Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 24809+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
CVSS 5.3
Squirrel 3.2 Stack Buffer Overflow in validate_format
github.com · 2026-05-11

# Vulnerability Summary: Stack Buffer Overflow in `validate_format` ## Vulnerability Overview - **Vulnerability Type**: Stack buffer overflow - **Root Cause**: An off-by-one error in the length check …

Read more
CVSS 3.3
WebAssembly Binaryen wasm-ctor-eval Assertion Failure via Malformed WASM
github.com · 2026-05-11

# WebAssembly Binaryen Vulnerability Summary ## Vulnerability Overview When parsing malformed WebAssembly input, the `wasm::Type::getHeapType()` method triggers an assertion failure. The root cause is…

Read more
Premium intel
CVSS 8.8
D-Link DCS-935L HNAP Stack Buffer Overflow Vulnerability (RCE) with POC
github.com · 2026-05-11

# D-Link DCS-935L HNAP Service SetDeviceSettings Stack Buffer Overflow Vulnerability (RCE) ## Vulnerability Overview This vulnerability exists in the HNAP service handler of the D-Link DCS-935L firmwa…

Read more
libexpat DOM Parsing Heap Out-of-Bounds Read in domParseChar
github.com · 2026-05-11

### Vulnerability Overview **Vulnerability Name**: Issue with validating UTF-8 continuation bytes in `domParseChar` **Vulnerability Description**: The `domParseChar()` function fails to verify the exi…

Read more
CVSS 4.3
Open5GS SMF NULL Pointer Dereference DoS via Missing vcnTunnelInfo
github.com · 2026-05-11

# [Bug]: SMF crash on POST /nsmf-pdusession/v1/pdu-sessions with missing vcnTunnelInfo #4446 ## Vulnerability Overview When processing a `POST /nsmf-pdusession/v1/pdu-sessions` request, Open5GS SMF cr…

Read more
CVSS 4.3
Open5GS SMF Stack Overflow and Assertion Failure Leading to DoS via Oversized PCC Rules
github.com · 2026-05-11

# [Bug]: SMF crash on POST /nsmf-callback/v1/sm-policy-notify/{smContextRef}/update with oversized pccRules #4445 ## Vulnerability Overview When the SMF processes the `sm-policy-notify` callback, a cr…

Read more
CVSS 4.3
Open5GS SMF Null Pointer Dereference Crash Vulnerability
github.com · 2026-05-11

# Vulnerability Summary: SMF Crash Vulnerability (Issue #4443) ## Vulnerability Overview In the Session Management Function (SMF) component of Open5GS, a crash occurs when processing a `POST /nsmf-cal…

Read more
CVSS 4.3
SMF Vulnerability: POST oversized flowInfos causes crash (PoC)
github.com · 2026-05-11

# Vulnerability Summary: SMF crash on POST /nsmf-callback/v1/sm-policy-notify/{smContextRef}/update with oversized flowInfos ## Vulnerability Overview When the SMF (Session Management Function) proces…

Read more
CVSS 4.3
Open5GS SMF smPolicyNotify Assertion Crash via Invalid ARP preemptCap
github.com · 2026-05-11

# [Bug]: SMF crash on POST /nsmf-callback/v1/sm-policy-notify/{smContextRef}/update with invalid arp.preemptCap #4442 ## Vulnerability Overview When the SMF receives a `sm-policy-notify` callback, if …

Read more
Out-of-bounds heap read in domParseChar via truncated UTF-8
github.com · 2026-05-11

# Vulnerability Summary: Out-of-bounds Heap Read in `domParseChar` ## Overview - **Vulnerability ID**: #146 - **Vulnerability Type**: Out-of-bounds heap read - **Trigger Condition**: The `domParseChar…

Read more
XML::LibXML domParseChar Uninitialized Memory Read Vulnerability Fix
github.com · 2026-05-11

### Vulnerability Overview This vulnerability involves the `domParseChar` function failing to validate the validity of bytes when processing multi-byte UTF-8 sequences. This leads to the reading of in…

Read more
CVE-2026-45190: Net::CIDR::Lite IP ACL Bypass via Input Validation Flaw
www.cve.org · 2026-05-11

# CVE-2026-45190 Vulnerability Summary ## Vulnerability Overview * **CVE ID**: CVE-2026-45190 * **Vulnerability Title**: The Perl module `Net::CIDR::Lite` versions prior to 0.24 fail to properly valid…

Read more
CVE-2026-45190 Lite.pm Parser Flaw Allows IP ACL Bypass and DoS
github.com · 2026-05-11

### Vulnerability Overview - **Vulnerability Name**: CVE-2026-45190 - **Vulnerability Type**: Denial of Service (DoS) - **Vulnerability Description**: A flaw in the parser's regular expression fails t…

Read more
Lite.pm IP ACL Bypass via Zero-Padded CIDR (CVE-2026-45191) Fix
github.com · 2026-05-11

### Vulnerability Overview - **CVE ID**: CVE-2026-45191 - **Vulnerability Description**: This vulnerability arises from the parsing of zero-padded CIDR masks (such as `/00` or `/032`) into their decim…

Read more
CVE-2026-45179: Plack::Middleware::Statsd IP Address Disclosure Vulnerability
www.cve.org · 2026-05-11

# CVE-2026-45179 Vulnerability Summary ## Overview * **CVE ID**: CVE-2026-45179 * **Title**: In versions of `Plack::Middleware::Statsd` prior to 0.9.0, Perl may leak the user's IP address. * **Descrip…

Read more
osrg/gobgp BGP Route Leak Vulnerability and PoC
github.com · 2026-05-11

# Vulnerability Overview This vulnerability involves a security issue in the `osrg/gobgp` project. The specific vulnerability type is **BGP route leak**. An attacker can construct malicious BGP route …

Read more
CVSS 7.8
RHSA-2026:13414: X.Org X Server & TigerVNC Vulnerabilities (DOS/UAF/Info Leak)
access.redhat.com · 2026-05-11

# RHSA-2026:13414 - Security Advisory Summary ## Vulnerability Overview * **Severity**: Important * **Affected Software**: X.Org X Server, TigerVNC * **Vulnerability Details**: * **CVE-2026-33999**: I…

Read more
CVSS 6.4
WordPress Plugin Filterable Portfolio Gallery 1.0 Stored XSS Vulnerability
www.exploit-db.com · 2026-05-10

# Stored Cross-Site Scripting (XSS) Vulnerability in WordPress Plugin Filterable Portfolio Gallery 1.0 ## Vulnerability Overview * **Vulnerability Name**: WordPress Plugin Filterable Portfolio Gallery…

Read more
CVSS 6.4
WordPress Plugin Filterable Portfolio Gallery 1.0 Stored XSS Vulnerability (CVE-7929)
www.vulncheck.com · 2026-05-10

# WordPress Plugin Filterable Portfolio Gallery 1.0 Stored XSS ## Vulnerability Overview - **Vulnerability Type**: Stored Cross-Site Scripting (Stored XSS) - **Vulnerability ID**: CVE-7929 - **Severit…

Read more
CVSS 6.4
Tecnoteca CMDBuild 3.3.1 Stored XSS Vulnerability Summary with POC
www.exploit-db.com · 2026-05-10

# CMDBuild 3.3.2 Cross-Site Scripting (XSS) Vulnerability Summary ## Vulnerability Overview * **Vulnerability Name**: CMDBuild 3.3.2 - 'Multiple' Cross Site Scripting (XSS) * **EDB-ID**: 50257 * **Pub…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.