theme installation process, specifically in the ThemeUtils.unzipThemeTo function of ThemeUtils.java. This vulnerability arises from unsafe handling of the metadata.name argument, allowing an attacker to manipulate file paths. Such exploi...
Discovered 21 hours ago
PoC for CVE-2026-15321
A cross site scripting vulnerability exists in the MyEMS Admin Backend prior to version 6.5.0, specifically within the on_post function of the svg.py file. This vulnerability allows attackers to manipulate the 'data' argument in a manner that can execute malicious scripts remotely. Although a pat...
PoC for CVE-2026-45585
A security feature bypass vulnerability exists in Microsoft Windows, referred to as 'YellowKey.' This flaw could allow unauthorized access to restricted features, compromising system integrity. A proof of concept has been publicly released, contrary to established security practices. Users are ad...
PoC for CVE-2026-15320
A significant vulnerability exists in Sipeed PicoClaw versions up to 0.2.9, specifically impacting the rt.ReloadConfig function located in pkg/channels/pico/pico.go. By manipulating the message.send argument, attackers can bypass authorization checks, allowing unauthorized access to critical func...
PoC for CVE-2026-57517
The vulnerability in Control Web Panel allows unauthenticated attackers to exploit a blind SQL injection flaw. By submitting unsanitized input through the userRes POST parameter at the user endpoint, attackers can execute arbitrary SQL queries. This exploit can lead to unauthorized access to MySQ...
Discovered 22 hours ago
PoC for CVE-2026-15319
A vulnerability in Sipeed PicoClaw versions up to 0.2.9 has been discovered, affecting the IPAllowlist function located in the access_control.go file of the Launcher component. This flaw allows for improper access control configurations, which can be exploited remotely. The issue has been publicl...
PoC for CVE-2026-15318
A vulnerability exists in the Sipeed PicoClaw MQTT Channel Handler that allows for incorrect authorization due to improper manipulation of the client_id argument in the mqtt.go file. This weakness can be exploited remotely, enabling attackers to bypass authorization mechanisms. The exploit has be...
Discovered 1 day ago
PoC for CVE-2026-15311
A cross-site scripting vulnerability exists in the Matrix Adapter component of NousResearch's Hermes-Agent, specifically in the MatrixAdapter._markdown_to_html function located in the gateway/platforms/matrix.py file. This flaw allows attackers to execute scripts remotely by manipulating markdown...
PoC for CVE-2026-58144
Cotonti Siena versions prior to 0.9.27 are susceptible to a stored cross-site scripting (XSS) vulnerability that occurs when authenticated users with PFS (Personal Files System) access can inject arbitrary script payloads through the ntitle parameter. This malicious HTML code is processed through...
PoC for CVE-2026-15276
A vulnerability has been identified in pdeljanov Symphonia, specifically within the Metadata Handler component, affecting all versions up to 0.6.0. This flaw allows for a denial of service condition that can be exploited through local access. Successful exploitation could disrupt service, and a p...
PoC for CVE-2026-15274
A vulnerability in the lo48576 fbxcel product, specifically in the Node Header Handler within the pull_parser component, can be exploited to cause a denial of service. The issue resides in the src/pull_parser/v7400/parser.rs file, where improper handling can lead to service interruptions. This ex...
PoC for CVE-2026-15270
A vulnerability exists in the D-Link DIR-823G router's web interface, specifically in the /etc/boa/boa.conf file, which can be exploited via remote manipulation. This weakness may allow attackers to bypass privilege restrictions, potentially leading to unauthorized actions within the device. Alth...
PoC for CVE-2026-15202
A security flaw has been identified in the YzmCMS component 'Header Handler' in versions up to 7.5, specifically within the get_url function located in the yzmphp.php file. This vulnerability arises from improper validation of the HTTP_HOST argument, allowing attackers to perform cross-site scrip...
PoC for CVE-2026-40473
The Apache Camel MinaConverter component is prone to a vulnerability that permits an attacker to exploit the serialization process by sending a crafted serialized Java object over the network. This issue occurs due to the lack of ObjectInputFilter or class-loading restrictions when the MinaConver...
PoC for CVE-2026-15194
A security flaw has been identified in Open5GS version 2.7.7 affecting the AMF component's function amf_context_final located in src/amf/context.c. This vulnerability arises from improper handling of memory, leading to a use after free condition. An attacker with local access can exploit this fla...
PoC for CVE-2026-15193
AidanPark's openclaw-android is susceptible to an OS command injection vulnerability due to a flaw in the Android WebView Bridge component. This issue arises from improper handling of functions within JsBridge.kt, which allows local attackers to inject arbitrary commands into the system. As this ...
PoC for CVE-2026-15192
A vulnerability has been identified in Mettle Sendportal, specifically in the APIv1 Webhooks component that handles sendgrid, postmark, postal, and mailjet functionalities. This flaw results in missing authentication, allowing potential attackers to exploit the system remotely. The vulnerability ...
PoC for CVE-2026-15191
A vulnerability has been identified in Mettle SendPortal, specifically within the Campaign Creation Endpoint. This flaw allows an attacker to bypass authorization controls by manipulating the request handling mechanism in the CampaignStoreRequest.php file. The vulnerability is remotely exploitabl...
PoC for CVE-2021-3712
ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) b...
PoC for CVE-2026-15190
A security vulnerability has been identified in SourceCodester's Simple and Nice Shopping Cart Script 1.0 that allows for SQL injection attacks via the '/login.php' file. By manipulating the 'Username' argument, attackers can exploit this weakness to execute unauthorized SQL commands remotely, po...
PoC for CVE-2026-15188
A vulnerability has been discovered in the Django Job Portal's Employee Dashboard Endpoint, specifically within the function EditEmployeeProfileAPIView. This weakness allows for improper access control due to manipulation of the role argument. Attackers may exploit this flaw remotely, as the nece...
PoC for CVE-2026-15187
A security flaw has been identified in the Enquirer library, impacting versions up to 2.4.1. The vulnerability lies within the Enquirer.set function of the Public Package API, where improper handling of the question.name argument leads to uncontrolled modifications of object prototype attributes....
PoC for CVE-2026-15185
A vulnerability has been identified in GPAC's MP4Box, specifically in the vobsub_read_idx function found within the /src/media_tools/vobsub.c file. A local attacker can exploit this vulnerability by manipulating the num_langs argument, potentially leading to an out-of-bounds read. The exploit has...
PoC for CVE-2026-15184
A local vulnerability exists in GNU LibreDWG's DWG File Handler due to a null pointer dereference in the dwg_next_entity function. This issue can be exploited by manipulating the next_obj argument, potentially leading to application crashes. Users are strongly advised to upgrade to version 0.14 t...