CVE & Exploit Intelligence Database

Updated 55m ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

337,123 CVEs tracked 53,219 with exploits 4,686 exploited in wild 1,539 CISA KEV 3,912 Nuclei templates 37,757 vendors 42,422 researchers
86 results Clear all
CVE-2020-37160 6.2 MEDIUM 1 PoC Analysis EPSS 0.00
SprintWork 2.3.1 - Privilege Escalation
SprintWork 2.3.1 contains multiple local privilege escalation vulnerabilities through insecure file, service, and folder permissions on Windows systems. Local unprivileged users can exploit missing executable files and weak service configurations to create a new administrative user and gain complete system access.
CWE-276 Feb 07, 2026
CVE-2020-37129 9.8 CRITICAL 1 PoC Analysis EPSS 0.00
Memu Play 7.1.3 - Privilege Escalation
Memu Play 7.1.3 contains an insecure folder permissions vulnerability that allows low-privileged users to modify the MemuService.exe executable. Attackers can replace the service executable with a malicious file during system restart to gain SYSTEM-level privileges by exploiting unrestricted file modification permissions.
CWE-276 Feb 05, 2026
CVE-2025-69604 7.8 HIGH 1 PoC Analysis EPSS 0.00
Shirt-pocket Superduper! < 3.12 - Incorrect Default Permissions
An issue in Shirt Pocket's SuperDuper! 3.11 and earlier allow a local attacker to modify the default task template to install an arbitrary package that can run shell scripts with root privileges and Full Disk Access, thus bypassing macOS privacy controls.
CWE-276 Jan 29, 2026
CVE-2021-47852 8.8 HIGH 1 PoC Analysis EPSS 0.00
Rockstar Games Launcher <1.0.37.349 - Privilege Escalation
Rockstar Games Launcher 1.0.37.349 contains a privilege escalation vulnerability that allows authenticated users to modify the service executable with weak permissions. Attackers can replace the RockstarService.exe with a malicious binary to create a new administrator user and gain elevated system access.
CWE-276 Jan 21, 2026
CVE-2021-47761 7.8 HIGH 1 PoC Analysis EPSS 0.00
MilleGPG5 5.7.2 - Privilege Escalation
MilleGPG5 5.7.2 contains a local privilege escalation vulnerability that allows authenticated users to modify service executable files in the MariaDB bin directory. Attackers can replace the mysqld.exe with a malicious executable, which will execute with system privileges when the computer restarts.
CWE-276 Jan 15, 2026
CVE-2025-61229 7.8 HIGH 1 PoC Analysis EPSS 0.00
Shirt Pocket's SuperDuper! <3.10 - Privilege Escalation
An issue in Shirt Pocket's SuperDuper! 3.10 and earlier allow a local attacker to modify the default task template to execute an arbitrary preflight script with root privileges and Full Disk Access, thus bypassing macOS privacy controls.
CWE-284 Dec 01, 2025
CVE-2025-45467 7.1 HIGH 1 PoC Analysis EPSS 0.00
Unitree Go1 Firmware - Incorrect Default Permissions
Unitree Go1 <= Go1_2022_05_11 is vulnerable to Insecure Permissions as the firmware update functionality (via Wi-Fi/Ethernet) implements an insecure verification mechanism that solely relies on MD5 checksums for firmware integrity validation.
CWE-276 Jul 25, 2025
CVE-2025-0886 7.8 HIGH 1 PoC Analysis EPSS 0.00
Elliptic Labs Virtual Lock Sensor - Privilege Escalation
An incorrect permissions vulnerability was reported in Elliptic Labs Virtual Lock Sensor that could allow a local, authenticated user to escalate privileges.
CWE-276 Jul 17, 2025
CVE-2025-49144 7.3 HIGH 10 PoCs Analysis EPSS 0.00
Notepad++ <8.8.1 - Privilege Escalation
Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social engineering or clickjacking to trick users into downloading both the legitimate installer and a malicious executable to the same directory (typically Downloads folder - which is known as Vulnerable directory). Upon running the installer, the attack executes automatically with SYSTEM privileges. This issue has been fixed and will be released in version 8.8.2.
CWE-276 Jun 23, 2025
CVE-2025-2502 7.8 HIGH 1 PoC Analysis EPSS 0.00
Lenovo Pcmanager < 5.1.110.5082 - Incorrect Default Permissions
An improper default permissions vulnerability was reported in Lenovo PC Manager that could allow a local attacker to elevate privileges.
CWE-276 May 30, 2025
CVE-2025-4660 9.8 CRITICAL 1 PoC Analysis EPSS 0.02
SecureConnector - RCE
A remote code execution vulnerability exists in the Windows agent component of SecureConnector due to improper access controls on a named pipe. The pipe is accessible to the Everyone group and does not restrict remote connections, allowing any network-based attacker to connect without authentication. By interacting with this pipe, an attacker can redirect the agent to communicate with a rogue server that can issue commands via the SecureConnector Agent.  This does not impact Linux or OSX Secure Connector.
CWE-276 May 13, 2025
CVE-2025-29504 7.8 HIGH 1 PoC EPSS 0.00
Huang-yk Student-manage - Incorrect Default Permissions
Insecure Permission vulnerability in student-manage 1 allows a local attacker to escalate privileges via the Unsafe permission verification.
CWE-276 Apr 03, 2025
CVE-2024-55215 9.8 CRITICAL 1 PoC Analysis EPSS 0.02
Jrohy Trojan < 2.15.3 - Incorrect Default Permissions
An issue in trojan v.2.0.0 through v.2.15.3 allows a remote attacker to escalate privileges via the initialization interface /auth/register.
CWE-276 Feb 07, 2025
CVE-2021-27285 8.4 HIGH 1 PoC Analysis EPSS 0.00
Inspur ClusterEngine <4.0 - Privilege Escalation
An issue was discovered in Inspur ClusterEngine v4.0 that allows attackers to gain escalated Local privileges and execute arbitrary commands via /opt/tsce4/torque6/bin/getJobsByShell.
CWE-276 Jan 06, 2025
CVE-2024-50657 6.8 MEDIUM 1 PoC Analysis EPSS 0.02
Owncloud Android <4.3.1 - Privilege Escalation
An issue in Owncloud android apk v.4.3.1 allows a physically proximate attacker to escalate privileges via the PassCodeViewModel class, specifically in the checkPassCodeIsValid method
CWE-276 Nov 22, 2024
CVE-2024-39924 8.8 HIGH 1 PoC Analysis EPSS 0.00
Dani-garcia Vaultwarden - Incorrect Default Permissions
An issue was discovered in Vaultwarden (formerly Bitwarden_RS) 1.30.3. A vulnerability has been identified in the authentication and authorization process of the endpoint responsible for altering the metadata of an emergency access. It permits an attacker with granted emergency access to escalate their privileges by changing the access level and modifying the wait time. Consequently, the attacker can gain full control over the vault (when only intended to have read access) while bypassing the necessary wait period.
CWE-276 Sep 13, 2024
CVE-2024-44760 7.5 HIGH 1 PoC Analysis EPSS 0.00
Shenzhou News Union Enterprise Management System <18.8 - Info Discl...
Incorrect access control in the component /servlet/SnoopServlet of Shenzhou News Union Enterprise Management System v5.0 through v18.8 allows attackers to access sensitive information regarding the server.
CWE-276 Aug 28, 2024
CVE-2024-34223 4.3 MEDIUM 1 PoC Analysis EPSS 0.00
SourceCodester HRMS 1.0 - Info Disclosure
Insecure permission vulnerability in /hrm/leaverequest.php in SourceCodester Human Resource Management System 1.0 allow attackers to approve or reject leave ticket.
CWE-276 May 14, 2024
CVE-2024-34221 8.8 HIGH 1 PoC Analysis EPSS 0.00
Sourcecodester HRMS 1.0 - Privilege Escalation
Sourcecodester Human Resource Management System 1.0 is vulnerable to Insecure Permissions resulting in privilege escalation.
CWE-276 May 14, 2024
CVE-2023-46870 7.3 HIGH 1 PoC Analysis EPSS 0.00
Nordic Semiconductor nRF Sniffer for Bluetooth LE <4.1.1 - RCE
extcap/nrf_sniffer_ble.py, extcap/nrf_sniffer_ble.sh, extcap/SnifferAPI/*.py in Nordic Semiconductor nRF Sniffer for Bluetooth LE 3.0.0, 3.1.0, 4.0.0, 4.1.0, and 4.1.1 have set incorrect file permission, which allows attackers to do code execution via modified bash and python scripts.
CWE-276 May 14, 2024

Investigate

Critical + Public Exploits Exploited in Wild + PoC High EPSS (>=0.7) + PoC With Nuclei Templates Latest Public Exploits

Ecosystems

Linux Maven Packagist PyPI npm Go ecosystem RubyGems crates.io NuGet Hex SwiftURL GitHub Actions

Reference Indexes

Exploit Database Researchers Vendors CWE Categories

Recent Blog Posts

CVE-2026-28391: OpenClaw Command Injection - The Day I Hacked Myself
Mar 09, 2026
Introducing FuzzForge: Autonomous Source-Code Fuzzing - Finding Bugs in nginx in 112 Minutes
Mar 08, 2026
CVE-2025-68670 Part 2: From Crash to RCE - The One That Fought Back (and Lost)
Mar 04, 2026
CVE-2025-68670: Pre-Auth xrdp Overflow - The One Where the Protocol Fought Back
Mar 04, 2026
CVE-2025-62507: Redis Stack Overflow to RCE in 68 Minutes - Then We Turned ASLR On
Mar 03, 2026
CVE-2025-15467: From OpenSSL Stack Overflow to Three ROP Chains in 64 Minutes - Introducing Stackforge
Mar 03, 2026
 View all posts →

CVEForge Labs

CVE-2016-15057 CRITICAL
Apache Continuum - Command Injection
CVE-2021-32824 CRITICAL
Apache Dubbo <2.6.10-2.7.10 - RCE
CVE-2023-42117 CRITICAL
Exim < 4.96.2 - Remote Code Execution
CVE-2024-31866 CRITICAL
Apache Zeppelin <0.11.1 - RCE
CVE-2024-37288 CRITICAL
Elastic Kibana - Insecure Deserialization
CVE-2024-43115 HIGH
Apache DolphinScheduler <3.2.2 - RCE
CVE-2024-45409 CRITICAL
Ruby-SAML <=1.16.0 - Auth Bypass
CVE-2024-56143 HIGH
Strapi < 5.5.2 - IDOR
CVE-2025-10622 HIGH
Red Hat Satellite - Command Injection
CVE-2025-11539 CRITICAL
Grafana Image Renderer - RCE
 View all labs →

KEV Gaps

CVE-2026-1603
Ivanti Endpoint Manager < 2024 - Authentication Bypass
 CVE-2023-43000
macOS Ventura <13.5-iPadOS <16.6-Safari <16.6 - Use After Free
 CVE-2021-30952
tvOS <15.2 - RCE
 CVE-2021-22681
Rockwell Automation Studio 5000 <21 - Path Traversal
 CVE-2026-22719
VMware Aria Operations - Command Injection
 CVE-2026-25108
FileZen - Command Injection
 CVE-2026-22769
Dell RecoverPoint <6.0.3.1 HF1 - Auth Bypass
 CVE-2021-22175
Gitlab < 13.6.7 - SSRF
 CVE-2024-7694
Teamt5 Threatsonar Anti-ransomware < 3.5.0 - Unrestricted File Upload
 CVE-2020-7796
Zimbra Collaboration Suite <8.8.15 Patch 7 - SSRF
 CVE-2026-21525
Microsoft Windows 10 1607 < 10.0.14393.8868 - NULL Pointer Dereference
 CVE-2026-21519
Microsoft Windows 10 1607 < 10.0.14393.8868 - Type Confusion