Are the PoCs on this site free to access?

Public PoCs aggregated from GitHub and the security community are freely accessible. AI-generated PoC analyses produced by Shenlong Agent are a Pro / Pro+ premium feature, requiring a paid subscription.

AI PoC Generator & CVE Exploit Database

Q: What is a CVE PoC (Proof of Concept)?

A CVE PoC (Proof of Concept) is a piece of code or technique that demonstrates how a specific vulnerability (CVE) can be exploited. Security researchers and penetration testers use PoCs to verify whether a vulnerability actually exists in a target system and to understand the potential impact.

Q: How does the AI-generated PoC work?

Shenlong Agent analyzes CVE descriptions, references, and patch diffs using a large language model pipeline. It generates a structured technical walk-through including vulnerability root cause, exploitation steps, and mitigation recommendations — covering high-severity CVEs within hours of disclosure.

We aggregate public proof-of-concept (PoC) code from GitHub and the security community, and use a Shenlong Agent (LLM-based) pipeline to generate technical PoC walk-throughs for high-severity CVEs. Public PoCs are free; AI-generated PoCs are a Pro / Pro+ feature. Each entry links back to its source CVE detail page for full context, references, and patches.

Latest POC List

Public POCs are scraped from GitHub / security community. AI Exclusive POCs are generated by Shenlong Agent — paid content.

Shenlong AI Exclusive POCs are paid content. Logged-in users get 3 free unlocks/month; upgrade to Pro for unlimited access. Log in / View plans

CVE-2021-44451API sensitive information leak AI Paid

default-local-qwen3.6 · 6011 chars · 2026-05-11 09:57

Goal Reached Thanks to every supporter — we hit 100%!

AI PoC Generator & CVE Exploit Database

Latest POC List

CVE-2021-44451API sensitive information leak AI Paid

CVE-2026-23188net: usb: r8152: fix resume reset deadlock AI Paid

CVE-2026-39981AGiXT has a Path Traversal in safe_join() AI Paid

CVE-2026-40069bsv-sdk ARC broadcaster treats INVALID/MALFORMED/ORPHAN responses as successful broadcasts AI Paid

CVE-2026-39983FTP Command Injection via CRLF in basic-ftp AI Paid

CVE-2026-40070bsv-sdk and bsv-wallet persist unverified certifier signatures in acquire_certificate (direct and issuance paths) AI Paid

CVE-2026-5985code-projects Simple IT Discussion Forum crud.php sql injection AI Paid

CVE-2026-5988Tenda F451 AdvSetWrlsafeset formWrlsafeset stack-based overflow AI Paid

CVE-2026-6004code-projects Simple IT Discussion Forum delete-category.php sql injection AI Paid

CVE-2026-5989Tenda F451 RouteStatic fromRouteStatic stack-based overflow AI Paid

CVE-2026-5990Tenda F451 SafeEmailFilter fromSafeEmailFilter stack-based overflow AI Paid

CVE-2026-5991Tenda F451 WrlExtraSet formWrlExtraSet stack-based overflow AI Paid

CVE-2025-1127Combination Path Traversal and Concurrent Execution vulnerability exists within the embedded web server AI Paid

CVE-2026-5692Totolink A7100RU cstecgi.cgi setGameSpeedCfg os command injection AI Paid

CVE-2026-5690Totolink A7100RU cstecgi.cgi setRemoteCfg os command injection AI Paid

CVE-2026-39384FreeScout Customer Merge Cross-Mailbox Authorization Bypass AI Paid

CVE-2026-5689Totolink A7100RU cstecgi.cgi setNtpCfg os command injection AI Paid

CVE-2026-35607File Browser: Proxy auth auto-provisioned users inherit Execute permission and Commands AI Paid

CVE-2026-5584Fosowl agenticSeek query Endpoint PyInterpreter.py PyInterpreter.execute code injection AI Paid

CVE-2026-39361OpenObserve has a SSRF Protection Bypass via IPv6 Bracket Notation in validate_enrichment_url AI Paid

Frequently Asked Questions