Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

AI PoC Generator & CVE Exploit Database

We aggregate public proof-of-concept (PoC) code from GitHub and the security community, and use a Shenlong Agent (LLM-based) pipeline to generate technical PoC walk-throughs for high-severity CVEs. Public PoCs are free; AI-generated PoCs are a Pro / Pro+ feature. Each entry links back to its source CVE detail page for full context, references, and patches.

Latest POC List

Public POCs are scraped from GitHub / security community. AI Exclusive POCs are generated by Shenlong Agent — paid content.
Filter
Shenlong AI Exclusive POCs are paid content. Logged-in users get 3 free unlocks/month; upgrade to Pro for unlimited access. Log in / View plans
CVE-2025-5199LPE on Multipass for macOS AIVerified env Paid
Qwen3.6-35B-A3B · 10190 chars · 2026-05-21 01:04
CVE-2026-34241CtrlPanel: Stored XSS in Ticket Reply Notifications Allows Session Hijacking AIVerified env Paid
Qwen3.6-35B-A3B · 8682 chars · 2026-05-21 01:03
CVE-2025-7457Campcodes Online Movie Theater Seat Reservation System manage_movie.php sql injection AIVerified env Paid
Qwen3.6-35B-A3B · 9396 chars · 2026-05-21 01:03
CVE-2026-33633Kitty has a Heap Buffer Overflow in its Graphics Protocol Handler AI Paid
Qwen3.6-35B-A3B · 7981 chars · 2026-05-21 01:03
CVE-2025-7460TOTOLINK T6 HTTP POST Request cstecgi.cgi setWiFiAclRules buffer overflow AIVerified env Paid
Qwen3.6-35B-A3B · 6811 chars · 2026-05-21 01:00
CVE-2026-32740libheif: Heap-Buffer-Overflow Write in Grid Tile Chroma Compositing AI Paid
Qwen3.6-35B-A3B · 8345 chars · 2026-05-21 01:00
CVE-2025-7459code-projects Mobile Shop EditMobile.php sql injection AIVerified env Paid
Qwen3.6-35B-A3B · 7438 chars · 2026-05-21 00:59
CVE-2026-34358CtrlPanel: Missing Authorization on Admin Write Endpoints Allows RBAC Bypass AI Paid
Qwen3.6-35B-A3B · 10191 chars · 2026-05-21 00:56
CVE-2026-43618Rsync < 3.4.3 Integer Overflow Information Disclosure AI Paid
Qwen3.6-35B-A3B · 9802 chars · 2026-05-21 00:56
CVE-2025-7504Friends 3.5.1 - Authenticated (Subscriber+) PHP Object Injection AI Paid
Qwen3.6-35B-A3B · 9051 chars · 2026-05-21 00:56
CVE-2026-47783memcached<1.6.42 SASL时序侧信道漏洞 AI Paid
Qwen3.6-35B-A3B · 11408 chars · 2026-05-21 00:49
CVE-2025-7467code-projects Modern Bag product-detail.php sql injection AIVerified env Paid
Qwen3.6-35B-A3B · 8355 chars · 2026-05-21 00:43
CVE-2025-74661000projects ABC Courier Management add_dealerrequest.php sql injection AI Paid
Qwen3.6-35B-A3B · 8161 chars · 2026-05-21 00:42
CVE-2026-47784Memcached<1.6.42旁路漏洞 AI Paid
Qwen3.6-35B-A3B · 8165 chars · 2026-05-21 00:39
CVE-2025-7469Campcodes Sales and Inventory System product_add.php sql injection AI Paid
Qwen3.6-35B-A3B · 9171 chars · 2026-05-21 00:30
CVE-2025-7471code-projects Modern Bag login-back.php sql injection AI Paid
Qwen3.6-35B-A3B · 6890 chars · 2026-05-21 00:29
CVE-2025-7470Campcodes Sales and Inventory System product_add.php unrestricted upload AI Paid
Qwen3.6-35B-A3B · 7965 chars · 2026-05-21 00:29
CVE-2026-29518Rsync < 3.4.3 TOCTOU Race Condition Allows Symlink-Based Arbitrary File Write AIVerified env Paid
Qwen3.6-35B-A3B · 10161 chars · 2026-05-21 00:24
CVE-2026-24425Twig 2.16.x & 3.9.0-3.25.x Sandbox Bypass via SourcePolicyInterface AI Paid
Qwen3.6-35B-A3B · 8915 chars · 2026-05-21 00:17

Frequently Asked Questions

What is a CVE PoC (Proof of Concept)?

A CVE PoC (Proof of Concept) is code that demonstrates how a specific vulnerability can be exploited. Security researchers use PoCs to verify vulnerabilities and assess their impact.

How does the AI-generated PoC work?

Shenlong Agent analyzes CVE descriptions and patch diffs via an LLM pipeline, generating structured technical walk-throughs — covering high-severity CVEs within hours of disclosure.

Are the PoCs free to access?

Public PoCs from GitHub are free. AI-generated PoC analyses by Shenlong Agent are a Pro / Pro+ feature.