### Summary Shell wrapper argv could change between approval and execution. In affected versions, a command request using a shell wrapper form could approve one resolved argv shape and rebuild another for execution. This advisory is scoped to the named feature and configuration. It does not change OpenClaw's trusted-operator model: authenticated Gateway operators, installed plugins, and intentional local execution surfaces remain trusted unless a separate policy, approval, allowlist, sandbox, or auth boundary is crossed. ### Impact When the affected feature is enabled and reachable, this could run a command shape that was not checked against the allowlist. Practical impact depends on the operator's configuration and whether lower-trust input can reach that path. ### Patched Versions The first stable patched version is `2026.5.18`. ### Mitigations require explicit approval for shell wrappers and avoid durable allowlists for wrapper-heavy commands until patched. As general hardening, keep channel and tool allowlists narrow, avoid sharing one Gateway between mutually untrusted users, and disable the affected feature when it is not needed.
[POC] GHSA-2j8v-hwgc-x698 — CVE-2026-6307
Google Chrome CVE-2026-6307 PoC
PoC: redtail-ioc
IOCs and a read-only triage checklist from a real Linux root compromise: RedTail miner, XorDDoS persistence, MoneroOcean miner, DirtyFrag LPE (CVE-2026-43284/43500). CC0.
[POC] GHSA-2j8v-hwgc-x698 — CVE-2026-69212
Python poc, exploit for CVE-2025-69212
[POC] GHSA-2j8v-hwgc-x698 — Linux-Kernel-Vulnerabilities-CVE-2026-23111
High Severity LPE vulnerability in Linux Kernel, with a CVS score of 7.8. An inverted check from user enables a process inside the container to break out of the sandbox along with full root privileges on user PC. I have been investigating about this vulnerability and has a lightweight script that runs in the terminal to check if you are vulnerable.
[POC] GHSA-2j8v-hwgc-x698 — cve-2026-23111-poc
scuffed PoC for CVE-2026-23111. Made and ran on Linux Kernel 6.12.69
[POC] GHSA-2j8v-hwgc-x698 — CVE-2025-69212-PoC
OpenSTAManager v2.9.8 and earlier versions contain a critical OS Command Injection vulnerability in the P7M (signed XML) file decoding function.
[POC] GHSA-2j8v-hwgc-x698 — xperia_5_bl_unlocker_poc
My take on unlocking Xperia 5 SO-01M for p42 bootloader using CVE-2021-1931
PoC: CVE-2025-20720
CVE-2025-20720 — PolyShell: Magento 2 Unauthenticated Arbitrary File Upload RCE | GIF89a polyglot bypass | guest-cart REST API | 79.5% stores targeted
PoC: oppo-ghostlock
OPPO Find N2 GhostLock (CVE-2026-43499) exploit adaptation
PoC: yellowkey-bitlocker
yellow key bitlocker yellow screen bitlocker bitlocker recovery key CVE-2026-45585 microsoft account secure boot bypass command prompt windows 11 windows 10 surface pro uefi firmware encryption key data recovery troubleshoot boot loop cmd unlock drive setup guide tutorial
PoC: CVE-2026-53571
CVE-2026-53571 `server.fs.deny` bypass on Windows alternate paths PoC.
PoC: CVE-2026-54520
CVE-2026-54520 / GHSA-cm8g-8jfq-887p: ai-agent-automation workflow path traversal advisory landing page
PoC: CVE-2026-54519
CVE-2026-54519 / GHSA-qv97-83w4-ff86: ai-agent-automation memory authorization advisory landing page
PoC: CVE-2026-50181
CVE-2026-50181 / GHSA-fg23-3346-88f5: Langroid path traversal advisory landing page
PoC: CVE-2026-50131
CVE-2026-50131 / GHSA-xw9q-2mv6-9fr8: Fedify incomplete SSRF mitigation advisory landing page
PoC: CVE-2026-53359-Kernel-Fix
Linux 内核升级指南 - 修复 CVE-2026-53359
[POC] GHSA-2j8v-hwgc-x698 — CVE-2021-27877-PoC
A modified version of the Rapid7 Metasploit module for CVE-2021-27877 that supports direct command execution for reliable vulnerability validation. Includes documentation explaining the exploit workflow, the module modifications, and usage examples.
[POC] GHSA-2j8v-hwgc-x698 — cve-2025-24054-lab
Blue-team lab: detecting & mitigating CVE-2025-24054 (Windows NTLM hash disclosure) with Sysmon, Wazuh SIEM, and Group Policy
[POC] GHSA-2j8v-hwgc-x698 — CVE-2026-53753
Crawl4AI <= 0.8.6 pre-auth RCE via AST sandbox escape (gi_frame.f_back.f_builtins chain) — CVSS 10.0
[POC] GHSA-2j8v-hwgc-x698 — CVE-2026-33017
Python POC, Exploit for CVE-2026-33017
PoC: Apache-CVE-2021-41773
WHS 4기 이희수. kr-vulhub 과제 제출물
PoC: CVE-2026-23744
CVE-2026-23744 MCPJam Inspector unauthenticated RCE PoC
PoC: CVE-2026-38526-PoC-htb-nexus
A PoC script for CVE-2026-38526, RCE via a file upload vulnerability in the /admin/tinymce/upload endpoint of webkul krayin 2.2.x
PoC: CVE-2026-15282
Instant Appointment <= 1.2 — Unauthenticated Arbitrary File Upload to RCE via add_service_front AJAX | CVSS 9.8
PoC: CVE-2026-59734-POC
OS Command Injection in Health Check → Remote Code Execution
PoC: CVE-2026-46331
CVE-2026-46331 act_pedit page-cache corruption exploit, with Alpine PIE fix
PoC: CVE-2024-13985
Dahua CVE-2024-13985
PoC: CVE-2026-29114
Dahua CVE-2026-29114
PoC: CVE-2026-29115
Dahua CVE-2026-29115
PoC: CVE-2026-29116
Dahua CVE-2026-29116
PoC: cybermeowfia-termux
Termux Privilege Escalation Tool & Root Manager - CVE-2026-43501
PoC: CVE-2026-46242
CVE-2026-46242
PoC: lenovo-a1000g-mt8317-A412_01_09_130907-kernel-3.4.0-root-cve-2016-5195
[AI-assisted] Root method for Lenovo IdeaTab A1000G (MT8317, kernel 3.4.0, Android 4.1) via CVE-2016-5195 (Dirty COW)
PoC: CVE-2026-40887
An unauthenticated SQL injection vulnerability exists in the Vendure Shop API. A user-controlled query string parameter is interpolated directly into a raw SQL expression without parameterization or validation, allowing an attacker to execute arbitrary SQL against the database.
PoC: IOHIDFamily-PoC-Research
CVE-2026-28992 IOHIDFamily FastPathUserClient race condition PoC — security research
PoC: CVE-2021-28235
CVE-2021-28235 PoC
PoC: CVE-2025-60787
CVE-2025-60787 motionEye authenticated command injection RCE PoC
PoC: Cups-RCE-Exploit
C++ exploit for unauthenticated remote code execution on CUPS via CVE-2024-47176 chain.
PoC: Abyssal
Abyssal is a high-performance Telnet vulnerability scanner for CVE-2026-24061, delivering root shells on vulnerable systems with false-positive detection.
PoC: cve-2026-9558-poc
Exploitability PoC for CVE-2026-9558 (SSTI Mautic Theme)
PoC: CVE-2026-54390
CVE-2026-54390 — JTL Shop Smarty SSTI RCE | Pre-Auth Template Injection via fetch('string:' . ) | 5.2.0-5.7.1
PoC: CVE-2022-26134
Exploit for CVE-2022-26134
PoC: CVE-2026-40860
Reproducer for CVE-2026-40860 — Apache Camel camel-jms/sjms/amqp JMS ObjectMessage unsafe deserialization (RCE)
PoC: openclaw-hardening-check
Offline, read-only hardening check for a self-hosted OpenClaw install — gateway exposure, auth, CVE-2026-25253. Never prints secrets, makes no network calls.
PoC: CVE-2026-40859
Reproducer for CVE-2026-40859 — Apache Camel camel-netty-http / camel-vertx-http producer-side unsafe deserialization of HTTP response bodies (RCE)
PoC: CVE-2024-51482
CVE-2025-51482 POC, Dump Credentials From zm.Users
PoC: CVE-2026-40858
Reproducer for CVE-2026-40858 — Apache Camel camel-infinispan remote aggregation repository unsafe deserialization (RCE)
PoC: CVE-2026-50980
oPnael DNS-Based Cross-Site Scripting (XSS) & Session Hijacking
PoC: CVE-2026-50979
oPanel Authanticated Remote Code Execution via 'advenced/curl' Component
PoC: reactorwatch-pentest
☢️ ReactorWatch v3.2.1 — Nuclear Reactor Core Monitoring System Pentest | CVE-2025-55182 (React2Shell) Unauthenticated RCE → SQLite Exfil → MD5 Crack → SSH Pivot → CDP Root Escalation | CVSS 10.0 | AMN SECURITY
PoC: CVE-2026-46331
A Proof of Concept (PoC) exploit for CVE-2026-46331
PoC: CVE-2026-56423-MISP-deleteSelection-BrokenAccessControl
PoC for CVE-2026-56423: MISP deleteSelection broken access control (CWE-862, contributor hard-deletes other orgs' Event Reports/Sharing Groups, CVSS 8.8)
PoC: ghostlink-writeup
Ghostlink HTB — Full Chain AD + Gogs Exploitation | MQTT → NTLM Relay → Path Traversal → CVE-2025-8110 → ADCS ESC11 → DCSync | AMN SECURITY
PoC: cve-2025-22457
Altay takımı haftalık sunumu için yaptığım cve-2025-22457 zafiyeti demo uygulaması
PoC: CVE-2026-41089-LongLogon
CVE-2026-41089 checker: unauthenticated, non-destructive detection for the Netlogon CLDAP stack buffer overflow (CVSS 9.8). Reports whether a domain controller's domain is long enough to crash, without sending the overflow. The binary-verified analysis the public PoCs got wrong.
PoC: CVE-2026-29519-Lucee-Reflected-XSS
Proof of Concept for Reflected XSS in Lucee CFML (CVE-2026-29519)
PoC: CVE-2026-49230-APISIX-jwe-decrypt-Auth-Bypass
PoC for CVE-2026-49230: Apache APISIX jwe-decrypt authentication bypass (missing AES-GCM tag validation, CWE-354, CVSS 9.1)
PoC: CVE-2026-48908-joomla-sp-page-builder-detection
Laboratory validation of CVE-2026-48908 in Joomla SP Page Builder, covering unauthorized icon upload, PHP file write, code execution as www-data, auditd and PCAP evidence, event timeline reconstruction, and SOC detection recommendations. Includes Polish and English reports.
PoC: CVE-2026-61343-poc-librebooking-rce
Librebooking Admin RCE PoC CVE-2026-61343
PoC: CVE-2025-43782
OpenSSL TLS handshake buffer overflow
PoC: LVM-Januscape
CVE-2026-53359漏洞补丁
PoC: CVE-2026-57517-CWP
Control Web Panel (CWP) vulnerability scenario related to CVE-2026-57517
PoC: react2shell
PoC for CVE-2025-55182 React2Shell
PoC: CVE-2026-56876-POC
Offical PoC for this cve
PoC: CVE-2017-15715-httpd
whs 4기 컨테이너 과제
PoC: CVE-2026-8037-POC
包括能执行的命令探测和一键getshell(需要服务器部署服务)
PoC: WHS4_CVE-2021-4034
Whitehat School 4기 CVE-2021-4034 분석 및 POC 작성
PoC: CVE-2026-40473
Reproducer for CVE-2026-40473: Apache Camel camel-mina MinaConverter.toObjectInput unsafe deserialization (RCE over TCP/UDP)
PoC: -linx-server-vulnerability-report
Public disclosure for CVE-2026-52100 (CSRF) & CVE-2026-52101 (SSRF) in linx-server. MITRE assigned the CVEs; this repo provides a public reference and helps affected users understand the risk.
PoC: CVE-2026-4257
CVE-2026-4257 - Contact Form by Supsystic <= 1.7.36 # SSTI to RCE
PoC: CentOS7_CVE-2021-3712_Remediation
Production Ready Steps for Remediating a openssl CVE(https://nvd.nist.gov/vuln/detail/cve-2021-3712) on EOL CentOS7 box
PoC: H2-database-CVE-2022-23221
vulhub/H2-database/CVE-2022-23221
PoC: Ubiquiti-CVE
CVE-2026-50746... - Draft
PoC: CVE-2026-43499
CVE-2026-43499
PoC: TwoMillion-HTB-Write-up
Write-up completo de la máquina TwoMillion de Hack The Box. Enumeración web, explotación de API, escalada a admin, inyección de comandos (RCE), reverse shell y escalada a root mediante CVE-2023-0386 (OverlayFS + FUSE). Técnicas de pentesting aplicadas en un entorno controlado.
PoC: CVE-2026-40453
Reproducer for CVE-2026-40453: Apache Camel case-variant Camel header injection (incomplete fix of CVE-2025-27636)
PoC: CVE-2026-44825-Apache-Solr-Scanner
Apache Solr instances that may be affected by CVE-2026-44825, related to Velocity Template Remote Code Execution (RCE) conditions.
PoC: CVE-2026-40048
Reproducer for CVE-2026-40048: Apache Camel camel-pqc FileBasedKeyLifecycleManager unsafe deserialization (RCE)
PoC: CVE-2026-38526
Automated exploit for Krayin CRM ≤ 2.2.x.
PoC: CVE-2021-40346
WHS CVE-2021-40346 분석
PoC: CVE-2026-27495
Proof-of-concept exploit and lab environment for CVE-2026-27495
PoC: CVE-2026-35204
CVE-2026-35204 PoC
PoC: tetragon-dirtyfrag
Blocking the DirtyFrag Linux LPE chain (CVE-2026-43284 / CVE-2026-43500) at runtime with a Cilium Tetragon TracingPolicy | kills the exploit at the kernel-module autoload step. Tested on RHEL 9.8 (kernel 5.14) and Ubuntu 24.04 (kernel 6.8). Policy, lab notes, and evidence.
PoC: CVE-2026-35204
CVE-2026-35204 PoC
PoC: CVE-2026-34197
Poc for CVE-2026-34197
PoC: CVE-2026-40047
Reproducer for CVE-2026-40047: Apache Camel camel-docling CLI argument injection / path traversal
PoC: cve-2026-25262-sm8450-research
CVE-2026-25262 applicability to Snapdragon 8 Gen 1 — experimental results
PoC: mcp-doorman
A lightweight mcp to prevent poisoning CVE (CVE-2025-54136), researchers hijacking Claude Code/Copilot/Gemini via prompt injection, and hundreds of MCP servers exposed with zero auth, this mcp protects the individual developer's laptop, where most MCP servers actually run.
PoC: CVE-2025-55182
Exploit for CVE-2025-55182
PoC: CVE-2021-21974
自研针对ESXI 堆栈溢出的CVE-2021-21974 POC,只支持项目给出的的目标和环境,用于学习和研究
PoC: CVE-2026-43499
CVE-2026-43499 - Draft
PoC: CVE-2026-56290
CVE-2026-56290 - Mass Exploit for Joomla Com_pagebuilderck component (Unrestricted File Upload → RCE). Multi-threaded, automatic CSRF bypass, PHP shell uploader.
PoC: ScannerBadEpoll
Verificador de Vulnerabilidad: Bad Epoll (CVE-2026-46242)
PoC: CVE-2026-0257-GlobalProtect-Bypass
CVE-2026-0257 - Palo Alto PAN-OS GlobalProtect Auth Override Cookie Forgery - PoC & Analysis | CVSS 9.1 CRITICAL CISA KEV | AMN SECURITY
PoC: CVE-2026-49777-WooCommerce-RCE
CVE-2026-49777 - WooCommerce Product Slider Pro Malicious Software Implantation RCE - PoC & Analysis | CVSS 10.0 CRITICAL | AMN SECURITY
PoC: CVE-2026-8206-Kirki-WP
CVE-2026-8206 - Kirki WordPress Plugin Unauthenticated Account Takeover - PoC & Analysis | CVSS 9.8 CRITICAL | AMN SECURITY
PoC: CVE-2026-42271-LiteLLM-RCE
CVE-2026-42271 - LiteLLM AI Gateway MCP Command Injection RCE - PoC & Analysis | CVSS 8.8 | AMN SECURITY
PoC: CVE-2026-45659-SharePoint-RCE
CVE-2026-45659 - Microsoft SharePoint Deserialization RCE - PoC & Analysis | CVSS 8.8 | AMN SECURITY
PoC: CVE-2026-8451-CitrixBleed
CVE-2026-8451 - Citrix NetScaler SAML Memory Overread (CitrixBleed) - PoC & Analysis | CVSS 8.8 | AMN SECURITY
PoC: cve-2026-48282-coldfusion-rds-detection
Laboratory validation of CVE-2026-48282 in Adobe ColdFusion RDS, covering arbitrary CFM file write, code execution as the ColdFusion service user, auditd and PCAP evidence, event timeline reconstruction, and SOC detection recommendations. Includes Polish and English reports.
PoC: cve-2026-20896-gitea-poc
CVE-2026-20896 Gitea Docker X-WEBAUTH-USER auth bypass checker
PoC: CVE-2026-12277
Frontend File Manager Plugin (WordPress) <= 23.6 - Unauthenticated Arbitrary File Deletion to RCE
PoC: CVE-2019-9978-Social-Warfare-WordPress-RCE
A complete walkthrough and exploit for CVE-2019-9978 - Unauthenticated Remote Code Execution in Social Warfare WordPress plugin ≤ 3.5.2. Includes vulnerable code analysis and payload examples.
PoC: CVE-2026-36214
Stored Cross-Site Scripting (XSS) in osTicket via Vulnerable Bootstrap Tooltip Component
PoC: VTIGER-CRM-RCE-CVE-2026-23698
Vtiger CRM 8.3.0, 8.4.0 Module Import Authenticated RCE PoC
PoC: VTIGER-CRM-RCE-CVE-2026-23697
Vtiger CRM 8.3.0 Authenticated RCE via .phar Upload
PoC: Whisper_Bully
Two-stage Bluetooth DoS attack on Fast Pair devices via CVE-2025-36911
PoC: CVE-2022-46364
Python POC, Exploit for CVE-2022-46364
PoC: RedTeamBrasil-CVE-2025-64459
NEO-SQLi — exploit Django _connector SQL Injection (CVE-2025-64459) | canal RedTeam Brasil
PoC: dasel-cve-exercise
Melange packaging and apko image for Dasel v3.3.1 with a backported fix for CVE-2026-33320.
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free