Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Security Intel Hub 28924+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
CVSS 5.9
CVE-2026-41841: Spring MVC/WebFlux Static Resource Cache Info Disclosure
spring.io · 2026-06-13

### Vulnerability Overview - **CVE ID**: CVE-2026-41841 - **Vulnerability Type**: Information Disclosure - **Description**: Spring MVC and WebFlux applications are at risk of information disclosure at…

Read more
CVSS 4.2
CVE-2026-41844: Spring Framework Open Redirect in Spring MVC and WebFlux
spring.io · 2026-06-13

# CVE-2026-41844: Spring Framework Open Redirect in Spring MVC and WebFlux ## Vulnerability Overview - **Description**: In Spring MVC or Spring WebFlux applications, if a handler mapping is configured…

Read more
CVSS 7.1
Spring Framework CVE-2026-41845: XSS in JavaScriptUtils
spring.io · 2026-06-13

### Vulnerability Overview - **Vulnerability ID**: CVE-2026-41845 - **Vulnerability Name**: Spring Framework Cross-site Scripting via JavaScriptUtils - **Release Date**: June 8, 2026 - **Description**…

Read more
CVSS 4.8
Spring WebFlux Kotlin Router DSL Security Bypass (CVE-2026-41847)
spring.io · 2026-06-13

### Vulnerability Overview - **CVE ID**: CVE-2026-41847 - **Publication Date**: June 8, 2026 - **Description**: A security bypass vulnerability may exist in Spring WebFlux applications when using the …

Read more
CVSS 3.7
Spring Framework CVE-2026-41848 ReDoS Vulnerability Advisory
spring.io · 2026-06-13

### Vulnerability Overview - **Vulnerability ID**: CVE-2026-41848 - **Vulnerability Name**: Spring Framework Denial of Service via AntPathMatcher - **Description**: Applications may be susceptible to …

Read more
CVSS 5.3
CVE-2026-41853: Spring Framework Multipart Request Smuggling
spring.io · 2026-06-13

# CVE-2026-41853: Spring Framework Multipart Request Smuggling in Spring MVC and WebFlux ## Vulnerability Overview Spring MVC and WebFlux applications are vulnerable to multipart request smuggling. Sp…

Read more
CVSS 8.1
Spring Framework JMS Deserialization Vulnerability (CVE-2026-41855) Advisory and Fix Guide
spring.io · 2026-06-13

### Vulnerability Overview - **CVE ID**: CVE-2026-41855 - **Publication Date**: June 8, 2026 - **Severity**: High - **Description**: In untrusted JMS environments, `org.springframework.jms.support.con…

Read more
CVSS 7.5
Spring GraphQL Annotation Resolution Vulnerability Leading to Auth Bypass (CVE-2026-41856)
spring.io · 2026-06-13

### Vulnerability Overview - **CVE ID**: CVE-2026-41856 - **Vulnerability Name**: Spring GraphQL Annotation Detection Vulnerability - **Severity**: High - **Publication Date**: June 10, 2026 - **Descr…

Read more
CVSS 6.8
Spring Security CVE-2026-47838: Unauthenticated User Impersonation via X.509 Certificate CN Parsing Vulnerability and Pa
spring.io · 2026-06-13

### Vulnerability Overview **CVE-2026-47838**: An unauthorized impersonation vulnerability exists when using X.509 client certificates. This vulnerability is a continuation of CVE-2026-22747, which ad…

Read more
CVSS 7.8
SQLite fts5 buffer overflow fix when processing corrupted records
sqlite.org · 2026-06-13

### Vulnerability Overview This vulnerability involves a potential buffer overrun issue that can occur when SQLite processes corrupted records. Specifically, it occurs within the `fts5` module, where …

Read more
Premium intel
CVSS 8.4
Meltdown and Spectre Hardware Vulnerabilities Overview and Mitigation
static.draeger.com · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: Meltdown and Spectre - **Release Date**: January 4, 2018 - **Description**: Meltdown and Spectre are severe hardware vulnerabilities that affect th…

Read more
CVSS 7.6
Apache HTTP Server CVE-2024-23897: mod_proxy Location header mishandling advisory
static.draeger.com · 2026-06-13

### Vulnerability Overview This vulnerability concerns `CVE-2024-23897`, which affects Apache HTTP Server version 2.4.59. The vulnerability description states that when the `mod_proxy` module is used,…

Read more
Premium intel
CVSS 8.2
FFmpeg libavcodec H264 Integer Overflow in ff_h264_decode_slice_header with PoC
static.draeger.com · 2026-06-13

### Vulnerability Overview This vulnerability involves an integer overflow occurring in the `ff_h264_decode_slice_header` function due to improper validation of the `slice_type` value when processing …

Read more
CVSS 4.0
Spring Framework Unvalidated Redirect Vulnerability Advisory and Fix
static.draeger.com · 2026-06-13

### Vulnerability Overview This vulnerability involves an unvalidated URL redirection issue, which may result in users being redirected to malicious websites. ### Affected Versions - **Affected Compon…

Read more
Premium intel
CVSS 8.0
VMware Multiple Stored XSS Vulnerabilities Security Advisory CVE-2026-41722/23/24
support.broadcom.com · 2026-06-13

### Vulnerability Overview VMware Cloud Foundation Operations updates address multiple vulnerabilities (CVE-2026-41722, CVE-2026-41723, and CVE-2026-41724). These vulnerabilities include multiple stor…

Read more
Premium intel
KEV
Check Point VPN Authentication Bypass Vulnerability CVE-2026-50751 Advisory
support.checkpoint.com · 2026-06-13

# CVE-2026-50751 - Bypass of User Authentication for Remote Access and Mobile Access in Deprecated IKEv1 Key Exchange ## Vulnerability Overview - **Vulnerability ID**: CVE-2026-50751 - **Severity**: H…

Read more
LPE Vulnerability in Symantec CleanWipe Removal Tool for macOS (CVE-2026-11626)
support.broadcom.com · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: CleanWipe Removal Tool for ESA SEP 16 (macOS) - **CVE Number**: CVE-2026-11626 - **Severity**: Medium - **CVSS Score**: Not provided - **Publicatio…

Read more
CVSS 7.5
Unauthenticated API Endpoint Leaks Database Credentials and AWS Keys
static.draeger.com · 2026-06-13

### Vulnerability Overview This vulnerability involves an unauthorized API endpoint that allows attackers to retrieve sensitive information by sending specific HTTP requests. Specifically, attackers c…

Read more
Premium intel
CVSS 7.4
Check Point CVE-2026-50752: VPN Site-to-Site Certificate Bypass via IKEv1
support.checkpoint.com · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: CVE-2026-50752 - **Vulnerability Type**: VPN site-to-site certificate bypass vulnerability - **Affected Versions**: Check Point Security Gateways a…

Read more
Premium intel
CVSS 7.8
Check Point Identity Agent Local Privilege Escalation Vulnerability (CVE-2026-10847)
support.checkpoint.com · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: CVE-2026-10847 - Identity Agent Local Privilege Escalation Vulnerability - **Vulnerability Description**: Local authenticated users running Check P…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.