Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 24810+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Premium intel
CVSS 9.8
TOTOLINK A8000RU cstecgi.cgi Command Injection Vulnerability Analysis
github.com · 2026-05-01

# A8000RU Command Injection Vulnerability Summary ## Vulnerability Overview A command injection vulnerability was discovered in the `cstecgi.cgi` of the TOTOLINK A8000RU router. An attacker can craft …

Read more
Premium intel
CVSS 7.3
SQL Injection in SourceCoder Advanced School Management System V1.0
github.com · 2026-05-01

# SourceCoder Advanced School Management System SQL Injection Vulnerability Summary ## Vulnerability Overview * **Product Name**: SourceCoder Advanced School Management System with Complete Features V…

Read more
CVSS 4.3
Open5GS AMF NULL Pointer Dereference DoS via ueContextId
github.com · 2026-05-01

# AMF crash on POST /namf-comm/v1/ue-contexts/{ueContextId}/transfer-update with unknown ueContextId #4339 ## Vulnerability Overview The Open5GS AMF module crashes (Segmentation fault) when processing…

Read more
CVSS 5.3
OpenSGS BSF Crash via Invalid IPv4Addr in POST /nsbf-management/v1/pcfBindings
github.com · 2026-05-01

# BSF crash on POST /nsbf-management/v1/pcfBindings with invalid ipv4Addr #4400 ## Vulnerability Overview When processing a POST request to `/nsbf-management/v1/pcfBindings`, if the request body conta…

Read more
Premium intel
CVSS 8.8
Buffer Overflow Vulnerability in UTT HIPER 1200GW Router via formRemoteControl
github.com · 2026-05-01

### Vulnerability Overview A critical buffer overflow vulnerability has been discovered in the UTT router Aggressive HIPER 1200GW. An attacker can trigger this vulnerability via the route `/goform/for…

Read more
CVSS 6.3
DefectDojo dojosurvey IDOR Vulnerability Analysis
github.com · 2026-05-01

### Vulnerability Overview - **Vulnerability Type**: Potential Internal Object ID (IDOR) vulnerability - **Description**: The `updated_answer_questionnaire` view in `dojosurvey/views.py` allows anonym…

Read more
CVSS 7.8
Heap Buffer Overflow in SBC Codec Plugin
gitlab.com · 2026-05-01

# Heap Buffer Overflow in SBC codec ## Vulnerability Overview - **Vulnerability Type**: Heap Buffer Overflow - **Vulnerable Location**: `sbc_decode()` function in `plugins/codecs/sbc/sbc.c` - **Trigge…

Read more
CVSS 7.8
Wireshark tshark RDP ZGFX Heap Buffer Overflow Vulnerability Analysis
gitlab.com · 2026-05-01

# RDP ZGFX Heap Buffer Overflow ## Vulnerability Overview - **Vulnerability Type**: Heap Buffer Overflow - **Trigger Path**: In the `rdp_decompress_segment` function, an uncompressed ZGFX segment pack…

Read more
CVSS 4.7
Wireshark K12 RF5 File Parser Stack Buffer Overflow Vulnerability
gitlab.com · 2026-05-01

### Vulnerability Overview - **Vulnerability Name**: K12 RF5 file parser stack buffer overflow - **Vulnerability Type**: Stack buffer overflow - **Discoverer**: bcoles - **Discovery Time**: 1 month ag…

Read more
CVSS 7.0
Wireshark Profile Import RCE via Zip-Slip Vulnerability
gitlab.com · 2026-05-01

# Wireshark Profile Import RCE via Zip-Slip Vulnerability (Security Bug) ## Vulnerability Overview The profile import functionality in Wireshark contains a path traversal (Zip-Slip) vulnerability. The…

Read more
CVSS 6.3
OWASP DefectDojo Authorization Bypass (IDOR) Vulnerability Analysis
github.com · 2026-05-01

# Vulnerability Summary: OWASP DefectDojo Authorization Bypass (IDOR) ## Vulnerability Overview **Vulnerability Name**: Authorization Bypass / IDOR - Access to Other People's Risk Acceptances via raid…

Read more
CVSS 7.3
Auth Bypass & Default-Allow RBAC Vulnerability Fix
github.com · 2026-05-01

# Vulnerability Summary ## Vulnerability Overview - **Vulnerability ID**: #860 - **Vulnerability Type**: Authentication Bypass + Default-All-Permissions RBAC (Role-Based Access Control) - **Severity**…

Read more
Premium intel
CVSS 8.8
TOTOLINK A800R Buffer Overflow in setWifiMultipleConfig with POC
github.com · 2026-05-01

# TOTOLINK A800R Buffer Overflow Vulnerability Summary ## Vulnerability Overview The firmware of the TOTOLINK A800R router contains a buffer overflow vulnerability in the `setWifiMultipleConfig` funct…

Read more
CVSS 7.3
nextlevelbuilder/goclaw Auth Bypass and RBAC Default-Permit Vulnerability Analysis
github.com · 2026-05-01

# Vulnerability Summary: nextlevelbuilder/goclaw Authentication Bypass and Default-Permit Policy Vulnerabilities ## Vulnerability Overview This vulnerability is a three-part exploit chain (Issue #866)…

Read more
CVSS 7.3
GoClaw Unauthenticated RCE via Heartbeat Command Injection
github.com · 2026-05-01

# Vulnerability Summary: Unauthenticated Log Subscription and Command Injection in GoClaw Heartbeat Execution Flow ## Vulnerability Overview **Title**: Critical: Unauthenticated log subscription and c…

Read more
Premium intel
CVSS 7.3
SourceCoder Hotel Management System SQL Injection in /index.php/reservation/check
github.com · 2026-05-01

# SourceCoder Hotel Management System SQL Injection Vulnerability Summary ## Vulnerability Overview * **Vulnerability Name**: SourceCoder Hotel Management System `/index.php/reservation/check` SQL Inj…

Read more
CVE-2026-28909: Insecure Hostname Validation in container Package Allows HTTP Downgrade Attack
github.com · 2026-05-01

# Vulnerability Summary: Insecure Hostname Validation Allows HTTP Downgrade Attack ## Overview - **Vulnerability Name**: Insecure hostname validation allows HTTP downgrade attack - **CVE ID**: CVE-202…

Read more
Premium intel
CVSS 5.4
LinkStack IDOR Vulnerability (CWE-639) Analysis and POC
github.com · 2026-05-01

# CVE Report: Insecure Direct Object Reference (IDOR) Vulnerability in LinkStack Link Management ## Vulnerability Overview * **Product Name**: LinkStack (LinkStackOrg/LinkStack) * **Affected Versions*…

Read more
CVSS 5.4
LinkStack IDOR in Link Management Endpoints (/studio/edit-link)
github.com · 2026-05-01

# Vulnerability Summary ## Overview LinkStack's link management endpoints (`/studio/edit-link`, `/studio/sort-link`, `/clearIcon`) accept user-supplied link IDs but fail to verify whether the currentl…

Read more
CVSS 5.4
Fix IDOR in Link Management Endpoints with POC
github.com · 2026-05-01

# Vulnerability Summary ## Overview **Title**: Fix IDOR in link management endpoints #975 **Type**: Insecure Direct Object Reference (IDOR) **Status**: Open (Pending Fix) **Reporter**: az10b **Time**:…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.