AI PoC Generator & CVE Exploit Database

We aggregate public proof-of-concept (PoC) code from GitHub and the security community, and use a Shenlong Agent (LLM-based) pipeline to generate technical PoC walk-throughs for high-severity CVEs. Public PoCs are free; AI-generated PoCs are a Pro / Pro+ feature. Each entry links back to its source CVE detail page for full context, references, and patches.

最新 POC 列表

Public POCs are scraped from GitHub / security community. AI Exclusive POCs are generated by Shenlong Agent — paid content.Public POCs are scraped from GitHub / security community. AI Exclusive POCs are generated by Shenlong Agent — paid content.

Shenlong AI Exclusive POCs are paid content. Logged-in users get 3 free unlocks/month; upgrade to Pro for unlimited access.Shenlong AI Exclusive POCs are paid content. Logged-in users get 3 free unlocks/month; upgrade to Pro for unlimited access. Log in / View plans

CVE-2026-32857Firecrawl Playwright Service SSRF Protection Bypass via Missing Post-Redirect Validation AI Paid

kimi-k2.5 · 12343 chars · 2026-04-24 05:48

查看详情

CVE-2026-32763SQL Injection via unsanitized JSON path keys when ignoring/silencing compilation errors or using `Kysely<any>`. AI Paid

kimi-k2.5 · 6756 chars · 2026-04-24 05:48

查看详情

CVE-2026-32711pydicom: Path traversal in FileSet/DICOMDIR ReferencedFileID allows file access outside the File-set root AI Paid

kimi-k2.5 · 9751 chars · 2026-04-24 05:42

查看详情

Goal Reached Thanks to every supporter — we hit 100%!

AI PoC Generator & CVE Exploit Database

最新 POC 列表

CVE-2026-32857Firecrawl Playwright Service SSRF Protection Bypass via Missing Post-Redirect Validation AI Paid

CVE-2026-32763SQL Injection via unsanitized JSON path keys when ignoring/silencing compilation errors or using `Kysely<any>`. AI Paid

CVE-2026-28416Gradio has SSRF via Malicious `proxy_url` Injection in `gr.load()` Config Processing AI Paid

CVE-2026-5564code-projects Simple Laundry System Parameter searchguest.php sql injection AI Paid

CVE-2026-33505Ory Keto has a SQL injection via forged pagination tokens AI Paid

CVE-2026-32873ewe: Loop with Unreachable Exit Condition ('Infinite Loop') AI Paid

CVE-2026-32767SiYuan: Authorization Bypass Allows Arbitrary SQL Execution via Search API AI Paid

CVE-2026-28425Statamic vulnerable to remote code execution via Antlers-enabled control panel inputs AI Paid

CVE-2026-3152itsourcecode College Management System teacher-salary.php sql injection AI Paid

CVE-2026-33149Tandoor Recipes Vulnerable to Host Header Injection AI Paid

CVE-2026-32874UltraJSON has a Memory Leak parsing large integers allows DoS AI Paid

CVE-2026-32711pydicom: Path traversal in FileSet/DICOMDIR ReferencedFileID allows file access outside the File-set root AI Paid

CVE-2026-3376Tenda F453 SafeMacFilter fromSafeMacFilter buffer overflow AI Paid

CVE-2026-3151itsourcecode College Management System login.php sql injection AI Paid

CVE-2026-33645Fireshare has Path Traversal Arbitrary File Write in `/api/uploadChunked` AI Paid

CVE-2026-33506DOM-Based XSS in Ory Polis Login Page AI Paid

CVE-2026-32875UltraJSON has an integer overflow handling large indent leads to buffer overflow or infinite loop AI Paid

CVE-2026-3377Tenda F453 SafeUrlFilter fromSafeUrlFilter buffer overflow AI Paid

CVE-2026-27696changedetection.io Vulnerable to Server-Side Request Forgery (SSRF) via Watch URLs AI Paid

CVE-2026-5128编号撤回 AI Paid