Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 16.962 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 190 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Is exploitable with Sniper

Is in CISA catalog

Detectable with

Displaying 1 - 25 results out of 190

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	CVSSv3	EPSS Score	EPSS Percentile	Exploitable with Sniper
Hoverfly - Remote Code Execution CVE-2025-54123	Network Scanner	Mar 31, 2026	Critical(9.8)	0.59	0.99	Yes
Cisco ISE - Unauthenticated Remote Code Execution CVE-2025-20281	Network Scanner	Mar 31, 2026	Critical(9.8)	0.37	0.98	Yes
Blink Router (LB-LINK) - OS Command Injection CVE-2025-45985	Network Scanner	Mar 31, 2026	Critical(9.8)	0.35	0.98	Yes
Roxy-WI - Remote Code Execution CVE-2022-31161	Network Scanner	Mar 31, 2026	Critical(9.8)	0.74	0.99	Yes
DrayTek Vigor - OS Command Injection CVE-2024-12987	Network Scanner	Mar 31, 2026	Critical(9.8)	0.79	1	Yes
Hikvision IP camera/NVR - Remote Command Execution CVE-2021-36260	Network Scanner	Mar 10, 2026	Critical(9.8)	0.95	1	Yes
Aviatrix Controller - Remote Code Execution CVE-2024-50603	Network Scanner	Mar 10, 2026	Critical(10)	0.95	1	Yes
MeteoBridge <= 6.1 - Remote Code Execution CVE-2025-4008	Network Scanner	Mar 3, 2026	High(7.5)	0.44	0.98	Yes
HPE OneView - Remote Code Execution CVE-2025-37164	Network Scanner	Mar 3, 2026	Critical(10)	0.84	1	Yes
Ivanti Endpoint Manager Mobile - Remote Code Execution CVE-2026-1281	Network Scanner	Feb 17, 2026	Critical(9.8)	0.8	1	Yes
Telnet inetutils - Authentication Bypass CVE-2026-24061	Network Scanner	Feb 3, 2026	Critical(9.8)	0.88	1	Yes
WordPress Post SMTP - Account Takeover CVE-2025-11833	Network Scanner	Dec 23, 2025	Critical(9.8)	0.17	0.95	Yes
React Server Components - Remote Code Execution (React2Shell) CVE-2025-55182	Network Scanner	Dec 9, 2025	Critical(10)	0.85	1	Yes
Fortinet FortiWeb - Authentication Bypass & Remote Code Execution CVE-2025-64446 CVE-2025-58034	Network Scanner	Dec 2, 2025	Critical(9.8)	0.93	1	Yes
WordPress Simple File List - Unauthenticated RCE CVE-2020-36847	Network Scanner	Nov 25, 2025	Critical(9.8)	0.88	1	Yes
React Native Community CLI development server - Remote Code Execution CVE-2025-11953	Network Scanner	Nov 18, 2025	Critical(9.8)	0.19	0.96	Yes
ASP.NET Core - Request Smuggling CVE-2025-55315	Network Scanner	Nov 18, 2025	Critical(9.9)	0.02	0.8	Yes
Oracle E-Business Suite - Remote Code Execution CVE-2025-61882	Network Scanner	Nov 4, 2025	Critical(9.8)	0.9	1	Yes
Magento & Adobe Commerce - Account Takeover CVE-2025-54236	Network Scanner	Oct 15, 2025	Critical(9.1)	0.69	0.99	Yes
FreePBX - Authentication Bypass leading to SQL Injection & Remote Code Execution CVE-2025-57819	Network Scanner	Sep 30, 2025	Critical(9.8)	0.77	0.99	Yes
Fortinet FortiSIEM - Remote Code Execution CVE-2025-25256	Network Scanner	Sep 9, 2025	Critical(9.8)	0.45	0.98	Yes
Microsoft Sharepoint - Authentication Bypass & Remote Code Execution CVE-2025-53771 CVE-2025-49704	Network Scanner	Sep 9, 2025	High(8.8)	0.62	0.99	Yes
SSH user enumeration CVE-2018-15473	Network Scanner	Aug 19, 2025	Medium(5.3)	0.91	1	Yes
Ivanti Endpoint Manager Mobile - Remote Code Execution CVE-2025-4427	Network Scanner	Jul 1, 2025	High(7.5)	0.92	1	Yes
Wordpress TemplateInvaders - Arbitrary File Upload CVE-2025-47577	Network Scanner	Jun 24, 2025	Critical(10)	0.01	0.4	Yes

Vulnerability & Exploit Database

One of EMEA's fastest-growing tech companies

Independently audited company-wide ISMS

50,000+ security folks are here. Are you?

Security leaders trust what they can prove