Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 24868+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
CVSS 5.5
SMB2 LZ77 Decompression Bomb DoS Vulnerability Analysis
gitlab.com · 2026-04-30

# SMB2 LZ77 Decompression Bomb (crash/dos) ## Vulnerability Overview The LZ77 algorithm trigger in the SMB2 compression transform header leads to a decompression loop of approximately 429 million iter…

Read more
CVSS 5.5
Wireshark BT-DHT Parser Stack Overflow Vulnerability with PoC
gitlab.com · 2026-04-30

# BT-DHT Parser Nested Structure Stack Overflow Vulnerability ## Vulnerability Overview In Wireshark’s BT-DHT protocol parser, the `dissect_bencoded_list()` function contains a stack overflow vulnerab…

Read more
CVSS 5.5
Heap Buffer Overflow in Wireshark DCP-ETSI PFT Reed-Solomon Decoder
gitlab.com · 2026-04-30

# Heap Buffer Overflow in DCP-ETSI PFT Reed-Solomon Error Correction ## Vulnerability Overview A heap buffer overflow vulnerability exists in the DCP-ETSI PFT decoder. When processing a PCAP file cont…

Read more
CVSS 5.5
Wireshark Monero Dissector Stack Overflow Vulnerability with PoC
gitlab.com · 2026-04-30

# Monero Protocol Parser Stack Overflow Vulnerability ## Vulnerability Overview The Monero protocol parser (dissector) in Wireshark contains a stack overflow vulnerability. When running under standard…

Read more
CVSS 5.5
Wireshark AFP Spotlight Parser Stack Overflow Vulnerability Analysis
gitlab.com · 2026-04-30

# AFP Spotlight Parser Stack Overflow Vulnerability ## Vulnerability Overview A stack overflow vulnerability exists in the AFP parser within the `spotlight_dissect_query_loop()` function. When running…

Read more
CVSS 5.5
Wireshark SMB2 Parser Infinite Loop DoS Vulnerability
gitlab.com · 2026-04-30

# SMB2 Parser Infinite Loop Denial of Service Vulnerability ## Vulnerability Overview Defects exist in the `dissect_smb2_notify_data_out()` and `dissect_smb2_file_full_ea_info()` functions in Wireshar…

Read more
CVSS 5.5
Wireshark FC-SWILS Parser Stack Overflow Vulnerability Analysis
gitlab.com · 2026-04-30

# FC-SWILS Parser Stack Overflow Vulnerability Summary ## Vulnerability Overview In Wireshark's `FC-SWILS` protocol parser, the function `dissect_swils_zone_obj()` contains a stack overflow vulnerabil…

Read more
CVSS 8.8
Wireshark TLS ECH Heap Buffer Overflow Vulnerability Analysis
gitlab.com · 2026-04-30

# Wireshark TLS ECH Heap Buffer Overflow Vulnerability Summary ## Overview - **Vulnerability Type**: Heap Buffer Overflow - **Location**: In Wireshark’s TLS Encrypted ClientHello (ECH) transcript reco…

Read more
Premium intel
CVSS 7.1
meditor Unauthenticated File Upload Vulnerability Analysis
github.com · 2026-04-30

# Vulnerability Summary ## Vulnerability Overview This vulnerability involves a missing authentication check in the file upload functionality. In the `UploadView` class within `meditor/views.py`, alth…

Read more
CVSS 5.5
Wireshark sharkd Memory Leak via cf_open
gitlab.com · 2026-04-30

# Vulnerability Summary: sharkd: cf_open does not release previous capture wtap object ## Vulnerability Overview In lines 431-483 of the `shark.c` file, the `cf_open` function fails to release the `cf…

Read more
CVSS 5.5
Wireshark UDS DDDI Dissector Infinite Loop DoS Vulnerability
gitlab.com · 2026-04-30

# Wireshark UDS DDDI Parser Denial of Service Vulnerability Summary ## Vulnerability Overview - **Vulnerability Name**: Infinite Loop in UDS DDDI Dissector results in Denial of Service - **CVE Number*…

Read more
CVSS 5.5
Wireshark sharkd heap-buffer-overflow vulnerability analysis
gitlab.com · 2026-04-30

# Wireshark Vulnerability Summary ## Vulnerability Overview **Title**: sharkd: heap-buffer-overflow in frames method via cached filter bitmap from previously-loaded capture **Type**: Heap-buffer-overf…

Read more
CVSS 5.5
Wireshark sharkd NULL pointer dereference vulnerability analysis
gitlab.com · 2026-04-30

# Vulnerability Summary ## Vulnerability Overview - **Vulnerability Name**: sharkd: NULL pointer dereference in setcomment when comment parameter is omitted - **Vulnerability Type**: NULL pointer dere…

Read more
CVSS 6.3
Pet Grooming Management Software SQL Injection in update_customer.php with POC
github.com · 2026-04-30

# SQL Injection Vulnerability Summary in Pet Grooming Management Software ## Vulnerability Overview * **Vulnerability Type**: SQL Injection * **Affected File**: `update_customer.php` * **Affected Para…

Read more
CVSS 6.3
ZMCPTools 0.2.2 Path Traversal and Arbitrary Local File Read Vulnerability (CWE-22)
github.com · 2026-04-30

# ZMCPTools Path Traversal and Arbitrary Local File Read Vulnerability Summary ## Vulnerability Overview * **Vulnerability Name**: Path Traversal and Arbitrary Local File Read Vulnerability * **Vulner…

Read more
Premium intel
CVSS 7.3
OS Command Injection in mcp-server-semgrep (CWE-78) with POC and Fix
github.com · 2026-04-30

# Vulnerability Summary: mcp-server-semgrep OS Command Injection Vulnerability ## Overview - **Vulnerability Type**: OS Command Injection (CWE-78) - **Severity**: CVSS v3.1 9.8 (Critical) - **Affected…

Read more
CVSS 6.3
ZMCPTools Path Traversal and Arbitrary Local File Read Vulnerability Analysis
github.com · 2026-04-30

# Vulnerability Summary: Path Traversal and Arbitrary Local File Read Vulnerability in ZMCPTools ## Vulnerability Overview * **Vulnerability Name**: Path Traversal and Arbitrary Local File Read Vulner…

Read more
Premium intel
CVSS 7.3
CVE-78 OS Command Injection Fix: execFile Migration & Path Validation
github.com · 2026-04-30

# Vulnerability Summary: CVE-78 OS Command Injection ## Vulnerability Overview - **Vulnerability ID**: CVE-78 (CVSS 9.8) - **Type**: OS Command Injection - **Reporter**: @Bruceqjs - **Severity**: High…

Read more
Premium intel
CVSS 7.3
OS Command Injection in mcp-dnstwist (CWE-78) with POC
github.com · 2026-04-30

# OS Command Injection Vulnerability Summary (@burthecoder/mcp-dnstwist #22) ## Vulnerability Overview * **Vulnerability Type**: OS Command Injection (CWE-78) * **Affected Component**: `fuzz_domain` M…

Read more
Premium intel
CVSS 7.3
OS Command Injection in @burthecoder/mcp-dnstwist (CVE-78) with POC
github.com · 2026-04-30

# OS Command Injection Vulnerability in @burthecoder/mcp-dnstwist ## Vulnerability Overview An OS command injection vulnerability (CVE-78) was discovered in the `@burthecoder/mcp-dnstwist` tool (versi…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.