Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 16.798 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 182 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Is exploitable with Sniper

Is in CISA catalog

Detectable with

Displaying 1 - 25 results out of 900

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	Severity	Exploitable with Sniper
FreePBX >= 17.0.2.36 && < 17.0.3 - Authenticated Command Injection CVE-2025-64328	Network Scanner	Mar 13, 2026	High(8.6)	No
HPE OneView - Remote Code Execution CVE-2025-37164	Network Scanner	Mar 3, 2026	Critical(10)	Yes
MeteoBridge <= 6.1 - Remote Code Execution CVE-2025-4008	Network Scanner	Mar 3, 2026	High(7.5)	Yes
Apache OFBiz - Improper Authorization & Remote Code Execution CVE-2024-38856	Network Scanner	Feb 26, 2026	Critical(9.8)	No
Flexnet - Remote Code Execution (Apache Log4j) CVE-2021-44228	Network Scanner	Feb 26, 2026	Critical(10)	No
Cisco CloudCenter Suite (Log4j) - Remote Code Execution CVE-2021-44228	Network Scanner	Feb 26, 2026	Critical(10)	No
Cisco IOS Software Autonomic Networking Infrastructure Denial of Service Vulnerability (cisco-sa-20170726-anidos) CVE-2017-6663	Network Scanner	Feb 25, 2026	Medium(6.5)	No
SNMP Remote Code Execution Vulnerabilities in Cisco IOS Software (cisco-sa-20170629-snmp) CVE-2017-6744 CVE-2017-6743 CVE-2017-6742 CVE-2017-6741 CVE-2017-6740 CVE-2017-6739 CVE-2017-6738 CVE-2017-6737 CVE-2017-6736	Network Scanner	Feb 25, 2026	High(8.8)	No
Cisco IOS Software Cluster Management Protocol Remote Code Execution Vulnerability (cisco-sa-20170317-cmp) CVE-2017-3881	Network Scanner	Feb 25, 2026	Critical(9.8)	No
Cisco IOS Software IKEv1 Information Disclosure Vulnerability (cisco-sa-20160916-ikev1) CVE-2016-6415	Network Scanner	Feb 25, 2026	High(7.5)	No
SolarWinds Web Help Desk < 12.8.8 Hotfix 1 (HF1) - Security Control Bypass CVE-2025-40536	Network Scanner	Feb 19, 2026	High(8.1)	No
Ivanti Endpoint Manager - Authentication Bypass CVE-2026-1603	Network Scanner	Feb 17, 2026	High(8.6)	No
Ivanti Endpoint Manager Mobile - Remote Code Execution CVE-2026-1281	Network Scanner	Feb 17, 2026	Critical(9.8)	Yes
BeyondTrust Remote Support - Unauthenticated WebSocket RCE CVE-2026-1731	Network Scanner	Feb 11, 2026	Critical(9.8)	No
Sophos Firewall <= 19.0 MR1 - Remote Code Execution CVE-2022-3236	Network Scanner	Feb 10, 2026	Critical(9.8)	No
PHPUnit - Remote Code Execution CVE-2017-9841	Network Scanner	Feb 10, 2026	Critical(9.8)	No
SolarWinds Web Help Desk < 2026.1 - Unauthenticated JNDI Injection RCE CVE-2025-40551	Network Scanner	Feb 9, 2026	Critical(9.8)	No
vCenter Server - Improper Access Control CVE-2021-22017	Network Scanner	Feb 5, 2026	Medium(5.3)	No
Laravel Livewire v3 - Remote Command Execution CVE-2025-54068	Network Scanner	Feb 4, 2026	Critical(9.8)	No
Telnet inetutils - Authentication Bypass CVE-2026-24061	Network Scanner	Feb 3, 2026	Critical(9.8)	Yes
Citrix StoreFront Server - XML External Entity CVE-2019-13608	Network Scanner	Jan 29, 2026	High(7.5)	No
Gogs <= 0.13.3 - Remote Code Execution CVE-2025-8110	Network Scanner	Jan 23, 2026	High(8.8)	No
Grandstream UCM6200 - SQL Injection CVE-2020-5722	Network Scanner	Jan 23, 2026	Critical(9.8)	No
SmarterTools SmarterMail - Admin Password Reset CVE-2026-23760	Network Scanner	Jan 23, 2026	Critical(9.8)	No
Digiever DS-2105 Pro - Command Injection CVE-2023-52163	Network Scanner	Jan 14, 2026	High(8.8)	No