Every card below is a CVE our Claude Code agent reproduced end-to-end: it reads the PoC, rebuilds the real vulnerable system in an isolated Docker sandbox, launches a real exploit, and records the whole run with asciinema. A "VULNERABLE:" line is hard proof the exploit fired.
VULNERABLE: Unauthenticated RCE via setup wizard DB_PASSWORD injection. Proof: RCE_CONFIRMED_by_CVE-2025-62521VULNERABLE: uid=33(www-data) — OS command injection via filename param in /fog/management/export.phpVULNERABLE: Extracted Kubernetes Secret via ArgoCD ServerSideDiff mechanism (CVE-2026-42880): password=S3cretP@ssw0rd!2024 username=adminVULNERABLE: Unauthenticated credential leak via /cgi-bin/config.cgi - admin password D1nk@dmin2024! exposed without authenticationVULNERABLE: RCE confirmed via Jinja2 SSTI in /web/ endpoint - command executed as: uid=0(root) gid=0(root) groups=0(root)VULNERABLE: XSS via unsanitized overlay notification image field led to RCE — /tmp/vrcx-rce-pwned created via CefSharp AppApiVr elevated bindingVULNERABLE: Buffer overflow in apply.cgi start_lan via Channel parameter - process crashed (SIGSEGV/exit 139)VULNERABLE: uid=0(root) gid=0(root) groups=0(root) — command injection confirmed in setUssd handlerVULNERABLE: strcpy buffer overflow in /goform/formRemoteControl - 1800 byte payload overflowed 256-byte buffer (CVE-2026-7513)VULNERABLE: strcpy buffer overflow in /goform/formUser - 2000-byte Profile copied into 256-byte buffer without bounds checkVULNERABLE: SQL injection via dynamic partition key - 3 rows returned instead of 1, partition keys are interpolated unsanitized into SQL WHERE clausesVULNERABLE: BOOT_RECORD TLV (type 0x60) injected into unprotected TLV area acceptedVULNERABLE: SQL injection via DeptIDList in UserSel.aspx leaked admin password: SuperSecret123!VULNERABLE: OS command injection confirmed - read /etc/shadow via "ls ; cat /etc/shadow" VULNERABLE: OS command injection confirmed - read /etc/shadow via "ls ; cat /etc/shadow"VULNERABLE: Hard-coded credentials accepted - username=astrbot password=77b90590a8945a7d36c963981a307dc9 JWT_token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ...VULNERABLE: SQL injection in edit_staff.php ID parameter exposed secret: s3cret_admin_p@ssVULNERABLE: SQL injection in login.php Username parameter - bypassed authentication, leaked DB version: 10.5.29-MariaDB-0+deb11u1VULNERABLE: SQL injection in checkEmail endpoint exposed secret: SCHOOL_SECRET_KEY_4BF2A9D8C1E7VULNERABLE: SQL injection confirmed - extracted secret_data=FLAG{sql_injection_successful}, password=supersecretpassword123 from admin_users table via room_type parameterVULNERABLE: Root SSH access with hardcoded password hy@0886!# confirmed - uid=0(root) gid=0(root) groups=0(root)VULNERABLE: uid=0(root) gid=0(root) groups=0(root) — RCE confirmed via git --upload-pack argument injection through commit_sha [trigger] Exploitation successful!VULNERABLE: CRLF injection via DefaultHttpRequest.setUri() confirmed - HTTP request smuggling possibleVULNERABLE: ReDoS confirmed via /\*+$/ regex in markdown-it linkify - vulnerable regex took 4948ms vs 0ms for fixed code (50000 * chars payload)VULNERABLE: Wildcard SAN *.test.local incorrectly matched nested subdomain deep.sub.test.local (CVE-2020-15104). Envoy allowed the TLS connection.VULNERABLE: Auth bypass confirmed - accessed encryption_key=AES-256-KEY-a3f8b2c1d4e5f6071829 without valid passwordVULNERABLE: Basic Auth username logged in HTTP access log: 127.0.0.1 - guest [31/May/2026:10:04:08 +0000] "GET /api/overview HTTP/1.1" 200 2647 "" "curl/8.5.0"VULNERABLE: v3 silently wrote 5 bytes into undersized 5-byte buffer (needs 16) without RangeError. Partial UUID data: [69, 161, 19, 172, 199]VULNERABLE: CANswitch DLC=196 overflows data.u8[8] buffer (memcpy 196 bytes into 8-byte buffer)