Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Security Intel Hub 27403+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Ubuntu QtSvg DoS/RCE Vulnerability Advisory (USN-8337-1)
ubuntu.com · 2026-05-28

### Vulnerability Overview - **Vulnerability ID**: USN-8337-1 - **Release Date**: May 28, 2026 - **Description**: A flaw exists in QtSvg when processing certain SVG images. An attacker could exploit t…

Read more
Verizon 2026 DBIR Report: Analysis of Credential Abuse and Enumeration Attack Trends
blog.gitguardian.com · 2026-05-28

Based on the provided webpage screenshot, here is a summary of the key vulnerability information: ### Vulnerability Overview - **Vulnerability Name**: Initial Access Changed, The Attack Path Did Not: …

Read more
Ubuntu PHP Security Update: SQLi, RCE & Info Disclosure (USN-8336-1, CVE-2025-14179/CVE-2026-6722)
ubuntu.com · 2026-05-28

### Vulnerability Overview - **Vulnerability ID**: USN-8336-1 - **Release Date**: May 28, 2026 - **Description**: - PHP fails to handle NULL bytes correctly when processing SQL queries, potentially le…

Read more
Premium intel
CVSS 8.8
WordPress ACF Frontend Form Element File Upload to RCE via Unsafe User Input
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview This vulnerability involves the file upload functionality in the WordPress plugin “ACF Frontend Form Element.” Attackers can exploit this by crafting malicious requests to u…

Read more
Premium intel
CVSS 8.8
WordPress acf-frontend-form_element Plugin Unauthorized Access Vulnerability Analysis
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The provided webpage screenshot displays the source code for the `user.php` file of the WordPress plugin `acf-frontend-form-element`. The code contains a potential security …

Read more
Premium intel
CVSS 8.8
WordPress ACF Frontend Form Element Arbitrary File Upload and RCE Vulnerability Analysis
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview This vulnerability involves the file upload functionality in the WordPress plugin "ACF Frontend Form Element." Attackers can bypass file type checks by constructing maliciou…

Read more
Premium intel
CVSS 8.8
WordPress acf-frontend-formelement Plugin Unauthorized Access Vulnerability Analysis
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The provided screenshot displays the source code file `user.php` for the WordPress plugin `acf-frontend-form-element`. A potential security vulnerability exists within the f…

Read more
Premium intel
CVSS 8.8
WordPress Plugin acf-frontend-form-element Insufficient Input Validation Vulnerability Analysis
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The screenshot displays the source code for the `submit.php` file of the WordPress plugin named `acf-frontend-form-element`. A potential security vulnerability exists within…

Read more
Premium intel
CVSS 8.8
WordPress acf-frontend-form-element Plugin File Upload Vulnerability with PoC
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview This vulnerability involves a security flaw in a file upload feature, specifically located in the file `acf-frontend-form-element/trunk/main/frontend/forms/classes/submit.ph…

Read more
Premium intel
CVSS 8.8
WordPress ACF Frontend Form Element Code Injection Vulnerability Analysis
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The provided webpage screenshot displays the source code for the file `submit.php` of the WordPress plugin `acf-frontend-form-element`. The file contains a potential securit…

Read more
Premium intel
CVSS 8.8
WordPress ACF Frontend Form Element Unauth Access Vulnerability
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The attached webpage screenshot displays the source code for the `user.php` file of the WordPress plugin `acf-frontend-form-element`. A potential security vulnerability exis…

Read more
Premium intel
CVSS 8.8
WordPress acf-frontend-form-element Code Injection Vulnerability Analysis
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The web screenshot displays the source code file `submit.php` of the WordPress plugin `acf-frontend-form-element`. A potential security vulnerability exists in the file, spe…

Read more
Veeam Service Provider Console CVE-2026-32998 Critical RCE Advisory
www.veeam.com · 2026-05-28

### Vulnerability Overview - **Vulnerability Name**: CVE-2026-32998 - **Severity**: Critical - **CVSS v3.1 Score**: 9.4 - **Description**: Veeam Service Provider Console allows remote code execution. …

Read more
Rocket.Chat IDOR Vulnerability Allows Reading Any Message (CVE-2024-32995)
hackerone.com · 2026-05-28

### Vulnerability Overview The Rocket.Chat DDP methods `autoTranslate` and `translateMessage` accept a client-supplied `i18nMessage` object and pass it directly to `i18nTranslateMessage()` without che…

Read more
CVSS 4.3
WordPress mp-timetable Plugin XSS Vulnerability Analysis
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The provided screenshot displays the source code file `class-hooks.php` of the WordPress plugin named `mp-timetable`. A potential security vulnerability exists within this f…

Read more
CVSS 4.3
Code analysis of mp-timetable WordPress plugin v2.4.16
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The provided webpage screenshot displays a code file from a WordPress plugin directory, specifically `class-controller-events.php`. This file contains a potential security v…

Read more
CVSS 5.9
Keycloak CVE-2026-9793 JWE Unsigned Claims Bypass
bugzilla.redhat.com · 2026-05-28

### Vulnerability Overview - **Vulnerability Name**: CVE-2026-9793 - **Description**: In Keycloak, when a JSON Web Encryption (JWE) encrypted request object is submitted, if the decrypted content is t…

Read more
CVSS 4.3
CVE-2026-9791: Keycloak Org Data Leakage When Disabled
bugzilla.redhat.com · 2026-05-28

### Vulnerability Overview **Vulnerability ID**: Bug 2482458 (CVE-2026-9791) **Description**: When `organizationsEnabled` is set to `false`, Keycloak correctly blocks the Organization API on admin pat…

Read more
CVSS 5.3
Keycloak SAML ECP Information Disclosure via SOAP Faults (CVE-2026-9794)
bugzilla.redhat.com · 2026-05-28

### Vulnerability Overview - **Vulnerability Name**: CVE-2026-9794 - **Vulnerability Description**: A vulnerability was discovered in Keycloak, allowing remote unauthenticated attackers to exploit thi…

Read more
CVSS 6.5
Keycloak TOCTOU Privilege Escalation to realm-admin (CVE-2026-9796)
bugzilla.redhat.com · 2026-05-28

### Vulnerability Overview - **Vulnerability Name**: CVE-2026-9796 - **Vulnerability Type**: Time-of-Check to Time-of-Use (TOCTOU) Vulnerability - **Description**: In Keycloak, an authenticated admini…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.