The Exploit Database

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.

Remote Exploits

Date	Description		Plat.	Author
2026-02-11	Windows 10.0.17763.7009 - spoofing vulnerability	210	REMOTE	beatrizfn
2026-02-04	windows 10/11 - NTLM Hash Disclosure Spoofing	90	REMOTE	beatrizfn
2026-02-04	Redis 8.0.2 - RCE	149	REMOTE	Beatriz Fresno Naumova
2026-02-04	Ingress-NGINX Admission Controller v1.11.1 - FD Injection to RCE	91	REMOTE	Beatriz Fresno Naumova
2025-09-16	Ilevia EVE X1/X5 Server 4.7.18.0.eden - Reverse Rootshell	330	REMOTE	LiquidWorm
2025-09-16	ClipBucket 5.5.0 - Arbitrary File Upload	242	REMOTE	Mukundsinh Solanki (r00td3str0y3r)
2025-09-16	ClipBucket 5.5.2 Build #90 - Server-Side Request Forgery (SSRF)	155	REMOTE	Mukundsinh Solanki (r00td3str0y3r)
2025-09-16	HTTP/2 2.0 - Denial Of Service (DOS)	147	REMOTE	Madhusudhan Rajappa
2025-09-16	HTMLDOC 1.9.13 - Stack Buffer Overflow	132	REMOTE	wulfgarpro
2025-08-26	GeoVision ASManager Windows Application 6.1.2.0 - Remote Code Execution (RCE)	246	REMOTE	Giorgi Dograshvili

Local Exploits

Date	Description		Plat.	Author
2026-04-30	Google Chrome 145.0.7632.75 - CSSFontFeatureValuesMap	10	LOCAL	nu11secur1ty
2026-04-30	Windows 11 23H2 - Denial of Service (DoS)	7	LOCAL	tryhardertryh
2026-04-30	Windows 11 25H2 - Heap Overflow	9	LOCAL	nu11secur1ty
2026-04-29	GNU InetUtils 2.6 - Telnetd Remote Privilege Escalation	8	LOCAL	aliguliyev
2026-04-29	OpenWrt 23.05 - Authenticated Remote Code Execution (RCE)	6	LOCAL	Ahmet Mersin
2026-04-29	Fedora - Local Privilege Escalation	8	LOCAL	Chris
2026-04-29	Atlona ATOMERX21 - Authenticated Command Injection	8	LOCAL	rizzziom
2026-04-22	Throttlestop Kernel Driver - Kernel Out-of-Bounds Write Privilege Escalation	17	LOCAL	Xavi Beltran
2026-04-22	AVAST Antivirus 25.11 - Unquoted Service Path	17	LOCAL	Milad Karimi (Ex3ptionaL)
2026-04-10	NetBT e-Fatura - Privilege Escalation	32	LOCAL	seccops

Web Applications

Date	Description		Plat.	Author
2026-04-30	FUXA 1.2.8 - Authentication Bypass + RCE Exploit	7	WEB	joshua
2026-04-30	Python-Multipart 0.0.22 - Path Traversal	5	WEB	jefersoncardoso.dev
2026-04-30	Repetier-Server 1.4.10 - Path Traversal	6	WEB	banyamer
2026-04-30	HUSTOJ Zip-Slip v26.01.24 - RCE	8	WEB	Marshall Whittaker
2026-04-30	BusyBox 1.37.0 - Path Traversal	5	WEB	Calil Khalil
2026-04-30	JUNG Smart Visu Server 1.1.1050 - Dos	7	WEB	banyamer
2026-04-30	SumatraPDF 3.5.2 - Remote Code Execution	7	WEB	banyamer
2026-04-30	NiceGUI 3.6.1 - Path Traversal	5	WEB	banyamer
2026-04-30	Frigate NVR 0.16.3 - Remote Code Execution	4	WEB	jduardo2704
2026-04-30	Js2Py 0.74 - RCE	6	WEB	alisunbul

DoS/PoC

Date	Description		Plat.	Author
2025-07-28	Xlight FTP 1.1 - Denial Of Service (DOS)	131	DOS	Fernando Mengali
2024-08-28	Windows TCP/IP - RCE Checker and Denial of Service	138	DOS	Photubias
2024-03-28	RouterOS 6.40.5 - 6.44 and 6.48.1 - 6.49.10 - Denial of Service	118	DOS	ice-wzl
2024-02-26	Wyrestorm Apollo VX20 < 1.3.58 - Incorrect Access Control 'DoS'	111	DOS	hyp3rlinx
2024-02-19	XAMPP - Buffer Overflow POC	111	DOS	Talson
2024-02-13	VIMESA VHF/FM Transmitter Blue Plus 9.7.1 (doreboot) - Remote Denial Of Service	112	DOS	LiquidWorm
2024-02-09	Elasticsearch - StackOverflow DoS	124	DOS	TOUHAMI Kasbaoui
2024-02-02	Electrolink FM/DAB/TV Transmitter - Unauthenticated Remote DoS	135	DOS	LiquidWorm
2023-10-09	OpenPLC WebServer 3 - Denial of Service	89	DOS	Kai Feng
2023-10-09	Tinycontrol LAN Controller v3 (LK3) 1.58a - Remote Denial Of Service	109	DOS	LiquidWorm

Shellcode

Date	Description		Plat.	Author
2025-08-04	Linux/x86_64 - execve(_/bin/sh__[_-c__cmd]_NULL) Arbitrary Command Execution She	161	SHELLCODE	Muzaffer Umut ŞAHİN
2025-05-21	Windows 11 x64 - Reverse TCP Shellcode (564 bytes)	237	SHELLCODE	Victor Huerlimann
2025-05-21	Linux/x86 - Reverse TCP Shellcode (95 bytes)	167	SHELLCODE	Al Baradi Joy
2025-05-21	Linux/x86-64 - execve(_/bin/sh_) Shellcode (36 bytes)	139	SHELLCODE	Sayan Ray
2023-09-08	Windows/x64 - PIC Null-Free TCP Reverse Shell Shellcode (476 Bytes)	114	SHELLCODE	Senzee
2023-08-21	Linux/x64 - memfd_create ELF loader Shellcode (170 bytes)	127	SHELLCODE	Ivan Nikolsky
2023-07-28	Windows/x64 - PIC Null-Free Calc.exe Shellcode (169 Bytes)	121	SHELLCODE	Senzee
2023-04-25	Windows/x64 - Delete File shellcode / Dynamic PEB method null-free Shellcode	119	SHELLCODE	Nayani
2023-04-05	Linux/x86_64 - bash Shellcode with xor encoding	106	SHELLCODE	Jeenika Anadani
2023-04-03	Windows/x86 - Create Administrator User / Dynamic PEB & EDT method null-free She	126	SHELLCODE	Xavi Beltran

Papers

Date	Description		Plat.	Author
2018-11-16	The Powerful Resource of PHP Stream Wrappers	751	PAPERS	Netsparker
2018-11-01	Phrack: Viewer Discretion Advised: (De)coding an iOS Kernel Vulnerability (Adam	677	PAPERS	phrack
2018-10-09	A Red Teamer’s guide to pivoting	626	PAPERS	Artem Kondratenko
2018-10-08	Phrack: Twenty years of Escaping the Java Sandbox (Ieu Eauvidoum & disk noise)	1609	PAPERS	phrack
2018-01-15	Phrack: .NET Instrumentation via MSIL bytecode injection (Antonio "s4tan" Parata	1482	PAPERS	phrack
2017-08-28	Abusing Token Privileges For LPE	1009	PAPERS	drone and breenmachine
2017-01-12	OpenSSL - Weak KDF	1048	PAPERS	anonymous
2014-08-27	SSDP Amplification Scanner	791	PAPERS	SaMaN
2014-06-26	[Hacking-Contest] SSH Server wrapper	768	PAPERS	Jakob Lell
2012-03-20	Full MSSQL Injection PWNage	1024	PAPERS	CWH Underground