Publicly Disclosed
PoC Exploits

đź”´ Alway take caution when working with PoC Exploits đź”´

Discovered just now...

PoC for CVE-2026-43735

AppleSafari8.1HIGH
Cross-Origin Data Exfiltration Vulnerability in Safari and iOS Prod...

A vulnerability has been identified in Safari and related Apple products that allows malicious websites to potentially exfiltrate sensitive data across different origins. The issue has been remediated with enhanced verification protocols in the latest versions, ensuring that requests made to exte...

Discovered 59 minutes ago

PoC for CVE-2026-42945

F5Nginx Plus🟣 EPSS 61%9.2CRITICAL
Heap Buffer Overflow in NGINX Plus and NGINX Open Source Affecting ...

A vulnerability exists in the ngx_http_rewrite_module of NGINX Plus and NGINX Open Source, triggered when a rewrite directive is followed by an if or set directive that includes a Perl-Compatible Regular Expression (PCRE) capture and a replacement string with a question mark. Attackers can exploi...

Discovered 2 hours ago

PoC for CVE-2026-34117

GuardianLanguage-system9.3CRITICAL
Guardian Language-System Unauthenticated OS Command Injection via i...

Guardian language-system passes the id GET parameter directly into a PHP exec() call in text_to_subtitles.php (line 19) without sanitization: exec(\"php jobs/text_to_subtitles.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can ...

Discovered 3 hours ago

PoC for CVE-2026-58454

JaiotlinkC492a-w6 Wi-fi Ip Camera7.7HIGH
Remote Code Execution Vulnerability in JAIOTlink Wi-Fi IP Cameras

The JAIOTlink C492A-W6 Wi-Fi IP cameras with firmware version 4.8.30.57701411 are vulnerable to a remote code execution flaw. Authenticated attackers can exploit this vulnerability by saving arbitrary shell scripts in the writable persistent JFFS2 storage. By utilizing the authenticated HTTP endp...

PoC for CVE-2026-58453

JaiotlinkC492a-w6 Wi-fi Ip Camera9.3CRITICAL
Hard-Coded Credentials Vulnerability in JAIOTlink C492A-W6 Wi-Fi IP...

The JAIOTlink C492A-W6 Wi-Fi IP cameras have a serious vulnerability where hard-coded credentials allow network-adjacent attackers to access the device. By exploiting default admin credentials and an empty password for the anyka_ipc HTTP service on port 80, unauthorized individuals can gain contr...

PoC for CVE-2026-58452

JaiotlinkC492a-w6 Wi-fi Ip Camera8.7HIGH
OS Command Injection in JAIOTlink C492A-W6 Wi-Fi IP Cameras by JAIO...

The JAIOTlink C492A-W6 Wi-Fi IP camera firmware version 4.8.30.57701411 is susceptible to an OS command injection flaw. This vulnerability allows authenticated attackers to execute arbitrary code remotely. By manipulating the Wireless parameter in the HTTP PUT NetSDK/Factory SetMAC endpoint, atta...

PoC for CVE-2026-57517

Control Web PanelControl Web Panel9.3CRITICAL
Blind SQL Injection in Control Web Panel Affects Web Management Ser...

The vulnerability in Control Web Panel allows unauthenticated attackers to exploit a blind SQL injection flaw. By submitting unsanitized input through the userRes POST parameter at the user endpoint, attackers can execute arbitrary SQL queries. This exploit can lead to unauthorized access to MySQ...

Discovered 4 hours ago

PoC for CVE-2026-58127

HylandPacsgear Mediawriter9.3CRITICAL
Unauthenticated Remote Code Execution in PACSgear MediaWriter

PACSgear MediaWriter 5.2.1 exposes a critical vulnerability via its .NET Remoting TCP service on port 9000. The service does not require authentication and allows remote attackers to read and write arbitrary files on the host system. By exploiting the unmarshalling technique of the MarshalByRefOb...

PoC for CVE-2026-58126

HylandPacsgear Pacs Scan9.3CRITICAL
Unauthenticated Remote Code Execution in PACSgear PACS Scan

PACSgear PACS Scan 5.2.1 is susceptible to an unauthenticated remote code execution vulnerability due to an exposed .NET Remoting TCP service operating on port 22222. This allows attackers to execute unauthorized commands and manipulate files remotely through PGImageExchQueue.exe without any auth...

Discovered 8 hours ago

PoC for CVE-2024-27198

JetbrainsTeamcity🟣 EPSS 100%9.8CRITICAL
Authentication Bypass in JetBrains TeamCity Allows Admin Actions

An authentication bypass vulnerability has been identified in JetBrains TeamCity, allowing unauthorized users to perform administrative actions. This flaw exists in versions of TeamCity prior to 2023.11.4 and poses a significant risk to the security of systems utilizing this software. Exploitatio...

Discovered 12 hours ago

PoC for CVE-2026-11570

WordPressUser Submitted Posts4.2MEDIUM
Stored Cross-Site Scripting in User Submitted Posts Plugin for Word...

The User Submitted Posts plugin for WordPress prior to version 20260608 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability. This occurs due to the failure to properly escape submitted values before they are displayed in an admin-configured template. An attacker can exploit this f...

PoC for CVE-2026-11568

WordPressProduct Configurator F...7.5HIGH
Public AJAX Data Exposure in WooCommerce Product Configurator by Wo...

The Product Configurator for WooCommerce plugin before version 1.7.3 has a serious flaw where it fails to implement necessary authorization checks before exposing WooCommerce product data via a public AJAX action. This oversight allows anyone, even unauthenticated users, to access sensitive produ...

PoC for CVE-2026-11883

WordPressWebauthn Provider For ...7.2HIGH
Two-Factor Authentication Bypass in WebAuthn Provider for WordPress...

The WebAuthn Provider for Two Factor WordPress plugin prior to version 2.5.6 contains a security flaw that fails to adequately validate the second-factor authentication responses. This vulnerability enables an attacker, who already possesses a user's password, to bypass the two-factor authenticat...

PoC for CVE-2026-11880

WordPressFluent Forms3.1LOW
Subscription Management Flaw in Fluent Forms Plugin for WordPress

The Fluent Forms plugin for WordPress prior to version 6.2.1 contains a vulnerability that allows low-privilege authenticated users to cancel subscriptions of other users. This flaw arises because the plugin fails to adequately verify the ownership of subscriptions before processing cancellation ...

PoC for CVE-2026-11794

WordPressAdvanced Form Integrat...8.1HIGH
User Role Assignment Flaw in Advanced Form Integration Plugin by Wo...

The Advanced Form Integration — Connect Forms to 200+ Apps WordPress plugin, prior to version 2.1.1, contains a security flaw that allows unauthenticated users to create user accounts with roles that may include administrator. This exploit arises when public form submissions configured through sp...

PoC for CVE-2026-11887

WordPressSalon Booking System4.3MEDIUM
Authorization Bypass in Salon Booking System for WordPress

The Salon Booking System plugin for WordPress lacks adequate authorization checks on specific AJAX actions, allowing authenticated users—such as subscribers—to make unauthorized modifications. This weakness enables them to alter settings and bypass the necessary manual approval process for new bo...

PoC for CVE-2026-11562

WordPressWs Form Lite4.3MEDIUM
Authorization Flaw in WS Form LITE Plugin for WordPress

The WS Form LITE plugin for WordPress versions prior to 1.11.8 contains an authorization vulnerability that permits authenticated users, with subscriber-level access or higher, to alter the plugin's critical settings without adequate checks. This loophole can lead to unauthorized modifications, p...

PoC for CVE-2026-10750

WordPressRoyal Mcp8.1HIGH
Token Authentication Bypass in Royal MCP WordPress Plugin

The Royal MCP WordPress plugin prior to version 1.4.26 lacks sufficient capability checks following token authentication. This deficiency permits authenticated users, even those with low-privileged roles such as Subscribers, to access private content, enumerate users and their roles, and manipula...

Discovered 13 hours ago

PoC for CVE-2025-15666

Open Asset Import...Assimp4.8MEDIUM
Heap-Based Buffer Overflow in Open Asset Import Library Assimp up t...

A security vulnerability exists in Open Asset Import Library (Assimp) prior to version 5.4.3, specifically within the Assimp::SceneCombiner::Copy function located in the Model File Handler component. This issue arises from manipulations involving width and height arguments, leading to a heap-base...

Discovered 14 hours ago

PoC for CVE-2026-58138

Conductor-ossConductor9.3CRITICAL
Unauthenticated Remote Code Execution in Orkes Conductor by Orkes

An unauthenticated remote code execution vulnerability in Orkes Conductor versions prior to 3.30.2 could allow remote attackers to execute arbitrary operating system commands by submitting malicious JavaScript or Python expressions through workflow definitions to the workflow API endpoint without...

PoC for CVE-2026-46490

TnganSamlify8.7HIGH
SAML Injection Vulnerability in samlify Library by TNGan

The samlify library, used for SAML single sign-on in Node.js applications, is susceptible to an injection vulnerability prior to version 2.13.0. This issue arises because the library's template substitution mechanism fails to properly escape values inserted into XML element texts, allowing an att...

Discovered 15 hours ago

PoC for CVE-2025-40271

LinuxLinux
Use-After-Free Vulnerability in Linux Kernel's Networking Interface

A use-after-free vulnerability in the Linux kernel's networking interface may allow an attacker to access freed memory. The issue arises in the `proc_readdir_de()` function when directory entries are concurrently modified while being traversed. During high-stress scenarios, unregistering network ...

PoC for CVE-2026-46300

LinuxLinux7.8HIGH
Shared Fragment Marker Issue in Linux Kernel Network Functionality

A vulnerability in the Linux kernel affects the handling of shared-frag markers during packet coalescing. Specifically, the function skb_try_coalesce() can improperly transfer ownership of page-backed fragments without preserving the shared-frag marker. This loss can disrupt later processing, not...

Discovered 17 hours ago

PoC for CVE-2012-1823

PHPPHP🟣 EPSS 100%9.8CRITICAL
Remote Code Execution Vulnerability in PHP CGI Configuration

This vulnerability in PHP occurs when the software is configured to run as a CGI script. Specifically, when the query string lacks an equals sign, PHP fails to handle it appropriately, which can lead to remote attackers executing arbitrary code. This occurs due to insufficient validation of comma...

Discovered 18 hours ago

PoC for CVE-2026-22557

Ubiquiti IncUnifi Network Application🟣 EPSS 16%10CRITICAL
Path Traversal Vulnerability in UniFi Network Application from Ubiq...

A Path Traversal vulnerability exists in the UniFi Network Application, allowing attackers within the network to exploit the system. This vulnerability can enable malicious actors to access and manipulate files on the underlying operating system. Successful exploitation may lead to unauthorized a...

Discovered 20 hours ago

PoC for CVE-2025-69212

Devcode-itOpenstamanager9.4CRITICAL
OS Command Injection Vulnerability in OpenSTAManager by DevCode

OpenSTAManager, an open source management tool for technical assistance and invoicing, has a vulnerability in the P7M file decoding functionality. Versions 2.9.8 and earlier allow authenticated attackers to upload a ZIP file containing a maliciously crafted .p7m file. This could lead to the execu...

Discovered 21 hours ago

PoC for CVE-2026-58450

InvoiceninjaInvoiceninja5.3MEDIUM
Open Redirect Vulnerability in Invoice Ninja Affected by External U...

Invoice Ninja versions up to 5.13.26 contain an open redirect vulnerability in the client portal login. This issue allows unauthenticated attackers to craft malicious login links that redirect authenticated users to attacker-controlled external URLs. By injecting a harmful value into the intended...

PoC for CVE-2026-58448

YunaivYudao-cloud7.1HIGH
Broken Access Control in Yudao Cloud BPM Module

The Yudao Cloud BPM module prior to version 2026.06 is susceptible to a broken access control vulnerability. This flaw enables any authenticated user to manipulate a caller-controlled process-instance identifier to access unprotected endpoints. Consequently, attackers can exploit this vulnerabili...

PoC for CVE-2026-58447

Iv-orgInvidious7.1HIGH
Broken Object Level Authorization in Invidious Affects User Playlists

Invidious versions up to 2.20260626.0 are susceptible to a broken object level authorization vulnerability, enabling authenticated attackers to delete videos from any user's playlists by manipulating global video indices in the remove_video action of the playlist endpoint. This vulnerability lack...

PoC for CVE-2026-58446

PresentonPresenton6.9MEDIUM
Authentication Bypass in Presenton before 0.8.8-beta

A security flaw in Presenton versions prior to 0.8.8-beta allows an unauthenticated remote attacker to access the MCP server at an unsecured endpoint. This issue stems from the nginx front-end failing to enforce authentication on the /mcp path. As a result, attackers can exploit the server to inv...

Discovered 22 hours ago

PoC for CVE-2026-31694

LinuxLinux7.8HIGH
Directory Entry Overflow in Linux Kernel FUSE Implementation

The Linux kernel's implementation of FUSE is vulnerable to a directory entry overflow due to improper validation of serialized directory entries. Specifically, the function `fuse_add_dirent_to_cache()` fails to verify whether a directory entry exceeds the maximum allowable size, allowing a malici...

PoC for CVE-2017-7494

SambaSamba🟣 EPSS 99%9.8CRITICAL
Remote Code Execution in Samba Versions 3.5.0 to 4.6.4 by Louis Lu

Samba versions 3.5.0 up to 4.6.4, along with specific earlier releases, contain a serious vulnerability where a malicious client can upload a shared library to a writable share. This exploit allows the server to load and execute the uploaded file, leading to unauthorized control and potential dam...

Discovered 23 hours ago

PoC for CVE-2019-2215

GoogleAndroid🟣 EPSS 72%7.8HIGH
Use-After-Free Vulnerability in Android Binder Leading to Elevation...

A use-after-free vulnerability exists in the Android Binder service, which could allow attackers to elevate privileges from an application to the Linux Kernel. Exploitation of this vulnerability does not require any interaction from the user; however, it necessitates either the installation of a ...

Discovered 1 day ago

PoC for CVE-2026-10580

WordPressHippoo Mobile App For ...9.8CRITICAL
Authentication Bypass in Hippoo Mobile App for WooCommerce Plugin

The Hippoo Mobile App for WooCommerce plugin for WordPress contains a vulnerability that allows unauthenticated users to bypass authentication protocols. This security flaw stems from a logic error within the HippooPermissions::get_user_permissions() function, which incorrectly grants full admini...

PoC for CVE-2026-56121

Feast-devFeast9.3CRITICAL
Remote Code Execution Due to Unsafe Deserialization in Feast by Fea...

An unsafe deserialization vulnerability in Feast prior to version 0.63.0 enables unauthorized parties to execute arbitrary code remotely. This flaw arises from the mishandling of the user_defined_function.body field within the OnDemandFeatureView specification. The field is decoded from base64 an...

PoC for CVE-2026-46817

OracleOracle Payments9.8CRITICAL
Unauthenticated File Transmission Vulnerability in Oracle E-Busines...

A vulnerability exists in the Oracle Payments component of the Oracle E-Business Suite, specifically in the File Transmission functionality. This flaw allows an unauthenticated attacker with network access via HTTP to exploit the Oracle Payments system. If successfully exploited, attackers could ...

PoC for CVE-2026-8037

Progress SoftwareLoadmaster9.6CRITICAL
OS Command Injection Flaw in Progress ADC Products

An OS command injection vulnerability exists in the API of Progress ADC Products, specifically affecting the LoadMaster appliance. This vulnerability allows unauthenticated attackers to execute arbitrary commands through unsanitized input in multiple command endpoints. Exploiting this weakness co...

PoC for CVE-2026-58377

JeecgbootJeecgboot8.6HIGH
Broken Access Control in JeecgBoot Affects User Credential Management

The JeecgBoot framework version 3.9.2 is susceptible to a broken access control vulnerability that allows authenticated users with low privileges to execute create, read, update, and delete operations on OpenAPI credentials. The issue arises due to missing Shiro authorization annotations on criti...

PoC for CVE-2026-58376

DolibarrDolibarr7.2HIGH
SQL Injection Vulnerability in Dolibarr ERP Software

Dolibarr ERP software versions up to 23.0.3 are susceptible to an SQL injection vulnerability that enables authenticated users to exfiltrate sensitive database contents. This flaw occurs due to inadequate validation of the sqlfilters query parameter in the setup dictionary and multicurrencies RES...

PoC for CVE-2026-58375

JeecgbootJimureport8.7HIGH
Unauthenticated Data Export Vulnerability in JimuReport by Jeecgboot

JimuReport versions up to 2.5.0 expose the /jmreport/auto/export endpoint without requiring authentication, due to improper configuration of the JimuNoLoginRequired annotation. This oversight allows any remote attacker to exploit the endpoint, effectively permitting enumeration of Snowflake repor...

PoC for CVE-2026-58371

SeaweedfsSeaweedfs2.3LOW
Cross-Origin Information Disclosure in SeaweedFS by SeaweedFS

SeaweedFS versions before 4.30 contain a vulnerability related to the handling of callback query parameters, which are reflected in responses without validation. This affects several JSON endpoints, including those that are accessible without authentication, potentially exposing sensitive informa...

PoC for CVE-2026-58176

DromaraRuoyi-vue-plus7.1HIGH
Authorization Bypass in RuoYi-Vue-Plus Workflow Management

RuoYi-Vue-Plus versions up to 5.6.2 have a significant security flaw where workflow task management endpoints lack proper authorization checks. This vulnerability allows any authenticated user, regardless of their role, to manipulate task assignments, circumventing the intended separation of duti...

PoC for CVE-2026-58172

ThreemammalsOcelot9.3CRITICAL
WebSocket Control Bypass in Ocelot by ThreeMammals

Ocelot, a popular API Gateway developed by ThreeMammals, is vulnerable to a security control bypass that impacts versions up to 24.1.0. This vulnerability arises from the WebSocket upgrade requests that can bypass IP-based access restrictions due to faulty configuration in the OcelotPipelineExten...

PoC for CVE-2026-58166

OpenbmbChatdev8.8HIGH
Path Traversal Vulnerability in OpenBMB ChatDev by OpenBMB

The OpenBMB ChatDev application through version 2.2.0 is affected by a path traversal vulnerability that allows unauthenticated remote attackers to manipulate file upload operations. By sending a malicious multipart filename to the file upload endpoint, attackers can exploit the inadequate saniti...

PoC for CVE-2026-58165

OpenzitiZiti8.7HIGH
Privilege Escalation in OpenZiti by OpenZiti

OpenZiti through version 2.0.0 is vulnerable to a privilege escalation flaw that allows authenticated non-admin users to create enrollments for any identity, including administrative accounts. This is due to insufficient authorization checks in the ApplyCreate function of enrollment_manager.go, w...

PoC for CVE-2024-31317

GoogleAndroid7.8HIGH
Unpatched Deserialization Vulnerability in ZygoteProcess.java Could...

A vulnerability has been identified in the Android Framework that allows potential code execution through unsafe deserialization in multiple functions of ZygoteProcess.java. This flaw enables local privilege escalation, requiring user execution privileges but eliminating the need for user interac...

PoC for CVE-2026-58116

HiyougaLlamafactory9.3CRITICAL
Remote Code Execution Vulnerability in LLaMA-Factory by Hugging Face

LLaMA-Factory versions up to 0.9.5 are susceptible to a remote code execution vulnerability that enables users with WebUI access to run arbitrary Python code. This occurs when a malicious model path is provided in the Chat or Training interfaces, allowing the application to pass unsanitized user ...

PoC for CVE-2026-43700

AppleSafari6.5MEDIUM
Cross-Origin Vulnerability in Safari and Apple Products

A cross-origin vulnerability has been identified in Safari and various Apple operating systems. This security issue arises from inadequate tracking of security origins, which could allow maliciously crafted web content to expose sensitive user information. Users are advised to update to the lates...

PoC for CVE-2026-44789

N8n-ioN8n9.4CRITICAL
Prototype Pollution Vulnerability in n8n Workflow Automation Platform

An authenticated user with permissions to create or modify workflows in n8n prior to versions 1.123.43, 2.22.1, and 2.20.7 could exploit an unvalidated pagination parameter within the HTTP Request node to perform global prototype pollution. This vulnerability poses a risk of remote code execution...

PoC for CVE-2023-43364

ArjunshardaSearchor9.8CRITICAL
Arbitrary Code Execution Vulnerability in Searchor by ArjunSharda

The Searchor application, developed by ArjunSharda, contains a flaw in its command-line interface input processing. Prior to version 2.4.2, the application utilizes the 'eval' function on user-provided input without sufficient validation. This oversight can lead to arbitrary code execution, enabl...