Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 16.908 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 190 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Is exploitable with Sniper

Is in CISA catalog

Detectable with

Displaying 1 - 25 results out of 908

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	Severity	Exploitable with Sniper
Fortinet FortiClientEMS 7.4.4 - SQL Injection CVE-2026-21643	Network Scanner	Apr 10, 2026	Critical(9.8)	No
FortiClient EMS - Authentication Bypass CVE-2026-35616	Network Scanner	Apr 9, 2026	High(9.8)	No
DrayTek Vigor - OS Command Injection CVE-2024-12987	Network Scanner	Mar 31, 2026	Critical(9.8)	Yes
Cisco ISE - Unauthenticated Remote Code Execution CVE-2025-20281	Network Scanner	Mar 31, 2026	Critical(9.8)	Yes
Citrix NetScaler SAML IDP - Memory Overread CVE-2026-3055	Network Scanner	Mar 30, 2026	Critical(9.8)	No
FreePBX >= 17.0.2.36 && < 17.0.3 - Authenticated Command Injection CVE-2025-64328	Network Scanner	Mar 13, 2026	High(8.6)	No
Aviatrix Controller - Remote Code Execution CVE-2024-50603	Network Scanner	Mar 10, 2026	Critical(10)	Yes
Hikvision IP camera/NVR - Remote Command Execution CVE-2021-36260	Network Scanner	Mar 10, 2026	Critical(9.8)	Yes
HPE OneView - Remote Code Execution CVE-2025-37164	Network Scanner	Mar 3, 2026	Critical(10)	Yes
MeteoBridge <= 6.1 - Remote Code Execution CVE-2025-4008	Network Scanner	Mar 3, 2026	High(7.5)	Yes
Apache OFBiz - Improper Authorization & Remote Code Execution CVE-2024-38856	Network Scanner	Feb 26, 2026	Critical(9.8)	No
Cisco CloudCenter Suite (Log4j) - Remote Code Execution CVE-2021-44228	Network Scanner	Feb 26, 2026	Critical(10)	No
Flexnet - Remote Code Execution (Apache Log4j) CVE-2021-44228	Network Scanner	Feb 26, 2026	Critical(10)	No
SNMP Remote Code Execution Vulnerabilities in Cisco IOS Software (cisco-sa-20170629-snmp) CVE-2017-6744 CVE-2017-6743 CVE-2017-6742 CVE-2017-6741 CVE-2017-6740 CVE-2017-6739 CVE-2017-6738 CVE-2017-6737 CVE-2017-6736	Network Scanner	Feb 25, 2026	High(8.8)	No
Cisco IOS Software Autonomic Networking Infrastructure Denial of Service Vulnerability (cisco-sa-20170726-anidos) CVE-2017-6663	Network Scanner	Feb 25, 2026	Medium(6.5)	No
Cisco IOS Software Cluster Management Protocol Remote Code Execution Vulnerability (cisco-sa-20170317-cmp) CVE-2017-3881	Network Scanner	Feb 25, 2026	Critical(9.8)	No
Cisco IOS Software IKEv1 Information Disclosure Vulnerability (cisco-sa-20160916-ikev1) CVE-2016-6415	Network Scanner	Feb 25, 2026	High(7.5)	No
SolarWinds Web Help Desk < 12.8.8 Hotfix 1 (HF1) - Security Control Bypass CVE-2025-40536	Network Scanner	Feb 19, 2026	High(8.1)	No
Ivanti Endpoint Manager Mobile - Remote Code Execution CVE-2026-1281	Network Scanner	Feb 17, 2026	Critical(9.8)	Yes
Ivanti Endpoint Manager - Authentication Bypass CVE-2026-1603	Network Scanner	Feb 17, 2026	High(8.6)	No
BeyondTrust Remote Support - Unauthenticated WebSocket RCE CVE-2026-1731	Network Scanner	Feb 11, 2026	Critical(9.8)	No
PHPUnit - Remote Code Execution CVE-2017-9841	Network Scanner	Feb 10, 2026	Critical(9.8)	No
Sophos Firewall <= 19.0 MR1 - Remote Code Execution CVE-2022-3236	Network Scanner	Feb 10, 2026	Critical(9.8)	No
SolarWinds Web Help Desk < 2026.1 - Unauthenticated JNDI Injection RCE CVE-2025-40551	Network Scanner	Feb 9, 2026	Critical(9.8)	No
vCenter Server - Improper Access Control CVE-2021-22017	Network Scanner	Feb 5, 2026	Medium(5.3)	No