The Exploit Database

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.

Remote Exploits

Date	Description		Plat.	Author
2025-06-26	McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information	10	REMOTE	Keenan Scott
2025-06-26	Microsoft Excel 2024 Use after free - Remote Code Execution (RCE)	9	REMOTE	nu11secur1ty
2025-06-26	freeSSHd 1.0.9 - Denial of Service (DoS)	7	REMOTE	Fernando Mengali
2025-06-26	OneTrust SDK 6.33.0 - Denial Of Service (DoS)	5	REMOTE	Alameen Karim Merali
2025-06-26	PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)	6	REMOTE	Mohammed Idrees Banyamer
2025-06-20	Ingress-NGINX 4.11.0 - Remote Code Execution (RCE)	36	REMOTE	Likhith Appalaneni
2025-06-20	FortiOS SSL-VPN 7.4.4 - Insufficient Session Expiration & Cookie Reuse	14	REMOTE	Shahid Hakim
2025-06-15	WebDAV Windows 10 - Remote Code Execution (RCE)	27	REMOTE	Dev Bui Hieu
2025-06-15	AirKeyboard iOS App 1.0.5 - Remote Input Injection	13	REMOTE	Chokri Hammedi
2025-06-15	Windows 11 SMB Client - Privilege Escalation & Remote Code Execution (RCE)	16	REMOTE	Mohammed Idrees Banyamer

Local Exploits

Date	Description		Plat.	Author
2025-06-20	Microsoft Excel LTSC 2024 - Remote Code Execution (RCE)	19	LOCAL	nu11secur1ty
2025-06-15	Microsoft Excel Use After Free - Local Code Execution	11	LOCAL	nu11secur1ty
2025-06-15	Parrot and DJI variants Drone OSes - Kernel Panic Exploit	9	LOCAL	Mohammed Idrees Banyamer
2025-06-09	TightVNC 2.8.83 - Control Pipe Manipulation	16	LOCAL	Ionut Zevedei
2025-06-09	Microsoft Windows 11 Version 24H2 Cross Device Service - Elevation of Privilege	24	LOCAL	Mohammed Idrees Banyamer
2025-06-05	macOS LaunchDaemon iOS 17.2 - Privilege Escalation	13	LOCAL	Mohammed Idrees Banyamer
2025-05-25	ABB Cylon Aspect Studio 3.08.03 - Binary Planting	7	LOCAL	LiquidWorm
2025-05-25	Microsoft Windows Server 2016 - Win32k Elevation of Privilege	7	LOCAL	Milad karimi
2025-05-18	Zyxel USG FLEX H series uOS 1.31 - Privilege Escalation	10	LOCAL	Marco Ivaldi
2025-05-13	TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow	11	LOCAL	Mohamed Maatallah

Web Applications

Date	Description		Plat.	Author
2025-06-26	Social Warfare WordPress Plugin 3.5.2 - Remote Code Execution (RCE)	12	WEB	Huseyin Mardinli
2025-06-26	Sitecore 10.4 - Remote Code Execution (RCE)	5	WEB	Yesith Alvarez
2025-06-26	Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)	3	WEB	Zen-kun04
2025-06-15	Skyvern 0.1.85 - Remote Code Execution (RCE) via SSTI	27	WEB	Cristian Branet
2025-06-15	PHP CGI Module 8.3.4 - Remote Code Execution (RCE)	21	WEB	İbrahimsql
2025-06-15	Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation	9	WEB	Milad karimi
2025-06-15	Anchor CMS 0.12.7 - Stored Cross Site Scripting (XSS)	10	WEB	/bin/neko
2025-06-13	Roundcube 1.6.10 - Remote Code Execution (RCE)	26	WEB	Maksim Rogov
2025-06-09	Laravel Pulse 1.3.1 - Arbitrary Code Injection	19	WEB	Mohammed Idrees Banyamer
2025-06-05	CloudClassroom PHP Project 1.0 - SQL Injection	13	WEB	Sanjay Singh

DoS/PoC

Date	Description		Plat.	Author
2024-08-28	Windows TCP/IP - RCE Checker and Denial of Service	12	DOS	Photubias
2024-03-28	RouterOS 6.40.5 - 6.44 and 6.48.1 - 6.49.10 - Denial of Service	7	DOS	ice-wzl
2024-02-26	Wyrestorm Apollo VX20 < 1.3.58 - Incorrect Access Control 'DoS'	7	DOS	hyp3rlinx
2024-02-19	XAMPP - Buffer Overflow POC	10	DOS	Talson
2024-02-13	VIMESA VHF/FM Transmitter Blue Plus 9.7.1 (doreboot) - Remote Denial Of Service	10	DOS	LiquidWorm
2024-02-09	Elasticsearch - StackOverflow DoS	10	DOS	TOUHAMI Kasbaoui
2024-02-02	Electrolink FM/DAB/TV Transmitter - Unauthenticated Remote DoS	10	DOS	LiquidWorm
2023-10-09	OpenPLC WebServer 3 - Denial of Service	9	DOS	Kai Feng
2023-10-09	Tinycontrol LAN Controller v3 (LK3) 1.58a - Remote Denial Of Service	7	DOS	LiquidWorm
2023-09-08	SyncBreeze 15.2.24 - 'login' Denial of Service	9	DOS	mohamed youssef

Shellcode

Date	Description		Plat.	Author
2025-05-21	Windows 11 x64 - Reverse TCP Shellcode (564 bytes)	21	SHELLCODE	Victor Huerlimann
2025-05-21	Linux/x86 - Reverse TCP Shellcode (95 bytes)	12	SHELLCODE	Al Baradi Joy
2025-05-21	Linux/x86-64 - execve(_/bin/sh_) Shellcode (36 bytes)	14	SHELLCODE	Sayan Ray
2023-09-08	Windows/x64 - PIC Null-Free TCP Reverse Shell Shellcode (476 Bytes)	5	SHELLCODE	Senzee
2023-08-21	Linux/x64 - memfd_create ELF loader Shellcode (170 bytes)	4	SHELLCODE	Ivan Nikolsky
2023-07-28	Windows/x64 - PIC Null-Free Calc.exe Shellcode (169 Bytes)	10	SHELLCODE	Senzee
2023-04-25	Windows/x64 - Delete File shellcode / Dynamic PEB method null-free Shellcode	5	SHELLCODE	Nayani
2023-04-05	Linux/x86_64 - bash Shellcode with xor encoding	6	SHELLCODE	Jeenika Anadani
2023-04-03	Windows/x86 - Create Administrator User / Dynamic PEB & EDT method null-free She	6	SHELLCODE	Xavi Beltran
2023-04-01	FlipRotation v1.0 decoder - Shellcode (146 bytes)	5	SHELLCODE	Eduardo Silva

Papers

Date	Description		Plat.	Author
2018-11-16	The Powerful Resource of PHP Stream Wrappers	617	PAPERS	Netsparker
2018-11-01	Phrack: Viewer Discretion Advised: (De)coding an iOS Kernel Vulnerability (Adam	558	PAPERS	phrack
2018-10-09	A Red Teamer’s guide to pivoting	462	PAPERS	Artem Kondratenko
2018-10-08	Phrack: Twenty years of Escaping the Java Sandbox (Ieu Eauvidoum & disk noise)	1497	PAPERS	phrack
2018-01-15	Phrack: .NET Instrumentation via MSIL bytecode injection (Antonio "s4tan" Parata	1368	PAPERS	phrack
2017-08-28	Abusing Token Privileges For LPE	852	PAPERS	drone and breenmachine
2017-01-12	OpenSSL - Weak KDF	946	PAPERS	anonymous
2014-08-27	SSDP Amplification Scanner	711	PAPERS	SaMaN
2014-06-26	[Hacking-Contest] SSH Server wrapper	667	PAPERS	Jakob Lell
2012-03-20	Full MSSQL Injection PWNage	870	PAPERS	CWH Underground