Vulhub

Vulhub is an open-source collection of pre-built vulnerable docker environments for security researchers and educators.

18.4k+ Stars4.5k+ Forks288 Environments
# Clone the repository
git clone --depth 1 https://github.com/vulhub/vulhub.git

# Enter the directory
cd vulhub/spring/CVE-2022-22947

# Start the environment
docker compose up -d

Why Use Vulhub?

Docker Based

All environments are built with Docker and Docker Compose, making them easy to deploy and isolate.

Real Vulnerabilities

Practice with real-world vulnerabilities in a safe, controlled environment for learning and research.

Well Documented

Each vulnerability comes with detailed documentation explaining the vulnerability and exploitation steps.

Latest Environments

View all environments
RCEDeserialization
Created a day ago

Apache Superset Python Pickle Deserialization Leads to RCE

Explore the Apache Superset Python Pickle Deserialization Leads to RCE vulnerability and learn how to exploit it.

Learn more
CVE-2023-37941
Auth BypassHard Coding
Created 2 days ago

Apache Superset Hardcoded JWT Secret Key Leads to Authentication Bypass

Explore the Apache Superset Hardcoded JWT Secret Key Leads to Authentication Bypass vulnerability and learn how to exploit it.

Learn more
CVE-2023-27524
Path Traversal
Created 2 days ago

Vite Development Server Arbitrary File Read

Explore the Vite Development Server Arbitrary File Read vulnerability and learn how to exploit it.

Path Traversal
Created 3 days ago

Vite Development Server Arbitrary File Read Bypass

Explore the Vite Development Server Arbitrary File Read Bypass vulnerability and learn how to exploit it.

Learn more
CVE-2025-30208
Auth BypassFramework
Created 6 days ago

Next.js Middleware Authorization Bypass

Explore the Next.js Middleware Authorization Bypass vulnerability and learn how to exploit it.

Learn more
CVE-2025-29927
RCEDeserializationWebserver
Created 13 days ago

Tomcat Session Deserialization Remote Code Execution

Explore the Tomcat Session Deserialization Remote Code Execution vulnerability and learn how to exploit it.

Learn more
CVE-2025-24813

Ready to start your security research?

Explore our collection of vulnerable environments and enhance your security skills today.