Recently updated Proof-of-Concepts

2026

Latest 20 of 172 Repositories

Stars	Updated	Name	Description
3644⭐	30 minutes ago	copy-fail-CVE-2026-31431	Copy Fail (CVE-2026-31431): 9-year-old Linux kernel LPE found by Theori's Xint Code
537⭐	1 hour ago	cve_2026_31431	Exploit POC for CVE_2026_31431
257⭐	15 hours ago	CVE-2026-21858	n8n Ni8mare - Unauthenticated Arbitrary File Read to RCE Chain (CVSS 10.0)
206⭐	5 days ago	CVE-2026-24061	Exploitation of CVE-2026-24061
68⭐	13 hours ago	cve-2026-31431	CVE-2026-31431: Copy Fail
97⭐	5 hours ago	CVE-2026-31431-Advanced-Exploit	CVE-2026-31431 纯文件利用
83⭐	15 hours ago	CVE-2026-41651
124⭐	7 hours ago	Copy-Fail-CVE-2026-31431-Kubernetes-PoC	PoC: fully unprivileged container escape to node-level code execution on Kubernetes via CVE-2026-31431 page-cache corruption + shared image layers. Validated on Alibaba Cloud ACK, Amazon EKS and Google GKE.
83⭐	10 hours ago	Copy-Fail-Exploit-CVE-2026-31431	Most Linux LPEs need a race window or a kernel-specific offset. Copy Fail is a straight-line logic flaw, it needs neither. The same 732-byte Python script (or .c elf) roots every Linux distribution shipped since 2017.
28⭐	3 hours ago	CVE-2026-31431
29⭐	18 hours ago	cve-2026-41940-poc
48⭐	7 hours ago	CVE-2026-0073-Android-adbd-authentication-bypass-POC
66⭐	21 days ago	CVE-2026-24061-POC
47⭐	13 hours ago	CVE-2026-31431-Linux-Copy-Fail	Rust implementation Exploit/PoC of CVE-2026-31431-Linux-Copy-Fail, allow executing customized shellcode (such as Meterpreter).
26⭐	30 days ago	cve-2026-32746	CVE-2026-32746 - GNU InetUtils telnetd LINEMODE SLC Buffer Overflow PoC (pre-auth RCE, CVSS 9.8)
28⭐	18 hours ago	CVE-2026-34159	0 Click RCE exploit for CVE-2026-34159 Lama.cpp RPC server
54⭐	3 hours ago	poc-cpanel-cve-2026-41940
40⭐	8 days ago	CVE-2026-25769	Remote Code Execution via Insecure Deserialization in Wazuh Cluster
32⭐	18 hours ago	CVE-2026-1731	CVE-2026-1731 - Critical command injection vulnerability in BeyondTrust Remote Support and Privileged Remote Access due to unsafe Bash arithmetic evaluation in a WebSocket-reachable script
8⭐	85 days ago	Ashwesker-CVE-2026-21509	CVE-2026-21509

2025

Latest 20 of 570 Repositories

Stars	Updated	Name	Description
1403⭐	4 days ago	CVE-2025-55182	Explanation and full RCE PoC for CVE-2025-55182
796⭐	7 hours ago	CVE-2025-55182-research	CVE-2025-55182 POC
701⭐	18 hours ago	CVE-2025-33073	PoC Exploit for the NTLM reflection SMB flaw.
526⭐	23 hours ago	CVE-2025-32463_chwoot	Escalation of Privilege to the root through sudo binary with chroot option. CVE-2025-32463
460⭐	1 day ago	CVE-2025-32463	Local Privilege Escalation to Root via Sudo chroot in Linux
312⭐	24 days ago	CVE-2025-53770-Exploit	SharePoint WebPart Injection Exploit Tool
311⭐	8 days ago	CVE-2025-55182	RSC/Next.js RCE Vulnerability Detector & PoC Chrome Extension – CVE-2025-55182 & CVE-2025-66478
1039⭐	4 hours ago	React2Shell-CVE-2025-55182-original-poc	Original Proof-of-Concepts for React2Shell CVE-2025-55182
402⭐	4 days ago	CVE-2025-24071_PoC	CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File
213⭐	19 days ago	CVE-2025-32023	PoC & Exploit for CVE-2025-32023 / PlaidCTF 2025 "Zerodeo"
422⭐	13 hours ago	Next.js-RSC-RCE-Scanner-CVE-2025-66478	A command-line scanner for batch detection of Next.js application versions and determining if they are affected by CVE-2025-66478 vulnerability.
386⭐	25 days ago	ColorOS-CVE-2025-10184	ColorOS短信漏洞，以及用户自救方案
275⭐	5 hours ago	CVE-2025-55182-advanced-scanner-
193⭐	1 day ago	POC-CVE-2025-24813	his repository contains an automated Proof of Concept (PoC) script for exploiting CVE-2025-24813, a Remote Code Execution (RCE) vulnerability in Apache Tomcat. The vulnerability allows an attacker to upload a malicious serialized payload to the server, leading to arbitrary code execution via deserialization when specific conditions are met.
190⭐	44 days ago	RSC-Detect-CVE-2025-55182	RSC Detect CVE 2025 55182
198⭐	2 days ago	CVE-2025-30208-EXP	CVE-2025-30208-EXP
158⭐	20 days ago	CVE-2025-21756	Exploit for CVE-2025-21756 for Linux kernel 6.6.75. My first linux kernel exploit!
195⭐	1 day ago	CVE-2025-32756-POC	Proof of Concept for CVE-2025-32756 - A critical stack-based buffer overflow vulnerability affecting multiple Fortinet products.
110⭐	19 days ago	CVE-2025-43300	This is POC for IOS 0click CVE-2025-43300
172⭐	11 days ago	CVE-2025-26125	( 0day ) Local Privilege Escalation in IObit Malware Fighter

2024

Latest 20 of 623 Repositories

Stars	Updated	Name	Description
2450⭐	20 hours ago	CVE-2024-1086	Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.
695⭐	5 days ago	CVE-2024-38063	poc for CVE-2024-38063 (RCE in tcpip.sys)
492⭐	27 days ago	cve-2024-6387-poc	a signal handler race condition in OpenSSH's server (sshd)
519⭐	4 days ago	CVE-2024-49113	LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113
523⭐	4 days ago	CVE-2024-6387_Check	CVE-2024-6387_Check is a lightweight, efficient tool designed to identify servers running vulnerable versions of OpenSSH
225⭐	2 days ago	CVE-2024-38077	RDL的堆溢出导致的RCE
382⭐	29 days ago	cve-2024-6387-poc	32-bit PoC for CVE-2024-6387 — mirror of the original 7etsuo/cve-2024-6387-poc
331⭐	10 days ago	CVE-2024-0044	CVE-2024-0044: a "run-as any app" high-severity vulnerability affecting Android versions 12 and 13
315⭐	4 days ago	CVE-2024-4577	PHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC
319⭐	2 days ago	CVE-2024-21338	Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.
241⭐	2 days ago	CVE-2024-21413	CVE-2024-21413 PoC for THM Lab
765⭐	6 days ago	CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability	Microsoft-Outlook-Remote-Code-Execution-Vulnerability
9⭐	57 days ago	CVE-2024-38077-POC
179⭐	12 hours ago	CVE-2024-6387	Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387)
238⭐	33 days ago	CVE_2024_30078_POC_WIFI	basic concept for the latest windows wifi driver CVE
180⭐	26 days ago	CVE-2024-25600	Unauthenticated Remote Code Execution – Bricks <= 1.9.6
204⭐	15 hours ago	CVE-2024-23897	CVE-2024-23897
157⭐	74 days ago	CVE-2024-21413	Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POC
85⭐	32 days ago	CVE-2024-40725-CVE-2024-40898	CVE-2024-40725 and CVE-2024-40898, affecting Apache HTTP Server versions 2.4.0 through 2.4.61. These flaws pose significant risks to web servers worldwide, potentially leading to source code disclosure and server-side request forgery (SSRF) attacks.
140⭐	116 days ago	cve-2024-20017	exploits for CVE-2024-20017

2023

Latest 20 of 523 Repositories

Stars	Updated	Name	Description
788⭐	4 days ago	CVE-2023-38831-winrar-exploit	CVE-2023-38831 winrar exploit generator
375⭐	20 days ago	CVE-2023-32233	CVE-2023-32233: Linux内核中的安全漏洞
508⭐	1 day ago	Windows_LPE_AFD_CVE-2023-21768	LPE exploit for CVE-2023-21768
116⭐	4 days ago	CVE-2023-21839	Weblogic CVE-2023-21839 RCE (无需Java依赖一键RCE)
417⭐	15 days ago	CVE-2023-0386	CVE-2023-0386在ubuntu22.04上的提权
391⭐	8 days ago	CVE-2023-4911	PoC for CVE-2023-4911
283⭐	3 days ago	CVE-2023-21608	Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit
318⭐	5 hours ago	CVE-2023-4863
242⭐	9 days ago	CVE-2023-44487	Basic vulnerability scanning to see if web servers may be vulnerable to CVE-2023-44487
168⭐	134 days ago	CVE-2023-36745
246⭐	13 days ago	CVE-2023-7028	This repository presents a proof-of-concept of CVE-2023-7028
229⭐	3 days ago	CVE-2023-3519	RCE exploit for CVE-2023-3519
347⭐	217 days ago	CVE-2023-23397-POC-Powershell
231⭐	78 days ago	CVE-2023-20887	VMWare vRealize Network Insight Pre-Authenticated RCE (CVE-2023-20887)
180⭐	72 days ago	CVE-2023-28252
134⭐	15 days ago	CVE-2023-2640-CVE-2023-32629	GameOver(lay) Ubuntu Privilege Escalation
209⭐	26 days ago	CVE-2023-46747-RCE	exploit for f5-big-ip RCE cve-2023-46747
238⭐	9 days ago	Weblogic-CVE-2023-21839
237⭐	22 days ago	CVE-2023-29357	Microsoft SharePoint Server Elevation of Privilege Vulnerability
171⭐	12 days ago	CVE-2023-25157	CVE-2023-25157 - GeoServer SQL Injection - PoC