Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

AI PoC Generator & CVE Exploit Database

We aggregate public proof-of-concept (PoC) code from GitHub and the security community, and use a Shenlong Agent (LLM-based) pipeline to generate technical PoC walk-throughs for high-severity CVEs. Public PoCs are free; AI-generated PoCs are a Pro / Pro+ feature. Each entry links back to its source CVE detail page for full context, references, and patches.

最新 POC 列表

Public POCs are scraped from GitHub / security community. AI Exclusive POCs are generated by Shenlong Agent — paid content.Public POCs are scraped from GitHub / security community. AI Exclusive POCs are generated by Shenlong Agent — paid content.
Shenlong AI Exclusive POCs are paid content. Logged-in users get 3 free unlocks/month; upgrade to Pro for unlimited access.Shenlong AI Exclusive POCs are paid content. Logged-in users get 3 free unlocks/month; upgrade to Pro for unlimited access. Log in / View plans
CVE-2026-1119itsourcecode Society Management System delete_activity.php sql injection AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 6272 chars · 2026-04-24 03:54
CVE-2021-47865ProFTPD 1.3.7a - Remote Denial of Service AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 7797 chars · 2026-04-24 03:53
CVE-2026-23950node-tar has Race Condition in Path Reservations via Unicode Ligature Collisions on macOS APFS AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 7591 chars · 2026-04-24 03:53
CVE-2026-1130Yonyou KSOA HTTP GET Parameter worksadd_plan.jsp sql injection AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 6116 chars · 2026-04-24 03:53
CVE-2026-23742Skipper arbitrary code execution through lua filters AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 9068 chars · 2026-04-24 03:53
CVE-2026-23535wlc Path traversal: Unsanitized API slugs in download command AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 9873 chars · 2026-04-24 03:53
CVE-2026-24049wheel Allows Arbitrary File Permission Modification via Path Traversal AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 7790 chars · 2026-04-24 03:50
CVE-2026-22774devalue vulnerable to denial of service due to memory exhaustion in devalue.parse AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 29027 chars · 2026-04-24 03:50
CVE-2026-22265Roxy-WI has a Command Injection via grep parameter in logs.py allows authenticated RCE AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 8738 chars · 2026-04-24 03:50
CVE-2025-66292DPanel has an arbitrary file deletion vulnerability in /api/common/attach/delete interface AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 8007 chars · 2026-04-24 03:50
CVE-2026-22686Sandbox Escape via Host Error Prototype Chain in enclave-vm AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 7639 chars · 2026-04-24 03:50
CVE-2026-22861iccDEV has a heap-buffer-overflow in SIccCalcOp::Describe() at IccProfLib/IccMpeCalc.cpp AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 8950 chars · 2026-04-24 03:48
CVE-2026-22788WebErpMesv2 allows unauthenticated API Access AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 9852 chars · 2026-04-24 03:48
CVE-2026-0851code-projects Online Music Site AdminAddUser.php sql injection AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 5827 chars · 2026-04-24 03:48
CVE-2026-0852code-projects Online Music Site AdminUpdateUser.php sql injection AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 5204 chars · 2026-04-24 03:48
CVE-2025-15502Sangfor Operation and Maintenance Management System session SessionController os command injection AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 7254 chars · 2026-04-24 03:45
CVE-2025-15503Sangfor Operation and Maintenance Management System common.jsp unrestricted upload AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 8507 chars · 2026-04-24 03:45
CVE-2026-22704HAXcms Has Stored XSS Vulnerability that May Lead to Account Takeover AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 6847 chars · 2026-04-24 03:45
CVE-2026-22700RustCrypto Has Insufficient Length Validation in decrypt() in SM2-PKE AI Paid
Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf · 9437 chars · 2026-04-24 03:45