Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 25102+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
CVSS 6.3
Unauthenticated SQL Injection in Pharmacy Sales and Inventory System V1.0
github.com · 2026-04-30

# Vulnerability Summary: SQL Injection in Pharmacy Sales and Inventory System ## Vulnerability Overview * **Affected Product**: Pharmacy Sales and Inventory System V1.0 * **Vulnerability Type**: SQL I…

Read more
SonicWall Gen6/7/8 Multiple Vulnerabilities Advisory (CVE-2026-0204/0205/0206)
psirt.global.sonicwall.com · 2026-04-30

# SonicWall Multiple Vulnerabilities Security Advisory Summary ## Vulnerability Overview * **Advisory ID**: SNWID-2026-0004 * **Release Date**: 2026-04-29 * **CVSS Score**: 8.0 * **Vulnerability Detai…

Read more
CVSS 7.3
EyouCMS v1.7.9 Pre-auth SQL Injection in GetSortData Function
gitee.com · 2026-04-30

# Vulnerability Summary: EyouCMS v1.7.9 Pre-auth SQL Injection ## Overview - **Vulnerability Type**: Pre-auth SQL Injection (SQL injection without authentication) - **Location**: `GetSortData()` funct…

Read more
CVSS 6.3
Pre-Auth SQL Injection in Pharmacy Sales and Inventory System V1.0
github.com · 2026-04-30

# Vulnerability Summary: Pharmacy Sales and Inventory System SQL Injection ## Overview * **Affected Product**: Pharmacy Sales and Inventory System Project V1.0 * **Vulnerability Type**: SQL Injection …

Read more
Helpy 2.8.0 Stored XSS via Name Field (CVE-2026-40229)
fluidattacks.com · 2026-04-30

# Vulnerability Summary: Helpy 2.8.0 Stored XSS ## Overview Helpy 2.8.0 contains a stored cross-site scripting (XSS) vulnerability. The flaw resides in the post author display logic, where any registe…

Read more
Helpy 2.8.0 Stored XSS Vulnerability (CVE-2026-40230) Analysis
fluidattacks.com · 2026-04-30

# Helpy 2.8.0 Stored XSS Vulnerability Summary ## Vulnerability Overview * **Vulnerability Name**: Helpy 2.8.0 – Stored XSS in knowledgebase Doc body rendering * **Vulnerability Type**: Stored Cross-S…

Read more
CVSS 7.5
CVE-2024-42198: pgjdbc SCRAM Auth CPU Exhaustion DoS and Fix
github.com · 2026-04-30

# Vulnerability Summary: Unrestricted SCRAM Authentication Iterations in pgjdbc Leading to CPU Exhaustion ## Vulnerability Overview **CVE-2024-42198** * **Vulnerability Type**: Client-side Denial of S…

Read more
CVSS 3.5
Unauthenticated XSS in Pharmacy Sales and Inventory System V1.0
github.com · 2026-04-30

# Vulnerability Summary ## Vulnerability Overview * **Vulnerability Type**: Cross-Site Scripting (XSS) * **Affected Product**: Pharmacy Sales and Inventory System Project V1.0 * **Vulnerability Locati…

Read more
libsndfile Multiple Signed Integer Overflow Vulnerabilities
github.com · 2026-04-30

# UndefinedBehaviorSanitizer: multiple signed integer overflow #833 ## Vulnerability Overview Multiple signed integer overflow vulnerabilities were discovered in the `libsndfile` codebase. These vulne…

Read more
Python http.cookies BaseCookie.js_output Cookie Injection Fix
github.com · 2026-04-30

### Vulnerability Overview This vulnerability involves the Base64 encoding of Cookie values embedded in JavaScript. Specifically, when Cookie values contain control characters, it may lead to injectio…

Read more
Python shutil.unpack_archive ZIP Path Traversal Vulnerability Analysis
github.com · 2026-04-30

# Vulnerability Summary ## Vulnerability Overview This vulnerability involves the `shutil.unpack_archive` function in the Python standard library, which has security issues when processing ZIP files. …

Read more
Python shutil.unpack_archive ZIP Path Traversal Vulnerability Fix Analysis
github.com · 2026-04-30

### Vulnerability Overview This vulnerability affects the `shutil.unpack_archive` function in the Python standard library when processing ZIP files. Specifically, handling ZIP files containing invalid…

Read more
Python shutil.unpack_archive ZIP Path Traversal Vulnerability and Fix
github.com · 2026-04-30

### Vulnerability Overview This vulnerability involves the `shutil.unpack_archive` function in the Python standard library, which contains a path traversal flaw when processing ZIP files. Attackers ca…

Read more
Python Lib/http/cookies.py BaseCookie.js_output Unencoded Cookie Value Leading to JS Injection Fix
github.com · 2026-04-30

### Vulnerability Overview This vulnerability involves Cookie values embedded in JavaScript not being Base64-encoded, leading to potential security risks. Specifically, the `BaseCookie.js_output` meth…

Read more
Python webbrowser Module URL Bypass Vulnerability Fix Analysis (GH-148169)
github.com · 2026-04-30

### Vulnerability Overview - **Vulnerability ID**: GH-148169 - **Vulnerability Description**: In the `webbrowser` module, when the `new` parameter replaces `action`, URLs prefixed with `-action` can b…

Read more
Python webbrowser Tab substitution bypass vulnerability (GH-148170) and fix
github.com · 2026-04-30

# Vulnerability Summary ## Overview - **Vulnerability ID**: GH-148170 - **Vulnerability Type**: Browser Tab Substitution Bypass - **Description**: In the `webbrowser` module, URLs prefixed with the `n…

Read more
CVSS 4.7
EyouCMS v1.7.9 RCE via Filemanager Logic Missing Filter on ThinkPHP {function()} Tag
gitee.com · 2026-04-30

# EyouCMS v1.7.9 Remote Code Execution Vulnerability Summary ## Vulnerability Overview EyouCMS `editFile()` method (around lines 109-113) * **Secondary Cause**: `core/library/think/Template.php` -> `p…

Read more
CVSS 7.3
Path Traversal Vulnerability in fatbobman/mail-mcp-bridge and Patch Details
github.com · 2026-04-30

# Vulnerability Summary: Attachment Path Traversal Vulnerability ## Overview In the `fatbobman/mail-mcp-bridge` project, there is an attachment path traversal vulnerability. Attackers can bypass direc…

Read more
CVSS 7.3
mail-mcp-bridge Path Traversal Leading to Arbitrary Directory Deletion
github.com · 2026-04-30

# mail-mcp-bridge Path Traversal / Arbitrary Directory Deletion Vulnerability Summary ## Vulnerability Overview - **Vulnerability Type**: Path Traversal (CWE-22) / External Control of File Name or Pat…

Read more
Premium intel
CVSS 9.8KEV
cPanel/WHM Authentication Bypass Vulnerability (CVE-2026-41940) Advisory
www.vulncheck.com · 2026-04-30

# cPanel & WHM Authentication Bypass Vulnerability Summary ## Vulnerability Overview - **Title**: cPanel & WHM Authentication Bypass via Login Flow - **Severity**: Critical - **CVSS Score**: 9.3 - **P…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.