Recently updated Proof-of-Concepts

2025

Latest 20 of 429 Repositories

Stars	Updated	Name	Description
1254⭐	1 hour ago	CVE-2025-55182	Explanation and full RCE PoC for CVE-2025-55182
776⭐	16 hours ago	CVE-2025-55182-research	CVE-2025-55182 POC
607⭐	2 days ago	CVE-2025-33073	PoC Exploit for the NTLM reflection SMB flaw.
496⭐	5 days ago	CVE-2025-32463_chwoot	Escalation of Privilege to the root through sudo binary with chroot option. CVE-2025-32463
421⭐	19 hours ago	CVE-2025-32463	Local Privilege Escalation to Root via Sudo chroot in Linux
305⭐	2 days ago	CVE-2025-53770-Exploit	SharePoint WebPart Injection Exploit Tool
291⭐	15 hours ago	CVE-2025-55182	RSC/Next.js RCE Vulnerability Detector & PoC Chrome Extension – CVE-2025-55182 & CVE-2025-66478
923⭐	3 hours ago	React2Shell-CVE-2025-55182-original-poc	Original Proof-of-Concepts for React2Shell CVE-2025-55182
386⭐	6 days ago	CVE-2025-24071_PoC	CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File
206⭐	21 hours ago	CVE-2025-32023	PoC & Exploit for CVE-2025-32023 / PlaidCTF 2025 "Zerodeo"
396⭐	7 days ago	ColorOS-CVE-2025-10184	ColorOS短信漏洞，以及用户自救方案
180⭐	8 days ago	POC-CVE-2025-24813	his repository contains an automated Proof of Concept (PoC) script for exploiting CVE-2025-24813, a Remote Code Execution (RCE) vulnerability in Apache Tomcat. The vulnerability allows an attacker to upload a malicious serialized payload to the server, leading to arbitrary code execution via deserialization when specific conditions are met.
256⭐	1 day ago	CVE-2025-55182-advanced-scanner-
360⭐	7 hours ago	Next.js-RSC-RCE-Scanner-CVE-2025-66478	A command-line scanner for batch detection of Next.js application versions and determining if they are affected by CVE-2025-66478 vulnerability.
198⭐	5 days ago	CVE-2025-30208-EXP	CVE-2025-30208-EXP
154⭐	19 hours ago	CVE-2025-21756	Exploit for CVE-2025-21756 for Linux kernel 6.6.75. My first linux kernel exploit!
73⭐	8 days ago	cve-2025-8088	Path traversal tool based on cve-2025-8088
163⭐	2 days ago	CVE-2025-26125	( 0day ) Local Privilege Escalation in IObit Malware Fighter
136⭐	28 days ago	CVE-2025-32433	CVE-2025-32433 https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2
163⭐	4 days ago	CVE-2025-59287	WSUS Unauthenticated RCE

2024

Latest 20 of 622 Repositories

Stars	Updated	Name	Description
2421⭐	2 days ago	CVE-2024-1086	Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.
685⭐	12 days ago	CVE-2024-38063	poc for CVE-2024-38063 (RCE in tcpip.sys)
489⭐	1 day ago	cve-2024-6387-poc	a signal handler race condition in OpenSSH's server (sshd)
507⭐	2 days ago	CVE-2024-49113	LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113
506⭐	1 day ago	CVE-2024-6387_Check	CVE-2024-6387_Check is a lightweight, efficient tool designed to identify servers running vulnerable versions of OpenSSH
384⭐	14 days ago	cve-2024-6387-poc	32-bit PoC for CVE-2024-6387 — mirror of the original 7etsuo/cve-2024-6387-poc
217⭐	1 day ago	CVE-2024-38077	RDL的堆溢出导致的RCE
321⭐	4 days ago	CVE-2024-0044	CVE-2024-0044: a "run-as any app" high-severity vulnerability affecting Android versions 12 and 13
310⭐	1 day ago	CVE-2024-21338	Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.
303⭐	1 day ago	CVE-2024-4577	PHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC
752⭐	2 days ago	CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability	Microsoft-Outlook-Remote-Code-Execution-Vulnerability
184⭐	18 hours ago	CVE-2024-21413	CVE-2024-21413 PoC for THM Lab
236⭐	32 days ago	CVE_2024_30078_POC_WIFI	basic concept for the latest windows wifi driver CVE
8⭐	167 days ago	CVE-2024-38077-POC
164⭐	7 days ago	CVE-2024-6387	Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387)
200⭐	68 days ago	CVE-2024-23897	CVE-2024-23897
176⭐	2 days ago	CVE-2024-25600	Unauthenticated Remote Code Execution – Bricks <= 1.9.6
156⭐	37 days ago	CVE-2024-21413	Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POC
83⭐	12 days ago	CVE-2024-40725-CVE-2024-40898	CVE-2024-40725 and CVE-2024-40898, affecting Apache HTTP Server versions 2.4.0 through 2.4.61. These flaws pose significant risks to web servers worldwide, potentially leading to source code disclosure and server-side request forgery (SSRF) attacks.
141⭐	5 days ago	cve-2024-20017	exploits for CVE-2024-20017

2023

Latest 20 of 508 Repositories

Stars	Updated	Name	Description
788⭐	1 day ago	CVE-2023-38831-winrar-exploit	CVE-2023-38831 winrar exploit generator
504⭐	34 days ago	Windows_LPE_AFD_CVE-2023-21768	LPE exploit for CVE-2023-21768
370⭐	1 day ago	CVE-2023-32233	CVE-2023-32233: Linux内核中的安全漏洞
409⭐	13 hours ago	CVE-2023-0386	CVE-2023-0386在ubuntu22.04上的提权
108⭐	25 days ago	CVE-2023-21839	Weblogic CVE-2023-21839 RCE (无需Java依赖一键RCE)
387⭐	5 days ago	CVE-2023-4911	PoC for CVE-2023-4911
280⭐	5 days ago	CVE-2023-21608	Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit
318⭐	4 days ago	CVE-2023-4863
243⭐	23 days ago	CVE-2023-44487	Basic vulnerability scanning to see if web servers may be vulnerable to CVE-2023-44487
167⭐	2 days ago	CVE-2023-36745
347⭐	74 days ago	CVE-2023-23397-POC-Powershell
241⭐	2 days ago	CVE-2023-7028	This repository presents a proof-of-concept of CVE-2023-7028
231⭐	65 days ago	CVE-2023-20887	VMWare vRealize Network Insight Pre-Authenticated RCE (CVE-2023-20887)
229⭐	2 days ago	CVE-2023-3519	RCE exploit for CVE-2023-3519
178⭐	2 days ago	CVE-2023-28252
131⭐	19 days ago	CVE-2023-2640-CVE-2023-32629	GameOver(lay) Ubuntu Privilege Escalation
241⭐	77 days ago	Weblogic-CVE-2023-21839
204⭐	1 day ago	CVE-2023-46747-RCE	exploit for f5-big-ip RCE cve-2023-46747
234⭐	17 days ago	CVE-2023-29357	Microsoft SharePoint Server Elevation of Privilege Vulnerability
171⭐	61 days ago	CVE-2023-25157	CVE-2023-25157 - GeoServer SQL Injection - PoC

2022

Latest 20 of 561 Repositories

Stars	Updated	Name	Description
1123⭐	4 days ago	CVE-2022-0847-DirtyPipe-Exploit	A root exploit for CVE-2022-0847 (Dirty Pipe)
577⭐	13 days ago	CVE-2022-23222	CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation
364⭐	57 days ago	CVE-2022-21907	HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2022-21907
353⭐	1 day ago	CVE-2022-40684	A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager
374⭐	5 days ago	CVE-2022-29464	WSO2 RCE (CVE-2022-29464) exploit and writeup.
434⭐	27 days ago	CVE-2022-25636	CVE-2022-25636
665⭐	11 hours ago	CVE-2022-0847-DirtyPipe-Exploits	A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability.
485⭐	23 days ago	CVE-2022-2588	exploit for CVE-2022-2588
496⭐	24 days ago	CVE-2022-0995	CVE-2022-0995 exploit
387⭐	19 days ago	CVE-2022-39197	CobaltStrike <= 4.7.1 RCE
279⭐	9 days ago	CVE-2022-0847	CVE-2022-0847-DirtyPipe-Exploit CVE-2022-0847 是存在于 Linux内核 5.8 及之后版本中的本地提权漏洞。攻击者通过利用此漏洞，可覆盖重写任意可读文件中的数据，从而可将普通权限的用户提升到特权 root。 CVE-2022-0847 的漏洞原理类似于 CVE-2016-5195 脏牛漏洞（Dirty Cow），但它更容易被利用。漏洞作者将此漏洞命名为“Dirty Pipe”
414⭐	24 days ago	CVE-2022-33679	One day based on https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html
343⭐	12 days ago	CVE-2022-21894	baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability
376⭐	8 days ago	CVE-2022-0185	CVE-2022-0185
278⭐	48 days ago	cve-2022-27255
267⭐	29 days ago	CVE-2022-39952	POC for CVE-2022-39952
487⭐	21 hours ago	CVE-2022-38694_unlock_bootloader	This is a one-time signature verification bypass. For persistent signature verification bypass, check https://github.com/TomKing062/CVE-2022-38691_38692
238⭐	34 days ago	CVE-2022-20699	Cisco Anyconnect VPN unauth RCE (rwx stack)
229⭐	11 days ago	CVE-2022-30075	Tp-Link Archer AX50 Authenticated RCE (CVE-2022-30075)
218⭐	13 days ago	CVE-2022-34918	CVE-2022-34918 netfilter nf_tables 本地提权 POC

2021

Latest 20 of 516 Repositories

Stars	Updated	Name	Description
2020⭐	3 days ago	CVE-2021-4034	CVE-2021-4034 1day
1119⭐	8 days ago	CVE-2021-4034	PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)
1080⭐	8 days ago	CVE-2021-1675	Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare)
1000⭐	11 days ago	CVE-2021-3156
784⭐	29 days ago	CVE-2021-3156	Sudo Baron Samedit Exploit
832⭐	23 days ago	CVE-2021-31166	Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely.
860⭐	8 days ago	CVE-2021-44228-Scanner	Vulnerability scanner and mitigation patch for Log4j2 CVE-2021-44228
498⭐	12 days ago	CVE-2021-21972	CVE-2021-21972 Exploit
431⭐	1 day ago	CVE-2021-3493	Ubuntu OverlayFS Local Privesc
435⭐	23 days ago	CVE-2021-3156	PoC for CVE-2021-3156 (sudo heap overflow)
284⭐	24 days ago	CVE-2021-22205	CVE-2021-22205& GitLab CE/EE RCE
267⭐	1 day ago	CVE-2021-21972	Proof of Concept Exploit for vCenter CVE-2021-21972
291⭐	3 days ago	CVE-2021-36260	command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.
295⭐	1 day ago	CVE-2021-34527
364⭐	9 days ago	Grafana-CVE-2021-43798	Grafana Unauthorized arbitrary file reading vulnerability
349⭐	64 days ago	CVE-2021-44228_scanner	Scanners for Jar files that may be vulnerable to CVE-2021-44228
312⭐	5 days ago	CVE-2021-26084_Confluence	Confluence Server Webwork OGNL injection
328⭐	8 days ago	CVE-2021-1675-LPE	Local Privilege Escalation Edition for CVE-2021-1675/CVE-2021-34527
233⭐	93 days ago	CVE-2021-38647	Proof on Concept Exploit for CVE-2021-38647 (OMIGOD)
235⭐	16 days ago	CVE-2021-24086	Proof of concept for CVE-2021-24086, a NULL dereference in tcpip.sys triggered remotely.