Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 24810+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
CVSS 5.3
GDAL Vendored HDF-EOS Heap Buffer Overflow in SWinDims
github.com · 2026-05-08

### Vulnerability Overview A heap buffer overflow vulnerability exists in GDAL's vendored HDF-EOS library. The vulnerability occurs in the `SWinDims` function, specifically within the `hdf4SwathGroup:…

Read more
CVSS 3.3
GDAL SWFinfo Out-of-bounds Read Vulnerability Analysis
github.com · 2026-05-08

# Vulnerability Summary: Out-of-bounds Read in SWFinfo ## Vulnerability Overview - **Vulnerability ID**: #14378 - **Vulnerability Type**: Out-of-bounds read - **Trigger Cause**: `size_t` underflow cau…

Read more
CVSS 6.3
CLIPProxyAPI SSRF Vulnerability Analysis and POC
github.com · 2026-05-08

# CLIPProxyAPI SSRF Vulnerability Summary ## Vulnerability Overview The CLIPProxyAPI system contains a Server-Side Request Forgery (SSRF) vulnerability. This vulnerability allows an attacker with `Aut…

Read more
CVSS 3.3
GDAL HDF-EOS SwAPi size_t Underflow OOB Read Vulnerability
github.com · 2026-05-08

### Vulnerability Overview An out-of-bounds read occurs in GDAL's vendored HDF-EOS library due to a `size_t` underflow in the `SwAPi` function. Specifically, when processing DimList metadata values, t…

Read more
CVSS 3.3
GDAL Vendored HDF-EOS Out-of-Bounds Read Vulnerability Analysis
github.com · 2026-05-08

### Vulnerability Overview An out-of-bounds read vulnerability exists in the vendored HDF-EOS library of GDAL within the `SwiInfo` function in `SWapi.c`. This vulnerability occurs when processing `Dim…

Read more
CVSS 7.5
Vanetza Remote DoS via Uncaught Exception in ECC Verification (CVE-2026-37554)
github.com · 2026-05-08

# Vulnerability Summary: Vanetza Remote Denial of Service Vulnerability ## Vulnerability Overview * **Vulnerability Name**: Remote Denial of Service via Uncaught Exception in ECC Verification * **CVE …

Read more
Unauthorized Update Vulnerability in UploadedFilesController and Fix
github.com · 2026-05-08

### Vulnerability Overview This vulnerability involves an authorization check issue in the `UploadedFilesController.php` file. In the `store` method, the system first checks whether the user has permi…

Read more
CVE-2026-36341: Stored XSS Vulnerability in Krayin CRM
cyber.spool.co.jp · 2026-05-08

# CVE-2026-36341: Summary of HTML Injection/XSS Vulnerability in Krayin CRM ## Vulnerability Overview Krayin CRM contains a stored Cross-Site Scripting (XSS) vulnerability. Attackers can inject malici…

Read more
Premium intel
CVSS 7.4KEV
Ivanti EPMM 5 High-Severity Vulnerabilities (CVE-2026-5786/6973) and Patch Guide
hub.ivanti.com · 2026-05-08

# Ivanti Endpoint Manager Mobile (EPMM) Security Vulnerability Summary ## Vulnerability Overview Ivanti has released security updates for Ivanti Endpoint Manager Mobile (EPMM) addressing **5 high-seve…

Read more
Webkul Krayin CRM Stored XSS Vulnerability Analysis (CVE-2026-36341)
github.com · 2026-05-08

# Vulnerability Summary: Webkul Krayin CRM (CVE-2026-36341) ## Vulnerability Overview * **Vulnerability Name**: Webkul Krayin CRM Cross-Site Scripting (XSS) Vulnerability (HTML Injection) * **CVE ID**…

Read more
CVSS 9.8
Yarbo Firmware v2.3.9 Hardcoded Credentials Vulnerability (CVE-2026-7414) Analysis
takeonme.org · 2026-05-08

### Vulnerability Overview - **CVE ID**: CVE-2026-7414 - **Vulnerability Name**: Hardcoded Credentials in Yarbo Robot Firmware v2.3.9 - **Description**: Yarbo firmware v2.3.9 contains hardcoded admini…

Read more
CVSS 9.8
CVE-2026-7415: Unauthenticated MQTT Access in Yarbo Robot Firmware
takeonme.org · 2026-05-08

### Vulnerability Overview - **CVE ID**: CVE-2026-7415 - **Vulnerability Name**: OPEN MQTT ORCHESTRATION WITHOUT READ/WRITE ACLS IN YARBO ROBOT FIRMWARE V2.3.9 - **Description**: The MQTT broker confi…

Read more
CVSS 7.2
CVE-2026-7413: Persistent Backdoor in Yarbo Robot Firmware v2.3.9
takeonme.org · 2026-05-08

### Vulnerability Overview - **CVE ID**: CVE-2026-7413 - **Vulnerability Name**: Persistent Unrecorded Backdoor Access in Yarbo Robot Firmware v2.3.9 - **Description**: A hidden, persistent backdoor w…

Read more
CVSS 4.8
Medtronic MiniMed 600 Series Insulin Pumps CVE-2022-32537 Vulnerability Analysis
www.cisa.gov · 2026-05-08

# Medtronic NGP 600 Series Insulin Pumps Vulnerability Summary ## Vulnerability Overview * **Vulnerability Name**: Protection Mechanism Failure * **CVE ID**: CVE-2022-32537 * **CVSS Score**: 4.8 (CVSS…

Read more
Premium intel
CVSS 8.9
Ivanti EPMM Security Advisory: 5 High-Severity CVEs (RCE, Privilege Escalation, Auth Bypass)
hub.ivanti.com · 2026-05-08

# Ivanti Endpoint Manager Mobile (EPMM) Security Vulnerability Summary ## Vulnerability Overview Ivanti has released security updates for Ivanti Endpoint Manager Mobile (EPMM) to address **5 high-seve…

Read more
CVSS 4.8
Medtronic MiniMed 600 Series Wireless Communication Vulnerability (CVE-2022-32537) Advisory
www.medtronic.com · 2026-05-08

# Medtronic MiniMed™ 600 Series Pump System Communication Vulnerability Summary ## Vulnerability Overview * **Vulnerability Name**: MiniMed™ 600 Series Pump System Communication Issue * **CVSS Score**…

Read more
CVE-2026-36388: PHPGURUKUL HMS v4.0 Stored XSS Leading to Session Hijacking
github.com · 2026-05-08

# CVE-2026-36388: Session Hijacking Due to Improper Session Management in PHPGURUKUL Hospital Management System v4.0 ## Vulnerability Overview The PHPGURUKUL Hospital Management System v4.0 contains a…

Read more
CVE-2026-36387: CODEASTRO Membership Management System Unrestricted File Upload RCE
github.com · 2026-05-08

# CVE-2026-36387: Remote Code Execution (RCE) in CODEASTRO Membership Management System v1.0 Due to Unrestricted File Upload ## Vulnerability Overview CODEASTRO Membership Management System v1.0 conta…

Read more
CVSS 6.8
Medtronic MyCareLink 24950 Patient Monitor CVE-2018-10626/10622 Vulnerability Summary
www.cisa.gov · 2026-05-08

# Medtronic MyCareLink 24950 Patient Monitor (Update A) Vulnerability Summary ## Vulnerability Overview * **Vulnerability ID**: CVE-2018-10626, CVE-2018-10622 * **CVSS Score**: v3 6.8 * **Vulnerabilit…

Read more
CVSS 6.8
Medtronic MyCareLink Patient Monitor Credential Extraction Vulnerability
www.medtronic.com · 2026-05-08

# Medtronic MyCareLink™ Patient Monitor Vulnerability Summary ## Vulnerability Overview - **Release Date**: August 7, 2018 - **Vulnerability Type**: External researchers identified security vulnerabil…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.