CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1826 matches found

GithubExploit•added 2026/04/15 8:41 p.m.•100 views

Exploit for CVE-2024-12029

Alternative-Approach-Reverse-Shell-Callback-Test-InvokeAI-RCE...

9.8CVSS7.5AI score0.04978EPSS

Exploits5

Packet Storm•added 2026/04/14 12:0 a.m.•83 views

📄 WebRemoteControl Unauthenticated Remote Code Execution

WebRemoteControl suffers from an unauthenticated remote code execution vulnerability. Exploit Title: WebRemoteControl - Unauthenticated Remote Code Execution Date: 2026-04-14 Exploit Author: Chokri Hammedi Vendor Homepage: https://github.com/wolfgangasdf/WebRemoteControl Software Link:...

6.4AI score

Exploits0

GithubExploit•added 2026/04/13 11:32 a.m.•281 views

Exploit for Code Injection in Flowiseai Flowise

CVE-2025-59528 - FlowiseAI CustomMCP Remote Code Execution...

10CVSS5.9AI score0.9037EPSS

Exploits21

GithubExploit•added 2026/04/12 5:15 a.m.•128 views

Exploit for Path Traversal in Gogs

CVE-2025-8110-Authenticated-Remote-Code-Execution-on-Gogs-v0.1...

8.8CVSS6.4AI score0.7694EPSS

Exploits14

GithubExploit•added 2026/04/11 10:40 p.m.•236 views

Exploit for Path Traversal in Gogs

Gogs RCE Exploit CVE-2025-8110 !Pythonhttps://img.shield...

8.8CVSS6AI score0.7694EPSS

Exploits14

Packet Storm•added 2026/04/10 12:0 a.m.•62 views

📄 Horilla 1.3 Remote Command Execution

Horilla versions 1.3 and below suffer from a remote command execution vulnerability. Exploit Title: Horilla v1.3 - RCE Date: 2025-05-29 Exploit Author: Raghad Abdallah Al-syouf Version: = 1.3 Tested on: Ubuntu / Docker CVE: CVE-2025-48868 Description: This script exploits the authenticated RCE...

7.2CVSS6AI score0.02275EPSS

Exploits3

GithubExploit•added 2026/04/09 9:44 a.m.•98 views

Exploit for CVE-2026-34197

Fixed the issue...

8.8CVSS6.6AI score0.87048EPSS

Exploits12

GithubExploit•added 2026/04/08 6:56 a.m.•101 views

Exploit for Eval Injection in Langflow

CVE-2026-33017 - Langflow Unauthenticated RCE...

9.8CVSS6.4AI score0.98412EPSS

Exploits16

Exploit DB•added 2026/04/08 12:0 a.m.•75 views

Horilla v1.3 - RCE

Exploit Title: Horilla v1.3 - RCE Date: 2025-05-29 Exploit Author: Raghad Abdallah Al-syouf Version: = 1.3 Tested on: Ubuntu / Docker CVE: CVE-2025-48868 Description: This script exploits the authenticated RCE vulnerability CVE-2025-48868. It logs into the target web app, creates a project, and...

7.2CVSS5.9AI score0.02275EPSS

Exploits3

Metasploit•added 2026/04/02 7:2 p.m.•155 views

HTTP Fetch, Windows Meterpreter Shell, Reverse HTTP Inline

Fetch and execute an x86 payload from an HTTP server. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/http/x86/meterpreterreversehttp msf payloadmeterpreterreversehttp show actions ...actions... msf...

5.5AI score

Exploits0

GithubExploit•added 2026/03/31 9:0 p.m.•104 views

Buffer-Overflow-Exploit-C

Buffer Overflow & Stack Smashing Exploit Overview This pro...

6.3AI score

Exploits0

Github Security Blog•added 2026/03/30 5:16 p.m.•12 views

NocoBase Affected by Sandbox Escape to RCE via console._stdout Prototype Chain Traversal in Workflow Script Node

Summary NocoBase's Workflow Script Node executes user-supplied JavaScript inside a Node.js vm sandbox with a custom require allowlist controlled by WORKFLOWSCRIPTMODULES env var. However, the console object passed into the sandbox context exposes host-realm WritableWorkerStdio stream objects via...

9.9CVSS6AI score0.07593EPSS

Exploits7References5Affected Software1

Positive Technologies•added 2026/03/30 12:0 a.m.•2 views

PT-2026-29158

Name of the Vulnerable Software and Affected Versions NocoBase versions prior to 2.0.28 Description NocoBase is an AI-powered no-code/low-code platform. Versions of NocoBase prior to 2.0.28 have a security flaw that allows an authenticated attacker to achieve Remote Code Execution RCE as root. Th...

9.9CVSS6.1AI score0.07593EPSS

Exploits7References22

GithubExploit•added 2026/03/29 4:26 p.m.•108 views

Exploit for Missing Authentication for Critical Function in Mcpjam Inspector

CVE-2026-23744 — MCP Connect RCE via Unauthenticated Command I...

9.8CVSS6AI score0.36126EPSS

Exploits29

EUVD•added 2026/03/24 12:30 p.m.•1 views

EUVD-2019-20033

PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows authenticated attackers to upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can upload malicious PHP files through the image manager endpoint and execute them...

8.8CVSS6.7AI score0.00798EPSS

Exploits1References5

Cvelist•added 2026/03/24 11:27 a.m.•19 views

CVE-2019-25647 PhreeBooks ERP 5.2.3 Remote Code Execution via Image Manager

8.8CVSS0.00798EPSS

Exploits1References4

CVE•added 2026/03/24 11:27 a.m.•7 views

CVE-2019-25647

CVE-2019-25647 affects PhreeBooks ERP 5.2.3. A remote code execution vulnerability exists in the image manager that lets an authenticated attacker upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can place malicious PHP files via the image manager endpoint an...

8.8CVSS6.7AI score0.00798EPSS

Exploits1References4Affected Software1

ATTACKERKB•added 2026/03/24 11:27 a.m.•6 views

CVE-2019-25647

8.8CVSS6.7AI score0.00798EPSS

Exploits1References4Affected Software1

Packet Storm•added 2026/03/24 12:0 a.m.•401 views

📄 MCPJam Inspector 1.4.2 Remote Code Execution

MCPJam Inspector versions 1.4.2 and below proof of concept remote code execution exploit. !/usr/bin/env python3 CVE-2026-23744.py for testing only import requests import argparse import json import sys import urllib3 urllib3.disablewarningsurllib3.exceptions.InsecureRequestWarning def main: parse...

9.8CVSS6.5AI score0.36126EPSS

Exploits29

GithubExploit•added 2026/03/23 3:54 p.m.•217 views

Exploit for OS Command Injection in Arcane

CVE-2026-23520 MCP API Remote Command Execution RCE Proo...

9CVSS6.3AI score0.01643EPSS

Exploits6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by