Publicly Disclosed
PoC Exploits

🔴 Alway take caution when working with PoC Exploits 🔴

Discovered just now...

PoC for CVE-2026-50416

MicrosoftWindows 11 Version 24h23.3LOW
Information Disclosure Vulnerability in Microsoft Windows Win32K

An information disclosure vulnerability in Windows Win32K allows authorized attackers to access sensitive information locally. This security flaw could enable an unauthorized actor to obtain confidential data, leading to potential exploitation in compromised systems. Users are urged to apply avai...

Discovered 38 minutes ago

PoC for CVE-2026-48203

ApacheApache Camel9.1CRITICAL
Server-Side Request Forgery and Injection Risk in Apache Camel Solr...

A vulnerability exists in the Apache Camel Solr component that allows an attacker to exploit improper input validation and header handling. Specifically, malicious users can manipulate Exchange message headers intended for Solr requests, potentially leading to server-side request forgery (SSRF) a...

Discovered 3 hours ago

PoC for CVE-2026-47323

ApacheApache Camel9.8CRITICAL
Message Header Injection Vulnerability in Apache Camel CXF and Knative

The implementations of HeaderFilterStrategy in Apache Camel, specifically CxfRsHeaderFilterStrategy and KnativeHttpHeaderFilterStrategy, fail to appropriately filter inbound headers, allowing unauthenticated attackers to inject internal Camel headers through HTTP requests. This vulnerability can ...

Discovered 4 hours ago

PoC for CVE-2026-63308

HelmHelm5.3MEDIUM
Denial of Service Vulnerability in Helm Product by Helm Project

Helm versions up to 4.2.3 contain a vulnerability in the Files.Lines template helper that can lead to a denial of service. An attacker can exploit this flaw by including zero-length byte slices in chart files, causing the Helm engine to panic and resulting in deterministic render failures. This i...

PoC for CVE-2026-63101

FossasiaOpen-event-server8.7HIGH
Missing Authentication Vulnerability in Open Event Server by Open E...

Open Event Server versions up to 1.19.1 are susceptible to a missing authentication flaw which permits unauthorized access to sensitive user information. This vulnerability enables attackers to export the complete member roster of any group via the CSV export endpoint without needing to authentic...

PoC for CVE-2026-63100

Maybe-financeMaybe7.1HIGH
Missing Authorization Vulnerability in Maybe Product by Geo Chen

A missing authorization vulnerability in the Maybe product allows authenticated users with low privileges to exploit global hosting settings. By leveraging unprotected actions in the Settings::HostingsController, these users can modify critical configurations, access the operator's Synth API key ...

PoC for CVE-2026-63099

Thehive-projectThehive7.1HIGH
Broken Object-Level Authorization in TheHive by TheHive Project

TheHive version 4.1.24 contains a broken object-level authorization vulnerability that affects its attachment download functionality. This flaw enables authenticated users to access attachments meant for other organizations. Attackers can exploit this security gap by supplying a content-hash iden...

PoC for CVE-2026-63098

Thehive-projectThehive6.9MEDIUM
Unauthenticated Information Disclosure in TheHive by Cortex

TheHive version 4.1.24 is vulnerable to an unauthenticated information disclosure that permits attackers to access sensitive configuration details simply by sending a GET request to the /api/status endpoint. This endpoint inadequately enforces authentication checks, enabling potential attackers t...

PoC for CVE-2026-63097

Matrix-orgDendrite5.3MEDIUM
Improper Access Control Vulnerability in Dendrite Product by Matrix...

An improper access control issue has been identified in Dendrite versions up to 0.13.8, specifically affecting the syncapi /context endpoint. This vulnerability allows authenticated local users, particularly those who have exited a room, to exploit a flawed membership evaluation. The vulnerabilit...

PoC for CVE-2026-63096

Matrix-orgDendrite6.9MEDIUM
Server-Side Request Forgery Vulnerability in Dendrite by Element

Dendrite, up to version 0.13.8, is vulnerable to a server-side request forgery (SSRF) that enables unauthenticated attackers to manipulate the server into establishing outbound TLS connections to arbitrary hosts and ports. This vulnerability arises from the lack of validation on the serverName pa...

Discovered 5 hours ago

PoC for CVE-2026-63095

Matrix-orgDendrite7.1HIGH
Improper Authorization in Dendrite Affecting Matrix Client-Server API

Dendrite versions up to 0.13.8 exhibit an improper authorization vulnerability within the Matrix Client-Server API, allowing an authenticated user to delete third-party identifier bindings of other users. By exploiting the flawed Forget3PID handler, attackers can submit arbitrary addresses and me...

PoC for CVE-2024-53104

LinuxLinux7.8HIGH
Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format ca...

A vulnerability within the Linux kernel's UVC video support can be exploited due to inadequate handling of undefined video frame types. Specifically, when parsing video formats, the omission of UVC_VS_UNDEFINED frames can result in calculating incorrect buffer sizes, potentially leading to unsafe...

Discovered 6 hours ago

PoC for CVE-2026-63093

Anysphere, Inc.Cursor8.7HIGH
Remote code execution vulnerability in Cursor for Windows

Cursor for Windows version 3.2.16 is susceptible to a binary planting vulnerability that endangers user systems by enabling remote attackers to execute arbitrary code. This occurs when a malicious git.exe file is placed in the repository root directory. When developers clone and open such a craft...

PoC for CVE-2026-63094

SignozSignoz7.6HIGH
Open Redirect Vulnerability in SigNoz SSO Authentication Flow

The vulnerability in SigNoz through version 0.133.0 allows attackers to leverage an open redirect in the SSO authentication process. Unauthenticated attackers can exploit this flaw to steal session tokens from users utilizing Google OAuth, SAML, or OIDC. By manipulating the authentication flow, a...

PoC for CVE-2026-16017

MosaxivClawlet5.3MEDIUM
Missing Authorization in mosaxiv clawlet Chat Tool Component

A vulnerability has been identified in the mosaxiv clawlet Chat Tool, specifically within the 'list/remove' function located in the 'tools/tool_cron.go' file. This issue allows for unauthorized manipulation due to a lack of proper authorization checks. The vulnerability can be exploited remotely,...

PoC for CVE-2026-16016

Poco-aiPoco-claw6.9MEDIUM
Server-side Request Forgery in poco-ai poco-claw Products by poco-ai

A vulnerability exists in poco-ai's poco-claw software, specifically in the run_task function located in executor/app/api/v1/task.py. This security issue is associated with the manipulation of the callback_url argument, which may lead to server-side request forgery. Attackers can exploit this vul...

PoC for CVE-2026-16016

Poco-aiPoco-claw6.9MEDIUM
Server-side Request Forgery in poco-ai poco-claw Products by poco-ai

A vulnerability exists in poco-ai's poco-claw software, specifically in the run_task function located in executor/app/api/v1/task.py. This security issue is associated with the manipulation of the callback_url argument, which may lead to server-side request forgery. Attackers can exploit this vul...

Discovered 7 hours ago

PoC for CVE-2026-16015

Poco-aiPoco-claw5.3MEDIUM
Missing Authentication Flaw in poco-ai poco-claw Executor Manager API

A vulnerability has been identified in the poco-ai poco-claw's executor_manager API, specifically in the create_task function located in executor_manager/app/api/v1/tasks.py. This flaw allows for missing authentication, potentially enabling unauthorized access to critical operations. The issue ha...

PoC for CVE-2026-16015

Poco-aiPoco-claw5.3MEDIUM
Missing Authentication Flaw in poco-ai poco-claw Executor Manager API

A vulnerability has been identified in the poco-ai poco-claw's executor_manager API, specifically in the create_task function located in executor_manager/app/api/v1/tasks.py. This flaw allows for missing authentication, potentially enabling unauthorized access to critical operations. The issue ha...

PoC for CVE-2026-16015

Poco-aiPoco-claw5.3MEDIUM
Missing Authentication Flaw in poco-ai poco-claw Executor Manager API

A vulnerability has been identified in the poco-ai poco-claw's executor_manager API, specifically in the create_task function located in executor_manager/app/api/v1/tasks.py. This flaw allows for missing authentication, potentially enabling unauthorized access to critical operations. The issue ha...

PoC for CVE-2026-16015

Poco-aiPoco-claw5.3MEDIUM
Missing Authentication Flaw in poco-ai poco-claw Executor Manager API

A vulnerability has been identified in the poco-ai poco-claw's executor_manager API, specifically in the create_task function located in executor_manager/app/api/v1/tasks.py. This flaw allows for missing authentication, potentially enabling unauthorized access to critical operations. The issue ha...

PoC for CVE-2026-16015

Poco-aiPoco-claw5.3MEDIUM
Missing Authentication Flaw in poco-ai poco-claw Executor Manager API

A vulnerability has been identified in the poco-ai poco-claw's executor_manager API, specifically in the create_task function located in executor_manager/app/api/v1/tasks.py. This flaw allows for missing authentication, potentially enabling unauthorized access to critical operations. The issue ha...

PoC for CVE-2026-16014

Code-projectsHospital Bed Managemen...6.9MEDIUM
SQL Injection Vulnerability in Hospital Bed Management System by Co...

The Hospital Bed Management System version 1.0 has a significant SQL injection vulnerability discovered in its login form component. By manipulating the Username argument, attackers can execute unauthorized SQL commands, allowing for remote exploitation. This vulnerability has been publicly discl...

Discovered 8 hours ago

PoC for CVE-2026-16013

Liftoff-srCipster6.9MEDIUM
Out-of-Bounds Read Vulnerability in liftoff-sr CIPster

A vulnerability exists in the liftoff-sr CIPster, specifically in the CipAppPath::deserialize_symbolic function located within source/src/cip/cipepath.cc. This issue allows manipulation that results in an out-of-bounds read, which could potentially be exploited remotely. The vulnerability affects...

Discovered 9 hours ago

PoC for CVE-2026-16009

ItsourcecodeHospital Management Sy...5.3MEDIUM
SQL Injection Vulnerability in itsourcecode Hospital Management System

A SQL injection vulnerability has been identified in the itsourcecode Hospital Management System version 1.0. The issue arises from an undisclosed function within the file /prescriptionorderdetail.php, where improper handling of the 'delid' argument creates an opportunity for attackers to execute...

Discovered 14 hours ago

PoC for CVE-2026-11966

WordPressUser Registration & Me...5.3MEDIUM
User Registration & Membership Plugin Vulnerability in WordPress

The User Registration & Membership plugin for WordPress prior to version 5.2.3 has a security flaw that allows unauthenticated attackers to perform unauthorized actions. This weakness occurs due to the absence of capability checks for certain membership payment actions, which permits these attack...

PoC for CVE-2026-13402

WordPressRoyal Addons For Eleme...5.3MEDIUM
Unauthorized Access Vulnerability in Royal Addons for Elementor Plugin

The Royal Addons for Elementor plugin prior to version 1.7.1063 fails to validate the post status of menu items and associated templates in its REST endpoints. This oversight allows unauthenticated users to access the rendered HTML content of private or draft Elementor templates linked to non-pub...

PoC for CVE-2026-11961

WordPressUser Registration & Me...8.1HIGH
User Registration & Membership Plugin Flaw Allows Unauthorized Role...

The User Registration & Membership plugin for WordPress, prior to version 5.2.3, lacks proper validation of membership tiers during public registration. This oversight permits unauthenticated users to register for any available membership tier and receive its corresponding user role automatically...

PoC for CVE-2026-12393

WordPressWPs Bookings For WooCo...5.4MEDIUM
Insecure User Privilege Management in WPS Bookings for WooCommerce ...

The WPS Bookings for WooCommerce plugin prior to version 3.11.7 lacks proper checks to confirm if a booking order is associated with the user making the request. This flaw enables any authenticated user, including Subscribers and Customers, to cancel and void bookings made by other users, leading...

PoC for CVE-2026-9810

WordPressAi Copilot9.8CRITICAL
OAuth Token Misconfiguration in AI Copilot Plugin for WordPress

The AI Copilot WordPress plugin versions prior to 1.5.4 feature a critical OAuth access token vulnerability. This issue arises from the plugin's failure to correctly bind OAuth access tokens to individual WordPress users, resulting in the capability for unauthenticated attackers to exploit the pu...

PoC for CVE-2026-10525

WordPressNex-forms6.1MEDIUM
Stored Cross-Site Scripting Vulnerability in NEX-Forms WordPress Pl...

The NEX-Forms plugin for WordPress, prior to version 9.2.3, is vulnerable due to inadequate sanitization and escaping of submitted form data. This weakness can allow an attacker to inject malicious scripts that are stored and executed in the admin dashboard when high-privileged users, such as adm...

PoC for CVE-2026-11575

WordPressPhonepe Payment Solutions7.5HIGH
Authentication Bypass in PhonePe Payment Solutions WordPress Plugin

The PhonePe Payment Solutions WordPress plugin versions prior to 3.1.0 fails to adequately verify the authenticity of incoming payment callbacks. This vulnerability arises when sites are configured through the current setup flow, leading to an empty secret for validating callback signatures. Cons...

Discovered 15 hours ago

PoC for CVE-2024-25600

WordPressBricks Builder🟣 EPSS 88%10CRITICAL
Code Injection Vulnerability Affects Bricks Builder

The vulnerability in Bricks Builder, developed by Codeer Limited, allows for improper control of code generation, leading to code injection risks. This condition is particularly critical in versions ranging from n/a to 1.9.6. Attackers may exploit this weakness to execute arbitrary code on the se...

Discovered 20 hours ago

PoC for CVE-2026-34197

ApacheApache ActiveMQ Broker🟣 EPSS 97%8.8HIGH
Code Injection Vulnerability in Apache ActiveMQ Broker Up to Versio...

Apache ActiveMQ Broker is prone to a code injection vulnerability due to improper input validation in the Jolokia JMX-HTTP bridge. By default, this bridge exposes a web console that allows the execution of operations on all ActiveMQ MBeans. An authenticated attacker can exploit this vulnerability...

Discovered 22 hours ago

PoC for CVE-2026-20896

GiteaGitea Open Source Git ...9.8CRITICAL
Reverse Proxy Vulnerability in Gitea Docker Image Affects User Auth...

The Gitea Docker image is susceptible to a security issue where the configuration REVERSE_PROXY_TRUSTED_PROXIES is set to '*' by default. This improper configuration allows any source IP address to impersonate a user when reverse-proxy authentication headers, such as X-WEBAUTH-USER, are enabled. ...

PoC for CVE-2026-46726

ApacheApache Camel Vertx Web...7.5HIGH
Input Validation Flaw in Apache Camel's Vertx Websocket Component E...

A vulnerability in the Vertx Websocket component of Apache Camel allows for improper input validation and exposes sensitive information to unauthorized actors. The issue arises when inbound WebSocket parameters are incorrectly mapped to the Camel Exchange header map without applying necessary hea...

Discovered 1 day ago

PoC for CVE-2026-3180

WordPressContest Gallery – Uplo...7.5HIGH
Blind SQL Injection in Contest Gallery Plugin for WordPress

The Contest Gallery plugin for WordPress is exposed to a blind SQL injection vulnerability through the 'cgLostPasswordEmail' and 'cgl_mail' parameters in all versions up to and including 28.1.4. This vulnerability arises due to insufficient escaping of user-supplied input and a lack of proper san...

PoC for CVE-2026-54992

MicrosoftWindows 10 Version 16078.4HIGH
Heap-Based Buffer Overflow in Windows Message Queuing by Microsoft

A heap-based buffer overflow vulnerability in Windows Message Queuing Queue Manager can allow an unauthorized attacker to execute arbitrary code locally. This flaw can potentially compromise the integrity and availability of the affected system, posing significant risks if not addressed. Timely u...

PoC for CVE-2026-46592

ApacheApache Camel7.5HIGH
Improper Input Validation in Apache Camel CXF SOAP Component

The vulnerability in Apache Camel CXF SOAP component stems from improper input validation, where the camel-cxf producer can be manipulated to invoke unintended SOAP operations based on the operationName and operationNamespace headers. An attacker can exploit this flaw by sending crafted HTTP requ...

PoC for CVE-2025-55182

MetaReact-server-dom-webpack🟣 EPSS 100%10CRITICAL
Remote Code Execution Vulnerability in React Server Components by Meta

A remote code execution vulnerability found in React Server Components allows attackers to exploit improperly handled payloads. This issue affects versions 19.0.0 through 19.2.0, compromising server function endpoints through unsafe deserialization of HTTP request payloads. As a result, this flaw...

PoC for CVE-2026-43499

LinuxLinux7.8HIGH
Linux Kernel Vulnerability in rtmutex Component Affecting Multiple ...

A vulnerability exists in the Linux kernel's rtmutex component where the remove_waiter() function incorrectly utilizes current instead of waiter::task during a dequeue operation within various mutex handling paths. This mismanagement leads to multiple issues, including potential use-after-free vu...

PoC for CVE-2026-63087

Grafana-cold-storageOncall9.3CRITICAL
Unauthenticated Access Vulnerability in Grafana OnCall

Grafana OnCall up to version 1.16.11 is susceptible to an unauthenticated access vulnerability that enables remote attackers to retrieve a valid PluginAuthToken. By exploiting a flaw in the internal plugin install endpoint and using hardcoded default stack_id and org_id values, attackers can gain...

PoC for CVE-2022-25477

RealtekRtsper5.5MEDIUM
Vulnerability in Realtek RtsPer and RtsUer Drivers for PCIe and USB...

The vulnerability affects the Realtek RtsPer and RtsUer drivers used in PCIe and USB card readers, respectively. It allows an attacker to leak driver logs that may expose kernel mode object addresses. The leakage of these addresses can compromise Kernel Address Space Layout Randomization (KASLR),...

PoC for CVE-2026-43499

LinuxLinux7.8HIGH
Linux Kernel Vulnerability in rtmutex Component Affecting Multiple ...

A vulnerability exists in the Linux kernel's rtmutex component where the remove_waiter() function incorrectly utilizes current instead of waiter::task during a dequeue operation within various mutex handling paths. This mismanagement leads to multiple issues, including potential use-after-free vu...

Discovered 2 days ago

PoC for CVE-2026-21045

SamsungSamsung Devices8.4HIGH
Out-of-Bounds Write Vulnerability in libimagecodec.media.quram.so, ...

An out-of-bounds write vulnerability exists in the TIFF parsing component of libimagecodec.media.quram.so. This flaw allows remote attackers to exploit the system by writing to areas of memory that are not allocated for that purpose, potentially leading to arbitrary code execution or crashes. Use...

PoC for CVE-2026-12979

WordPressFunnelkit
Path Traversal Vulnerability in FunnelKit WordPress Plugin

The FunnelKit WordPress plugin prior to version 3.15.0.6 suffers from a path traversal vulnerability. This issue arises when the plugin does not properly validate user-supplied paths during file deletion operations related to template imports. Administrators, if compromised, could exploit this vu...

PoC for CVE-2026-12978

WordPressFunnelkit
Reflected Cross-Site Scripting in FunnelKit WordPress Plugin by Fun...

The FunnelKit WordPress plugin versions prior to 3.15.0.6 are vulnerable to reflected cross-site scripting attacks due to improper handling of user-supplied parameters in its AJAX actions. This flaw enables unauthenticated attackers to inject malicious scripts that are executed in the context of ...

PoC for CVE-2026-12906

WordPressRtmkit
Unauthorized Access Vulnerability in RTMKit WordPress Plugin

The RTMKit plugin for WordPress prior to version 2.0.9 is affected by an access control vulnerability. It fails to implement a necessary capability check for one of its AJAX actions, allowing users with just the Contributor role to exploit this flaw. This vulnerability enables them to gain unauth...

PoC for CVE-2026-12907

WordPressRtmkit
Authorization Bypass in RTMKit WordPress Plugin by RTM

The RTMKit WordPress plugin prior to version 2.0.9 suffers from an authorization bypass vulnerability that permits users with Author role privileges to invoke a specific AJAX action. This flaw enables unauthorized users to create and activate site-wide templates, allowing them to modify critical ...

PoC for CVE-2026-12869

WordPressHeader Footer Builder ...
Unauthorized Template Import in Header Footer Builder for Elementor...

The Header Footer Builder plugin for Elementor allows users with the 'edit_posts' capability, such as Contributors, to import dashboard templates without proper administrative control. This oversight enables these users to inject potentially harmful JavaScript through an Elementor HTML widget. As...