The Exploit Database

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.

Remote Exploits

Date	Description		Plat.	Author
2026-02-11	Windows 10.0.17763.7009 - spoofing vulnerability	112	REMOTE	beatrizfn
2026-02-04	windows 10/11 - NTLM Hash Disclosure Spoofing	74	REMOTE	beatrizfn
2026-02-04	Redis 8.0.2 - RCE	115	REMOTE	Beatriz Fresno Naumova
2026-02-04	Ingress-NGINX Admission Controller v1.11.1 - FD Injection to RCE	78	REMOTE	Beatriz Fresno Naumova
2025-09-16	Ilevia EVE X1/X5 Server 4.7.18.0.eden - Reverse Rootshell	316	REMOTE	LiquidWorm
2025-09-16	ClipBucket 5.5.0 - Arbitrary File Upload	230	REMOTE	Mukundsinh Solanki (r00td3str0y3r)
2025-09-16	ClipBucket 5.5.2 Build #90 - Server-Side Request Forgery (SSRF)	142	REMOTE	Mukundsinh Solanki (r00td3str0y3r)
2025-09-16	HTTP/2 2.0 - Denial Of Service (DOS)	135	REMOTE	Madhusudhan Rajappa
2025-09-16	HTMLDOC 1.9.13 - Stack Buffer Overflow	121	REMOTE	wulfgarpro
2025-08-26	GeoVision ASManager Windows Application 6.1.2.0 - Remote Code Execution (RCE)	237	REMOTE	Giorgi Dograshvili

Local Exploits

Date	Description		Plat.	Author
2026-04-08	7-Zip 24.00 - Directory Traversal	3	LOCAL	Mohammed Idrees Banyamer
2026-04-08	SQLite 3.50.1 - Heap Overflow	6	LOCAL	Mohammed Idrees Banyamer
2026-04-08	Microsoft MMC MSC EvilTwin - Local Admin Creation	5	LOCAL	Mohammed Idrees Banyamer
2026-04-06	is-localhost-ip 2.0.0 - SSRF	10	LOCAL	nu11secur1ty
2026-04-06	Windows Kernel - Elevation of Privilege	6	LOCAL	E1 Coders
2026-04-06	Desktop Window Manager Core Library 10.0.10240.0 - Privilege Escalation	9	LOCAL	nu11secur1ty
2026-02-11	glibc 2.38 - Buffer Overflow	53	LOCAL	Beatriz Fresno Naumova
2026-02-04	Docker Desktop 4.44.3 - Unauthenticated API Exposure	54	LOCAL	aprillefou
2025-09-16	Microsoft Windows Server 2025 Hyper-V NT Kernel Integration VSP - Elevation of P	178	LOCAL	Milad Karimi (Ex3ptionaL)
2025-09-16	Mbed TLS 3.6.4 - Use-After-Free	98	LOCAL	Byte Reaper

Web Applications

Date	Description		Plat.	Author
2026-04-08	FortiWeb 8.0.2 - Remote Code Execution	6	WEB	Mohammed Idrees Banyamer
2026-04-08	xibocms 3.3.4 - RCE	4	WEB	complexusprada
2026-04-08	Horilla v1.3 - RCE	5	WEB	nakleh
2026-04-06	Fortinet FortiWeb v8.0.1 - Auth Bypass	8	WEB	nu11secur1ty
2026-04-06	ASP.net 8.0.10 - Bypass	12	WEB	Mohammed Idrees Banyamer
2026-04-06	Grafana 11.6.0 - SSRF	12	WEB	Beatriz Fresno Naumova
2026-04-06	Zhiyuan OA - arbitrary file upload leading	8	WEB	Beatriz Fresno Naumova
2026-04-06	WBCE CMS 1.6.4 - Remote Code Execution	7	WEB	red
2026-04-06	RiteCMS 3.1.0 - Authenticated Remote Code Execution	6	WEB	red
2026-04-06	WordPress Madara - Local File Inclusion	11	WEB	Beatriz Fresno Naumova

DoS/PoC

Date	Description		Plat.	Author
2025-07-28	Xlight FTP 1.1 - Denial Of Service (DOS)	124	DOS	Fernando Mengali
2024-08-28	Windows TCP/IP - RCE Checker and Denial of Service	117	DOS	Photubias
2024-03-28	RouterOS 6.40.5 - 6.44 and 6.48.1 - 6.49.10 - Denial of Service	112	DOS	ice-wzl
2024-02-26	Wyrestorm Apollo VX20 < 1.3.58 - Incorrect Access Control 'DoS'	103	DOS	hyp3rlinx
2024-02-19	XAMPP - Buffer Overflow POC	100	DOS	Talson
2024-02-13	VIMESA VHF/FM Transmitter Blue Plus 9.7.1 (doreboot) - Remote Denial Of Service	100	DOS	LiquidWorm
2024-02-09	Elasticsearch - StackOverflow DoS	114	DOS	TOUHAMI Kasbaoui
2024-02-02	Electrolink FM/DAB/TV Transmitter - Unauthenticated Remote DoS	121	DOS	LiquidWorm
2023-10-09	OpenPLC WebServer 3 - Denial of Service	81	DOS	Kai Feng
2023-10-09	Tinycontrol LAN Controller v3 (LK3) 1.58a - Remote Denial Of Service	101	DOS	LiquidWorm

Shellcode

Date	Description		Plat.	Author
2025-08-04	Linux/x86_64 - execve(_/bin/sh__[_-c__cmd]_NULL) Arbitrary Command Execution She	155	SHELLCODE	Muzaffer Umut ŞAHİN
2025-05-21	Windows 11 x64 - Reverse TCP Shellcode (564 bytes)	229	SHELLCODE	Victor Huerlimann
2025-05-21	Linux/x86 - Reverse TCP Shellcode (95 bytes)	155	SHELLCODE	Al Baradi Joy
2025-05-21	Linux/x86-64 - execve(_/bin/sh_) Shellcode (36 bytes)	131	SHELLCODE	Sayan Ray
2023-09-08	Windows/x64 - PIC Null-Free TCP Reverse Shell Shellcode (476 Bytes)	104	SHELLCODE	Senzee
2023-08-21	Linux/x64 - memfd_create ELF loader Shellcode (170 bytes)	117	SHELLCODE	Ivan Nikolsky
2023-07-28	Windows/x64 - PIC Null-Free Calc.exe Shellcode (169 Bytes)	111	SHELLCODE	Senzee
2023-04-25	Windows/x64 - Delete File shellcode / Dynamic PEB method null-free Shellcode	110	SHELLCODE	Nayani
2023-04-05	Linux/x86_64 - bash Shellcode with xor encoding	95	SHELLCODE	Jeenika Anadani
2023-04-03	Windows/x86 - Create Administrator User / Dynamic PEB & EDT method null-free She	116	SHELLCODE	Xavi Beltran

Papers

Date	Description		Plat.	Author
2018-11-16	The Powerful Resource of PHP Stream Wrappers	739	PAPERS	Netsparker
2018-11-01	Phrack: Viewer Discretion Advised: (De)coding an iOS Kernel Vulnerability (Adam	664	PAPERS	phrack
2018-10-09	A Red Teamer’s guide to pivoting	608	PAPERS	Artem Kondratenko
2018-10-08	Phrack: Twenty years of Escaping the Java Sandbox (Ieu Eauvidoum & disk noise)	1596	PAPERS	phrack
2018-01-15	Phrack: .NET Instrumentation via MSIL bytecode injection (Antonio "s4tan" Parata	1463	PAPERS	phrack
2017-08-28	Abusing Token Privileges For LPE	990	PAPERS	drone and breenmachine
2017-01-12	OpenSSL - Weak KDF	1038	PAPERS	anonymous
2014-08-27	SSDP Amplification Scanner	784	PAPERS	SaMaN
2014-06-26	[Hacking-Contest] SSH Server wrapper	758	PAPERS	Jakob Lell
2012-03-20	Full MSSQL Injection PWNage	1008	PAPERS	CWH Underground