Exploit Search

PoC Search Engine

AI Enriched

Search specific CVE exploits enriched with AI vulnerability analysis.

Found 31342 Vulnerabilities with Exploits
CVE-2026-8389

JIT miscompilation in JavaScript Engine

Severity HIGH
8.8

AI Intelligence Analysis

Target Stack Mozilla / Firefox
<150.0.3
Impact Vector
Authentication PRE-AUTH

Verified Exploits (1)

GitHub https://github.com/crixpwn/CVE-2026-8389
CVE-2026-41089

RCE in Windows Netlogon

Severity CRITICAL
9.8

AI Intelligence Analysis

Target Stack Microsoft / Netlogon
Impact Vector RCE
Authentication PRE-AUTH
CVE-2026-8836

Stack-based buffer overflow in lwIP SNMPv3 USM Handler

Severity CRITICAL
9.3

AI Intelligence Analysis

Target Stack lwIP / lwIP
<=2.2.1
Impact Vector Buffer Overflow
Authentication PRE-AUTH
CVE-2026-2586

GlassFish Admin Console Authenticated RCE

Severity CRITICAL
9.1

AI Intelligence Analysis

Target Stack GlassFish / GlassFish Administration Console
Impact Vector RCE
Authentication Authenticated
CVE-2026-34234

CtrlPanel Unauthenticated RCE Installer

Severity CRITICAL
10.0

AI Intelligence Analysis

Target Stack CtrlPanel / CtrlPanel
<=1.1.1
Impact Vector RCE
Authentication Authenticated
CVE-2026-34908

Improper Access Control

Severity CRITICAL
10.0

AI Intelligence Analysis

Target Stack UniFi OS / UniFi OS devices
Impact Vector Unauthorized System Changes
Authentication Authenticated
CVE-2026-20452

RCE via Heap Buffer Overflow in WLAN AP Driver

Severity HIGH
8.0

AI Intelligence Analysis

Target Stack / wlan AP driver
Impact Vector RCE
Authentication PRE-AUTH
CVE-2026-7537

Arbitrary File Upload in MDJM Event Management Plugin

Severity HIGH
7.2

AI Intelligence Analysis

Target Stack WordPress / MDJM Event Management
<=1.7.8.3
Impact Vector Arbitrary File Upload (RCE)
Authentication PRE-AUTH

Verified Exploits (1)

GitHub https://github.com/d0n601/CVE-2026-7537
CVE-2026-3180

SQL Injection in Contest Gallery WordPress Plugin

Severity HIGH
7.5

AI Intelligence Analysis

Target Stack Contest Gallery / Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe
<=28.1.4
Impact Vector SQLi
Authentication PRE-AUTH

Verified Exploits (1)

Exploit-DB https://www.exploit-db.com/exploits/52609
CVE-2026-46391

HAX CMS Hostname Validation Bypass (Auth Capture)

Severity HIGH
8.7

AI Intelligence Analysis

Target Stack HAX CMS / @haxtheweb/open-apis
>=9.0.1 <26.0.0
Impact Vector Authentication Capture
Authentication Authenticated

Verified Exploits (1)

GitHub https://github.com/bradyjmcl/cve-2026-46391
CVE-2026-11344

Unrestricted File Upload

Severity MEDIUM
5.5

AI Intelligence Analysis

Target Stack code-projects / Vehicle Management System
=1.0
Impact Vector Unrestricted Upload
Authentication PRE-AUTH
CVE-2026-48866

Path Traversal in Rocketgenius Inc. Gravity Forms

Severity CRITICAL
9.6

AI Intelligence Analysis

Target Stack Rocketgenius Inc. / Gravity Forms
<=2.10.0.1
Impact Vector Path Traversal
Authentication PRE-AUTH

Verified Exploits (1)

GitHub https://github.com/0xABCD01/CVE-2026-48866
CVE-2026-48095

7-Zip NTFS heap buffer overflow leading to RCE

Severity HIGH
8.8

AI Intelligence Analysis

Target Stack 7-Zip / 7-Zip
<=26.00
Impact Vector RCE, Denial of Service
Authentication PRE-AUTH

Verified Exploits (1)

GitHub https://github.com/HORKimhab/CVE-2026-48095
CVE-2026-8206

Privilege Escalation via Account Takeover in Kirki WordPress Plugin

Severity CRITICAL
9.8

AI Intelligence Analysis

Target Stack Kirki / Kirki – Freeform Page Builder, Website Builder & Customizer plugin for WordPress
>=6.0.0 <=6.0.6
Impact Vector Privilege Escalation
Authentication PRE-AUTH
CVE-2026-6274

Improper Authentication in DTS Electronics Industry and Trade Ltd. Co. Redline WR3200

Severity CRITICAL
9.8

AI Intelligence Analysis

Target Stack DTS Electronics Industry and Trade Ltd. Co. / Redline WR3200
>=7.1.3 <7.1.8
Impact Vector Privilege Escalation
Authentication Authenticated

Verified Exploits (1)

GitHub https://github.com/bugresearch/CVE-2026-6274
CVE-2026-5076

Insecure Password Reset in ARMember Premium Plugin

Severity CRITICAL
9.8

AI Intelligence Analysis

Target Stack ARMember / ARMember Premium
<=7.3.1
Impact Vector Account Takeover
Authentication PRE-AUTH
CVE-2026-20230

Server-Side Request Forgery in Cisco Unified Communications Manager

Severity HIGH
8.6

AI Intelligence Analysis

Target Stack Cisco / Unified Communications Manager, Unified Communications Manager Session Management Edition
Impact Vector SSRF, Privilege Escalation
Authentication Authenticated

Verified Exploits (1)

GitHub https://github.com/HORKimhab/CVE-2026-20230
CVE-2026-35905

Hardcoded password for root access

Severity CRITICAL
9.8

AI Intelligence Analysis

Target Stack T3 Technology / CPE models T625Pro, T6825G, T7281
=1.0.07 =1.0.03
Impact Vector Authentication Bypass, Root Access
Authentication PRE-AUTH
CVE-2026-35904

Incorrect access control allows enabling Telnet service

Severity CRITICAL
9.8

AI Intelligence Analysis

Target Stack T3 Technology / CPE models T625Pro, T6825G, T7281
=1.0.07 =1.0.03
Impact Vector Access Control Bypass
Authentication PRE-AUTH
CVE-2026-35906

Undocumented debug CGI endpoint allows RCE as root

Severity CRITICAL
9.6

AI Intelligence Analysis

Target Stack T3 Technology / CPE models T625Pro, T6825G
=1.0.07 =1.0.03
Impact Vector RCE
Authentication PRE-AUTH
4 5 6 7 8