Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Security Intel Hub 28775+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Premium intel
CVSS 7.5
Red Hat Build of Apache Camel Security Advisory: Multiple RCE and Deserialization Vulnerabilities (CVE-2026-6857, CVE-20
access.redhat.com · 2026-06-03

### Vulnerability Overview - **Vulnerability Name**: RHSA-2026:22453 - Security Advisory - **Publication Date**: 2026-06-02 - **Last Updated**: 2026-06-02 - **Severity**: Important - **Description**: …

Read more
CVSS 6.5
Yonyou GRP-U8 Administrative Software SQL Injection Vulnerability with POC
www.wordfence.com · 2026-06-03

### Vulnerability Overview - **Vulnerability Name**: Yonker GRP-U8 Administrative and Institutional Management Software SQL Injection Vulnerability - **Vulnerability Description**: The Yonker GRP-U8 A…

Read more
CVSS 7.5
Java Xerces Base64 DoS Vulnerability Analysis and Proof-of-Concept
www.wordfence.com · 2026-06-03

# Vulnerability Overview This vulnerability exists in the `com.sun.org.apache.xerces.internal.impl.dv.util.Base64` class, which is part of the Xerces XML parser and is used for handling Base64 encodin…

Read more
Premium intel
CVSS 8.8
IBM i Access Client Solutions RCE Vulnerability Advisory (CVE-2026-7770)
www.ibm.com · 2026-06-03

### Vulnerability Overview IBM i Access Client Solutions (ACS) contains a remote code execution vulnerability (CVE-2026-7770). When configured to listen for requests from IBM i Navigator, this vulnera…

Read more
CVSS 4.3
WordPress BirdSeed <= 2.2.0 CSRF Vulnerability (CVE-2026-4071)
www.wordfence.com · 2026-06-03

### Vulnerability Overview - **Vulnerability Name**: BirdSeed <= 2.2.0 - Cross-Site Request Forgery via BirdSeed Token Change - **Vulnerability Type**: Cross-Site Request Forgery (CSRF) - **CVE ID**: …

Read more
CVSS 4.4
YonGRP U8 Administrative Software SQL Injection Vulnerability and POC
www.wordfence.com · 2026-06-03

### Vulnerability Overview - **Vulnerability Name**: Yonyou GRP-U8 Administrative and Institutional Management Software SQL Injection Vulnerability - **Vulnerability Type**: SQL Injection - **Vulnerab…

Read more
CVSS 6.1
Java Base64 Internal Class DoS Vulnerability POC and Mitigation
www.wordfence.com · 2026-06-03

# Vulnerability Overview This vulnerability exists in the `com.sun.org.apache.xerces.internal.impl.dv.util.Base64` class, which is used to handle Base64 encoding and decoding. Attackers can exploit th…

Read more
CVSS 4.3
Apache Xerces XSDHandler External Entity DoS Vulnerability with POC
www.wordfence.com · 2026-06-03

# Vulnerability Overview This vulnerability exists in the `com.sun.org.apache.xerces.internal.impl.xs.traversers.XSDHandler` class, specifically within the `resolveSchema` method. When processing exte…

Read more
CVSS 6.4
Yonyou GRP-U8 SQL Injection Vulnerability POC
www.wordfence.com · 2026-06-03

### Vulnerability Overview - **Vulnerability Name**: Yonyou GRP-U8 Administrative Management Software SQL Injection Vulnerability - **Vulnerability Type**: SQL Injection - **Vulnerability Description*…

Read more
Premium intel
CVSS 9.8
Apache ActiveMQ CVE-2024-23897 RCE Vulnerability and POC
www.wordfence.com · 2026-06-03

### Vulnerability Overview This vulnerability involves a remote code execution (RCE) flaw, identified as `CVE-2024-23897`, affecting Apache ActiveMQ versions 5.x. Attackers can exploit this vulnerabil…

Read more
CVSS 7.7
Elastic Kibana SSRF Vulnerability CVE-2026-42398 Security Advisory
discuss.elastic.co · 2026-06-03

### Vulnerability Overview - **Vulnerability Name**: Server-Side Request Forgery (SSRF) in Kibana Leading to Unauthorized Network Access - **CVE ID**: CVE-2026-42398 - **CWE ID**: CWE-918 - Server-Sid…

Read more
CVSS 6.5
Kibana Uncontrolled Resource Consumption DoS Vulnerability CVE-2026-42409 Advisory
discuss.elastic.co · 2026-06-03

### Vulnerability Overview - **Vulnerability Name**: Uncontrolled Resource Consumption in Kibana Leading to Denial of Service - **CVE ID**: CVE-2026-42409 - **Problem Type**: CWE-400 - Uncontrolled Re…

Read more
Premium intel
CVSS 7.2
Kibana Fleet Privilege Escalation via Improper Input Validation (CVE-2026-49095)
discuss.elastic.co · 2026-06-03

### Vulnerability Overview - **Vulnerability Name**: Improper Input Validation in Kibana Fleet Leading to Privilege Escalation - **CVE ID**: CVE-2026-49095 - **Issue Type**: CWE-20 - Improper Input Va…

Read more
Premium intel
CVSS 10.0
Oracle May 2026 Critical Security Patch Update (CSPU) Advisory
www.oracle.com · 2026-06-03

### Oracle Critical Security Patch Update Advisory - May 2026 #### Vulnerability Overview Oracle has released the Critical Security Patch Update (CSPU) for May 2026, which includes 35 new security pat…

Read more
CVSS 6.5
Kibana Uncontrolled Resource Consumption DoS Vulnerability (CVE-2026-33644) and Fix
discuss.elastic.co · 2026-06-03

### Vulnerability Overview - **Vulnerability Name**: Uncontrolled Resource Consumption Leading to Denial of Service - **CVE ID**: CVE-2026-33644 - **Issue Type**: CWE-400 - Uncontrolled Resource Consu…

Read more
CVSS 6.3
Kibana SSRF Vulnerability (CVE-2026-49093) Security Advisory
discuss.elastic.co · 2026-06-03

### Vulnerability Overview - **Vulnerability Name**: Server-Side Request Forgery (SSRF) in Kibana Leading to Unauthorized Network Access - **CVE ID**: CVE-2026-49093 - **Issue Type**: CWE-918 - Server…

Read more
CVSS 4.6
Kibana Path Traversal via Dashboard Leading to Unauthorized User Deletion (CVE-2026-33462)
discuss.elastic.co · 2026-06-03

### Vulnerability Overview - **Vulnerability Name**: Path Traversal in Kibana Leading to Unauthorized Deletion of User Accounts - **Description**: A path traversal vulnerability was identified in Kiba…

Read more
CVSS 7.8
RHSA-2026:2178: Red Hat X.Org X Window System Multiple Vulnerabilities Fix
access.redhat.com · 2026-06-03

### Vulnerability Overview - **Vulnerability ID**: RHSA-2026:2178 - **Publication Date**: 2026-05-28 - **Update Date**: 2026-05-28 - **Severity**: Important - **Description**: X.Org X Window System ha…

Read more
CVSS 9.3
authentik SFE Reflected XSS Vulnerability (CVE-2026-42649)
github.com · 2026-06-03

### Vulnerability Overview - **Vulnerability Name**: Reflected XSS in SFE - **Vulnerability Type**: Reflected Cross-Site Scripting (Reflected XSS) - **Severity**: Critical (Critical) - **CVSS Score**:…

Read more
CVSS 5.3
Missing Auth Token Validation in Geyser/Cloudburst (GHSA-g2fr-c75x-4f89/CVE-2026-45289)
github.com · 2026-06-03

# Vulnerability Overview **Vulnerability Title**: Missing Validation for FULL Type Authentication Tokens (Cloudburst/Protocol) **Vulnerability ID**: GHSA-g2fr-c75x-4f89 **Severity**: Medium (5.3 / 10)…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.