Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 24810+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
CVSS 4.3
Open5GS NSSF Crash on GET /nssf-nselection/v2 with Missing Serving PLMN Config
github.com · 2026-05-08

# [Bug]: NSSF crash on GET /nssf-nselection/v2/network-slice-information with home-plmn-id and homeSnssai when serving PLMN is not configured #4432 ## Vulnerability Overview In the NSSF (Network Slice…

Read more
CVSS 4.3
Reflected XSS in Pizzafy Ecommerce System V1.0 /admin/index.php
github.com · 2026-05-08

# Vulnerability Summary ## Overview * **Vulnerability Name**: sourcecodester Pizzafy Ecommerce System Project V1.0 /admin/index.php Reflected XSS #5 * **Vulnerability Type**: Reflected Cross-Site Scri…

Read more
Premium intel
CVSS 6.3
xiaozi-mcphub Path Traversal Vulnerability (CVE-22) Analysis and POC
github.com · 2026-05-08

# Vulnerability Summary: Path Traversal Vulnerability in xiaozi-mcphub ## Vulnerability Overview * **Vulnerability Name**: Path Traversal Vulnerability in xiaozi-mcphub * **CVE ID**: CVE-22 (CWE-22) *…

Read more
CVSS 5.3
Path Traversal Vulnerability in short-video-maker: Analysis and Fix
github.com · 2026-05-08

# Vulnerability Summary: Path Traversal Vulnerability in short-video-maker ## Vulnerability Overview * **Vulnerability Name**: Path Traversal Vulnerability in short-video-maker #73 * **Vulnerability T…

Read more
Premium intel
CVSS 8.8
Slider Revolution Arbitrary File Upload Vulnerability (7.0.0-7.0.10)
www.wordfence.com · 2026-05-08

# Slider Revolution 7.0.0 - 7.0.10 Arbitrary File Upload Vulnerability ## Vulnerability Overview The Slider Revolution plugin contains an arbitrary file upload vulnerability. Attackers can upload mali…

Read more
CVSS 7.3
MAXHUB Pivot Client Broken Cryptographic Algorithm Vulnerability (CVE-2026-6411)
www.cisa.gov · 2026-05-08

# MAXHUB Pivot Client Application Vulnerability Summary ## Vulnerability Overview * **Vulnerability Name**: MAXHUB Pivot Client Application Vulnerability * **CVE ID**: CVE-2026-6411 * **CVSS Score**: …

Read more
CVSS 6.3
JeecBoot <=3.9.1 SQL Injection Vulnerability (CVE-2024-9571) Analysis and PoC
github.com · 2026-05-08

# CVE-2024-9571: JeecBoot SQL Injection Vulnerability Summary ## Vulnerability Overview * **Vulnerability Type**: SQL Injection (UNION-based) * **Affected Product**: JeecBoot (versions SysDictMapper.x…

Read more
CVSS 6.3
OpenStack Cyborg ARK API Missing Project Ownership Leads to Info Disclosure and DoS (CVE-2026-40214)
bugs.launchpad.net · 2026-05-08

# Vulnerability Summary: Cyborg ARK API Lack of Project Ownership Tracking ## Vulnerability Overview * **Vulnerability ID**: CVE-2026-40214 * **Title**: [OSSA-2026-011] Cyborg ARK API lacks project ow…

Read more
CVSS 7.4
OpenStack Cyborg Authorization Bypass via rule:allow (CVE-2026-40213)
bugs.launchpad.net · 2026-05-08

# Vulnerability Summary: [OSSA-2026-011] rule:allow policy bypass exposes hardware inventory and privileged operations (CVE-2026-40213) ## Overview This vulnerability exists within the OpenStack Cybor…

Read more
CVSS 7.4
OpenStack Cyborg Access Control Bypass Vulnerabilities (CVE-2026-40213/40214)
www.openwall.com · 2026-05-08

# OpenStack Cyborg Multiple Access Control Vulnerabilities (CVE-2026-40213, CVE-2026-40214) ## Vulnerability Overview OpenStack Cyborg has multiple access control vulnerabilities: 1. **CVE-2026-40213 …

Read more
CVSS 4.3
MiniClaw Skill Script Path Traversal Vulnerability Fix Analysis
github.com · 2026-05-08

# Vulnerability Summary: Skill Script Path Traversal Vulnerability ## Overview This vulnerability exists in the MiniClaw project, allowing attackers to bypass path boundary checks during skill script …

Read more
CVSS 6.3
MiniClaw OS Command Injection Vulnerability (CWE-78) Analysis and PoC
github.com · 2026-05-08

# Vulnerability Summary: MiniClaw Heartbeat #4 (CWE-78) ## Vulnerability Overview * **Vulnerability Type**: CWE-78 Critical OS Command Injection * **Severity**: Critical * **Affected Component**: `exe…

Read more
CVSS 7.5
Microsoft Edge Copilot Chat Information Disclosure Vulnerability (CVE-2026-33111)
msrc.microsoft.com · 2026-05-08

# Vulnerability Overview * **Vulnerability Name**: Copilot Chat (Microsoft Edge) Information Disclosure Vulnerability * **CVE ID**: CVE-2026-33111 * **Publication Date**: May 7, 2026 * **Assigning Aut…

Read more
Premium intel
CVSS 8.5
SSRF Bypass via IPv6 Validation Flaw in validateUrlSync
github.com · 2026-05-08

### Vulnerability Overview This vulnerability involves the `validateUrlSync` function, where flaws in the validation logic for IPv6 address mapping and private IPv6 addresses allow attackers to bypass…

Read more
Mendix Application Authorization Misconfiguration Leading to Data Leakage
www.divd.nl · 2026-05-08

# Summary of Mendix Application Data Leakage Vulnerability ## Vulnerability Overview * **Core Issue**: Widespread configuration errors in Mendix applications expose data sources (entities/tables) to *…

Read more
CVSS 4.3
MiniClaw executeSkillScript Path Traversal Vulnerability Fix (CVE-22)
github.com · 2026-05-08

# Vulnerability Summary: MiniClaw Skill Script Path Traversal Vulnerability ## Vulnerability Overview - **Vulnerability ID**: CVE-22 Path Traversal Vulnerability in executeSkillScript - **Vulnerabilit…

Read more
CVSS 8.6
Ingest SDK Environment Variable Disclosure Vulnerability
github.com · 2026-05-08

### Vulnerability Overview The Ingest TypeScript SDK contains a security vulnerability that allows an unauthorized remote attacker to extract environment variables through the `serve()` handler. This …

Read more
CVSS 8.6
CVE-2026-42047: inngeest HMAC Signature Timing Attack Fix
github.com · 2026-05-08

### Vulnerability Overview - **Vulnerability ID**: CVE-2026-42047 - **Description**: This vulnerability involves a potential timing-based signature recovery attack on request signatures. The issue is …

Read more
CVSS 8.5
n8n-mcp SSRF bypass via IPv4-mapped IPv6 addresses (CVE-2025-42449)
github.com · 2026-05-08

# Vulnerability Summary: IPv4-mapped IPv6 addresses bypass SSRF protection in validateUrlSync() ## Vulnerability Overview - **Vulnerability Name**: IPv4-mapped IPv6 addresses bypass SSRF protection in…

Read more
CVSS 7.3
SQL Injection in FEEDBACK SYSTEM V1.0 Login Interface
github.com · 2026-05-08

# Vulnerability Summary: SQL Injection in FEEDBACK SYSTEM Project V1.0 ## Vulnerability Overview * **Vulnerability Type**: SQL Injection * **Affected File**: `/admin/checklogin.php` * **Vulnerable Par…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.