Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 25102+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
CVE-2026-36956: Dbit Router Firmware CSRF Vulnerability with POC
github.com · 2026-05-01

# CVE-2026-36956: Cross-Site Request Forgery (CSRF) Vulnerability in Web Management Interface ## Vulnerability Overview * **CVE ID**: CVE-2026-36956 * **CVSS Score**: 8.8 (High) * **Affected Product**…

Read more
CVE-2026-36957: Dbit Router Boa Web Server DoS Vulnerability with POC
github.com · 2026-05-01

# CVE-2026-36957: Boa Web Server Denial of Service Vulnerability ## Vulnerability Overview * **CVE ID**: CVE-2026-36957 * **Vulnerability Type**: Denial of Service (DoS) / CWE-400 (Uncontrolled Resour…

Read more
CVE-2026-38939/38940: Reflected XSS in mvc-ecommerce and TOKO-ONLINE-ROTI with POC
gist.github.com · 2026-05-01

# CVE-2026-38939 and CVE-2026-38940 Vulnerability Summary ## Vulnerability Overview Two reflected cross-site scripting (XSS) vulnerabilities exist in the `mvc-ecommerce` and `TOKO-ONLINE-ROTI` project…

Read more
Pallets Click OS Command Injection in click.edit() (Pre-8.3.3) with POC
github.com · 2026-04-30

# Pallets Click Command Injection Vulnerability Summary ## Vulnerability Overview The `click.edit()` function in the Pallets Click library contains a command injection vulnerability. When invoking the…

Read more
Apache Airflow SMTP STARTTLS Certificate Verification Bypass Fix
github.com · 2026-04-30

### Vulnerability Overview - **Vulnerability Name**: Validate SMTP server certificate on STARTTLS upgrade #65346 - **Vulnerability Description**: `smtplib.SMTP.starttls()` does not verify the server c…

Read more
FreeBSD libnv Stack Overflow via select() FD Set Overflow (CVE-2026-39457)
security.freebsd.org · 2026-04-30

# FreeBSD-SA-26:16.libnv Security Advisory Summary ## Vulnerability Overview - **Vulnerability Name**: Stack overflow via select() file descriptor set overflow - **CVE ID**: CVE-2026-39457 - **Module*…

Read more
FreeBSD dhclient Out-of-bounds Heap Write Vulnerability (CVE-2026-42512) Advisory
security.freebsd.org · 2026-04-30

# FreeBSD SA-26:15.dhclient Security Advisory Summary ## Vulnerability Overview - **Vulnerability Name**: Remote-triggered out-of-bounds heap write in `dhclient` - **CVE ID**: CVE-2026-42512 - **Publi…

Read more
FreeBSD libnv Heap Overflow Vulnerability (CVE-2026-35547) Advisory
security.freebsd.org · 2026-04-30

# FreeBSD-SA-26:17.libnv Security Advisory Summary ## Vulnerability Overview * **Vulnerability Name**: Heap overflow in libnv * **CVE ID**: CVE-2026-35547 * **Description**: `libnv` failed to properly…

Read more
CVSS 4.0
ParseCube LUT Integer Overflow Vulnerability Fix Analysis
github.com · 2026-04-30

# Vulnerability Summary ## Vulnerability Overview - **Vulnerability Name**: ParseCube Integer Overflow Vulnerability - **Description**: A memory allocation error occurs during LUT (Look-Up Table) allo…

Read more
4D Server SOAP XXE Vulnerability (CVE-2024-39847) Analysis and POC
www.schutzwerk.com · 2026-04-30

# Summary of 4D Server SOAP Vulnerability Security Advisory ## Vulnerability Overview **Title:** Arbitrary File Read and Server-Side Request Forgery (SSRF) via XML External Entity (XXE) in 4D Server S…

Read more
FreeBSD dhclient RCE via Malicious DHCP Options (CVE-2026-42511) Advisory
security.freebsd.org · 2026-04-30

### Vulnerability Overview - **Vulnerability Name**: Remote code execution via malicious DHCP options - **Module**: `dhclient` - **Release Date**: 2026-04-29 - **CVE ID**: CVE-2026-42511 - **Descripti…

Read more
FreeBSD pf Stack Overflow Vulnerability (CVE-2026-7164) Security Advisory
security.freebsd.org · 2026-04-30

# FreeBSD pf Stack Overflow Vulnerability (SA-26:14) ## Vulnerability Overview - **Vulnerability ID**: CVE-2026-7164 - **Publication Date**: 2026-04-29 - **Module**: pf (Packet Filter) - **Description…

Read more
FreeBSD SA-26:13.exec Local Privilege Escalation via execve() (CVE-2026-7270) Advisory
security.freebsd.org · 2026-04-30

### Vulnerability Overview - **Vulnerability Name**: FreeBSD-SA-26:13.exec - **Vulnerability Type**: Local Privilege Escalation (via execve()) - **Vulnerability Description**: An operator precedence e…

Read more
CVSS 4.0
libcms2 Integer Overflow Vulnerabilities CVE-2026-41254/41255 with POC
www.openwall.com · 2026-04-30

### Vulnerability Overview - **CVE-2026-41254**: This is an integer overflow vulnerability affecting the `libcms2` library. The vulnerability allows attackers to trigger an integer overflow by constru…

Read more
RICOH Web Image Monitor Open Redirect Vulnerability (CVE-2026-41226)
jp.ricoh.com · 2026-04-30

# Ricoh (RICOH) Web Image Monitor Open Redirect Vulnerability Security Advisory ## Vulnerability Overview * **Vulnerability Type**: Open Redirect * **Vulnerability ID**: ricoh-2026-000004 * **CVE ID**…

Read more
Ricoh Web Image Monitor Open Redirect Vulnerability (CVE-2026-41226)
www.ricoh.com · 2026-04-30

# Vulnerability Information Summary ## Vulnerability Overview * **Vulnerability Name**: Open Redirect Vulnerability in Web Image Monitor * **Vulnerability ID**: ricoh-2026-00004 * **CVE ID**: CVE-2026…

Read more
Ricoh Web Image Monitor Open Redirect Vulnerability (CVE-2026-41226)
jvn.jp · 2026-04-30

# JVN#65118274 Vulnerability Summary ## Overview - **Vulnerability Name**: Open redirect vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor - **Vulnerability Typ…

Read more
CVSS 5.5
Wireshark PER Dissector Missing Recursion Depth Limit Stack Overflow
gitlab.com · 2026-04-30

# Wireshark Vulnerability Summary ## Vulnerability Overview **Title**: PER Dissector Missing Recursion Depth Limits **Status**: Done **Author**: Alexandre D. **Created**: 3 weeks ago This vulnerabilit…

Read more
CVSS 5.5
Wireshark MySQL dissector Pointer Dereference Vulnerability Analysis
gitlab.com · 2026-04-30

# Wireshark MySQL Dissector Vulnerability Summary ## Vulnerability Overview - **Vulnerability Title**: Pointer dereference via commented out initialization in MySQL dissector - **Vulnerability Type**:…

Read more
CVSS 5.5
Wireshark MBIM Dissector DoS via Unchecked buffer_length
gitlab.com · 2026-04-30

# MBIM Dissector - Unchecked buffer_length Leads to Infinite Loop (crash/dos) ## Vulnerability Overview In Wireshark's MBIM protocol dissector, `info->buff_len` is used directly as the iteration count…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.