Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

AI PoC Generator & CVE Exploit Database

We aggregate public proof-of-concept (PoC) code from GitHub and the security community, and use a Shenlong Agent (LLM-based) pipeline to generate technical PoC walk-throughs for high-severity CVEs. Public PoCs are free; AI-generated PoCs are a Pro / Pro+ feature. Each entry links back to its source CVE detail page for full context, references, and patches.

最新 POC 列表

Public POCs are scraped from GitHub / security community. AI Exclusive POCs are generated by Shenlong Agent — paid content.Public POCs are scraped from GitHub / security community. AI Exclusive POCs are generated by Shenlong Agent — paid content.
Filter
Shenlong AI Exclusive POCs are paid content. Logged-in users get 3 free unlocks/month; upgrade to Pro for unlimited access.Shenlong AI Exclusive POCs are paid content. Logged-in users get 3 free unlocks/month; upgrade to Pro for unlimited access. Log in / View plans
CVE-2026-5147YunaiV yudao-cloud get-by-website sql injection AI Paid
Qwen3.6-35B-A3B · 9453 chars · 2026-05-07 22:02
CVE-2026-5150code-projects Accounting System Parameter viewin_costumer.php sql injection AI Paid
Qwen3.6-35B-A3B · 9993 chars · 2026-05-07 22:01
CVE-2026-5152Tenda CH22 createFileName formCreateFileName stack-based overflow AIVerified env Paid
Qwen3.6-35B-A3B · 8899 chars · 2026-05-07 21:54
CVE-2026-33987FreeRDP: Persistent Cache bmpSize Desync - Heap OOB Write AI Paid
Qwen3.6-35B-A3B · 9980 chars · 2026-05-07 21:46
CVE-2026-33984FreeRDP: ClearCodec resize_vbar_entry() Heap OOB Write AI Paid
Qwen3.6-35B-A3B · 14148 chars · 2026-05-07 21:28
CVE-2026-33986FreeRDP: H.264 YUV Buffer Dimension Desync - Heap OOB Write AI Paid
Qwen3.6-35B-A3B · 11138 chars · 2026-05-07 21:28
CVE-2026-33982FreeRDP: Persistent Cache Allocator Mismatch - Heap OOB Read AI Paid
Qwen3.6-35B-A3B · 11406 chars · 2026-05-07 21:28
CVE-2025-32957baserCMS: unsafe File Upload Leading to Remote Code Execution (RCE) AI Paid
Qwen3.6-35B-A3B · 8781 chars · 2026-05-07 21:21
CVE-2026-5155Tenda CH22 Parameter AdvSetWan fromAdvSetWan stack-based overflow AIVerified env Paid
Qwen3.6-35B-A3B · 8798 chars · 2026-05-07 21:16
CVE-2026-5156Tenda CH22 Parameter QuickIndex formQuickIndex stack-based overflow AIVerified env Paid
Qwen3.6-35B-A3B · 7501 chars · 2026-05-07 21:16
CVE-2026-5154Tenda CH22 Parameter setcfm fromSetCfm stack-based overflow AI Paid
Qwen3.6-35B-A3B · 7173 chars · 2026-05-07 21:14
CVE-2026-30877baserCMS: OS Command Injection in the baserCMS Update Functionality AI Paid
Qwen3.6-35B-A3B · 7972 chars · 2026-05-07 21:06
CVE-2026-32734baserCMS: Multiple vulnerabilities in baserCMS AI Paid
Qwen3.6-35B-A3B · 7013 chars · 2026-05-07 21:00
CVE-2026-21861baserCMS: OS Command Injection Leading to Remote Code Execution (RCE) AI Paid
Qwen3.6-35B-A3B · 7020 chars · 2026-05-07 21:00
CVE-2026-32727SciTokens: Authorization Bypass via Path Traversal in Scope Validation AI Paid
Qwen3.6-35B-A3B · 12488 chars · 2026-05-07 20:53
CVE-2026-5176Totolink A3300R cstecgi.cgi setSyslogCfg command injection AIVerified env Paid
Qwen3.6-35B-A3B · 8173 chars · 2026-05-07 20:53
CVE-2026-32714SciTokens vulnerable to SQL Injection in KeyCache AIVerified env Paid
Qwen3.6-35B-A3B · 8372 chars · 2026-05-07 20:51
CVE-2026-34070LangChain Core has Path Traversal vulnerabilites in legacy `load_prompt` functions AIVerified env Paid
Qwen3.6-35B-A3B · 8233 chars · 2026-05-07 20:43
CVE-2026-34042act: actions/cache server allows malicious cache injection AI Paid
Qwen3.6-35B-A3B · 10443 chars · 2026-05-07 20:42