Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

Security Intel Hub 29208+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
LPE Vulnerability in Symantec CleanWipe Removal Tool for macOS (CVE-2026-11626)
support.broadcom.com · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: CleanWipe Removal Tool for ESA SEP 16 (macOS) - **CVE Number**: CVE-2026-11626 - **Severity**: Medium - **CVSS Score**: Not provided - **Publicatio…

Read more
CVSS 7.5
Unauthenticated API Endpoint Leaks Database Credentials and AWS Keys
static.draeger.com · 2026-06-13

### Vulnerability Overview This vulnerability involves an unauthorized API endpoint that allows attackers to retrieve sensitive information by sending specific HTTP requests. Specifically, attackers c…

Read more
Premium intel
CVSS 7.4
Check Point CVE-2026-50752: VPN Site-to-Site Certificate Bypass via IKEv1
support.checkpoint.com · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: CVE-2026-50752 - **Vulnerability Type**: VPN site-to-site certificate bypass vulnerability - **Affected Versions**: Check Point Security Gateways a…

Read more
Premium intel
CVSS 7.8
Check Point Identity Agent Local Privilege Escalation Vulnerability (CVE-2026-10847)
support.checkpoint.com · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: CVE-2026-10847 - Identity Agent Local Privilege Escalation Vulnerability - **Vulnerability Description**: Local authenticated users running Check P…

Read more
CVSS 8.1
HCL Hive Telco Observability CSP Bypass Vulnerability (CVE-2025-59874) Advisory
support.hcl-software.com · 2026-06-13

# Vulnerability Overview - **Vulnerability Name**: HCL Hive Telco Observability is affected by CSP vulnerability (CVE-2025-59874) - **Vulnerability ID**: CVE-2025-59874 - **CVSS Base Score**: 8.1 - **…

Read more
CVSS 6.1
HCL Digital Experience OS Command Injection, Host Header Injection, XSS and Multer DoS Vulnerabilities (CVE-2026-21827/2
support.hcl-software.com · 2026-06-13

### Vulnerability Overview HCL Digital Experience and Digital Experience Compose are potentially affected by multiple vulnerabilities. These include: 1. **CVE-2026-21827** - **Description**: HCL Digit…

Read more
Premium intel
CVSS 7.8
Lenovo LanSchool Classic CVE-2026-86 Privilege Escalation Advisory
support.lenovo.com · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: Lenovo Security Advisory: LPS2026-86 - **CVE ID**: CVE-2026-86 - **Severity**: High - **Potential Impact**: Privilege Escalation - **Summary Descri…

Read more
CVE-2026-6338 Kong Gateway HTTP Request Smuggling Advisory
support.konghq.com · 2026-06-13

### Vulnerability Overview - **CVE ID**: CVE-2026-6338 - **Vulnerability Name**: kong-enterprise-gateway: HTTP Request Smuggling - **Vulnerability Description**: This vulnerability affects Kong Gatewa…

Read more
Premium intel
CVSS 6.7
Lenovo ThinkPad/ThinkSystem BIOS Firmware Security Bulletin (CVE-2025-10237/10238)
support.lenovo.com · 2026-06-13

### Vulnerability Overview - **CVE Identifier**: CVE-2025-10237, CVE-2025-10238 - **Severity**: High - **Scope**: Industry-wide - **Abstract Description**: Arbitrary read or write operations are permi…

Read more
Premium intel
CVSS 8.8
Blocksy WordPress Theme meta-boxes.php Unvalidated Input Analysis
themes.trac.wordpress.org · 2026-06-13

### Vulnerability Overview The screenshot displays the source code for the `meta-boxes.php` file of the `blocksy` WordPress theme. A potential security vulnerability exists within the file, specifical…

Read more
Premium intel
CVSS 8.8
Blocksy WordPress Theme Product Variation Meta Data Vulnerability
themes.trac.wordpress.org · 2026-06-13

### Vulnerability Overview The webpage screenshot displays the code for a WordPress theme file named `meta-boxes.php` belonging to the `blocksy` theme. The code involves processing WooCommerce product…

Read more
Premium intel
CVSS 8.8
WordPress Blocksy Theme validator.php Security Check Bypass Logic Flaw Analysis
themes.trac.wordpress.org · 2026-06-13

### Vulnerability Overview This webpage screenshot displays the `validator.php` code file within the WordPress theme named `blocksy`. The file contains a function named `blocksy_is_value_suspicious`, …

Read more
Premium intel
CVSS 8.8
Blocksy Theme SearchReplacer Class Potential Security Risk and Mitigation Guide
themes.trac.wordpress.org · 2026-06-13

### Vulnerability Overview The web page screenshot displays a file named `db-search-replacer.php`, which is part of the `blocksy` theme. The file contains a class named `SearchReplacer`, designed to s…

Read more
Premium intel
CVSS 8.8
WordPress blocksy Theme XSS Vulnerability Analysis and Fix Guide
themes.trac.wordpress.org · 2026-06-13

### Vulnerability Overview This vulnerability affects the `admin/helpers/validator.php` file within the `blocksy` WordPress theme. The specific issue lies in the `blocksy_is_value_suspicious` function…

Read more
Premium intel
CVSS 8.8
Blocksy Theme RailPattern Arbitrary Callback RCE via Unserialization
themes.trac.wordpress.org · 2026-06-13

### Vulnerability Overview - **Vulnerable File**: `blocksy/2.1.35/inc/classes/rail.php` - **Vulnerability Type**: Property stylesheet set to `native` - **Description**: The property stylesheet in this…

Read more
Premium intel
CVSS 8.8
WordPress Blocksy SearchReplacer Recursive Logic Vulnerability Analysis
themes.trac.wordpress.org · 2026-06-13

### Vulnerability Overview The webpage screenshot displays a PHP class named `SearchReplacer`, which is used for database replacement operations during WordPress theme development. This class contains…

Read more
TYPO3 CMS Form Framework SQL Injection and Privilege Escalation Vulnerability (TYPO3-CORE-SA-2018-003)
typo3.org · 2026-06-13

### Vulnerability Overview **Vulnerability ID**: TYPO3-CORE-SA-2018-003 **Vulnerability Type**: Privilege Escalation & SQL Injection **Description**: The TYPO3 CMS Form Framework (system extension "fo…

Read more
TYPO3 html-sanitizer XSS Bypass Vulnerability Advisory
typo3.org · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: TYPO3-CORE-SA-2026-006: Bypassing Cross-Site Scripting Protection in HTML Sanitizer - **Publication Date**: June 9, 2026 - **Vulnerability Type**: …

Read more
TYPO3-CORE-SA-2026-008: Broken Access Control in Form Framework (CVE-2026-47346)
typo3.org · 2026-06-13

# TYPO3-CORE-SA-2026-008: Broken Access Control in Form Framework ## Vulnerability Overview - **Component Type**: TYPO3 CMS - **Sub-component**: Form Framework (ext:form) - **Publication Date**: June …

Read more
TYPO3 CMS Open Redirect Vulnerability Advisory (CVE-2026-47347)
typo3.org · 2026-06-13

# TYPO3-CORE-SA-2026-009: Open Redirect in TYPO3 CMS ## Vulnerability Overview - **Vulnerability Type**: Open Redirect - **Severity**: Medium - **Release Date**: June 9, 2026 - **Affected Component**:…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.