Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

AI PoC Generator & CVE Exploit Database

We aggregate public proof-of-concept (PoC) code from GitHub and the security community, and use a Shenlong Agent (LLM-based) pipeline to generate technical PoC walk-throughs for high-severity CVEs. Public PoCs are free; AI-generated PoCs are a Pro / Pro+ feature. Each entry links back to its source CVE detail page for full context, references, and patches.

最新 POC 列表

Public POCs are scraped from GitHub / security community. AI Exclusive POCs are generated by Shenlong Agent — paid content.Public POCs are scraped from GitHub / security community. AI Exclusive POCs are generated by Shenlong Agent — paid content.
Shenlong AI Exclusive POCs are paid content. Logged-in users get 3 free unlocks/month; upgrade to Pro for unlimited access.Shenlong AI Exclusive POCs are paid content. Logged-in users get 3 free unlocks/month; upgrade to Pro for unlimited access. Log in / View plans
CVE-2026-24404iccDEV has Null Pointer Deference and Undefined Behavior in CIccXmlArrayType() AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 12279 chars · 2026-04-24 04:06
CVE-2026-24129Runtipi is Vulnerable to Authenticated Arbitrary Remote Code Execution AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 9783 chars · 2026-04-24 04:06
CVE-2026-24009Docling Core vulnerable to Remote Code Execution via unsafe PyYAML usage AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 4659 chars · 2026-04-24 04:06
CVE-2026-24006Seroval affected by Denial of Service via Deeply Nested Objects AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 7368 chars · 2026-04-24 04:02
CVE-2026-23965sm-crypto Affected by Signature Forgery in SM2-DSA AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 7770 chars · 2026-04-24 04:02
CVE-2026-23737seroval Affected by Remote Code Execution via JSON Deserialization AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 8299 chars · 2026-04-24 04:02
CVE-2026-23524Laravel Redis Horizontal Scaling Insecure Deserialization AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 6875 chars · 2026-04-24 04:02
CVE-2026-1179Yonyou KSOA HTTP GET Parameter user_popedom.jsp sql injection AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 5808 chars · 2026-04-24 04:02
CVE-2026-1177Yonyou KSOA HTTP GET Parameter save_folder.jsp sql injection AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 5839 chars · 2026-04-24 04:00
CVE-2026-1178Yonyou KSOA HTTP GET Parameter select.jsp sql injection AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 6889 chars · 2026-04-24 04:00
CVE-2026-1176itsourcecode School Management System index.php sql injection AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 7106 chars · 2026-04-24 04:00
CVE-2026-23837MyTube has an Authorization Bypass vulnerability AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 6368 chars · 2026-04-24 04:00
CVE-2026-23846Tugtainer vulnerable to Password Exposure via URL Query Parameter AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 4186 chars · 2026-04-24 04:00
CVE-2026-23949jaraco.context Has a Path Traversal Vulnerability AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 7463 chars · 2026-04-24 04:00
CVE-2026-23876Heap buffer overflow with attacker-controlled data in XBM parser AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 11698 chars · 2026-04-24 04:00
CVE-2026-23843teklifolustur_app's IDOR vulnerability allows unauthorized access to other users' offers AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 8962 chars · 2026-04-24 04:00
CVE-2026-1160PHPGurukul Directory Management System Search index.php sql injection AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 7377 chars · 2026-04-24 04:00
CVE-2026-22031Fastify Middie Middleware Path Bypass AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 6705 chars · 2026-04-24 04:00
CVE-2026-1159itsourcecode Online Frozen Foods Ordering System order_online.php sql injection AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 6877 chars · 2026-04-24 03:57