Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

Security Intel Hub 29196+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Premium intel
CVSS 9.8
WordPress Travelscape v1.0.3 Arbitrary File Upload POC
www.exploit-db.com · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: Wordpress Theme Travelscape v1.0.3 - Arbitrary File Upload - **EDB-ID**: 51969 - **Author**: Milad Karimi - **Type**: WEBAPPS - **Platform**: PHP -…

Read more
ChromaDB Cross-Tenant IDOR via Collection Lookup UUID
www.hiddenlayer.com · 2026-06-13

# Insecure Direct Object Reference (IDOR) in Collection Lookup Leading to Cross-Tenant Data Access ## Vulnerability Overview Any authenticated user possessing a valid Collection UUID can read, write, …

Read more
Premium intel
CVSS 9.8
Netman 204 RCE and Hardcoded Credential Vulnerability Analysis
www.exploit-db.com · 2026-06-13

### Vulnerability Overview The Netman 204 suffers from a remote command execution vulnerability. Attackers can execute remote commands via specific URL paths without requiring authentication. ### Impa…

Read more
ChromaDB SimpleRBACAuthorizationProvider Authorization Bypass via Resource Context Ignored
www.hiddenlayer.com · 2026-06-13

# RBAC Authorization Bypass: Resource Context Ignored ## Vulnerability Overview ChromaDB's `SimpleRBACAuthorizationProvider`, the only built-in RBAC provider and the one used in the official documenta…

Read more
ChromaDB Multi-tenant IDOR via UUID Bypass (CVE-2026-45830) with PoC
www.hiddenlayer.com · 2026-06-13

### Vulnerability Overview - **CVE ID**: CVE-2026-45830 - **CVSS Score**: 8.8 - **CWE Classification**: CWE-639 - Authorization Bypass Through User-Controlled Key - **Vulnerability Description**: This…

Read more
ChromaDB V1 API Tenant/Database Authorization Bypass (CVE-2026-45832)
www.hiddenlayer.com · 2026-06-13

### Vulnerability Overview - **CVE ID**: CVE-2026-45832 - **CVSS Score**: 8.8 - **CWE Classification**: CWE-639: Authorization Bypass Through User-Controlled Key ### Affected Products - **Affected Pro…

Read more
ChromaDB Embedding Function RCE via Trust Remote Code (CVE-2026-45833)
www.hiddenlayer.com · 2026-06-13

### Vulnerability Overview - **CVE ID**: CVE-2026-45833 - **CVSS Score**: 9.4 - **CWE Classification**: CWE-94: Improper Control of Generation of Code (Code Injection) - **Vulnerability Description**:…

Read more
Nemon Trade Energy Pre-Auth SQL Injection Vulnerability (CVE-2026-10731) Advisory
www.incibe.es · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: SQL injection in Nemon products - **Publication Date**: 08/06/2026 - **Identifier**: INCIBE-2026-402 - **Severity**: 5 - Critical - **Description**…

Read more
Jenkins Security Bulletin: RCE, XSS, Auth Bypass & Multiple CVEs (2026-06-10)
www.jenkins.io · 2026-06-13

### Jenkins Security Advisory 2026-06-10 #### Vulnerability Overview 1. **Deserialization Vulnerability** - **Security ID**: SECURITY-3707 / CVE-2026-53435 - **Severity**: High - **Description**: Jenk…

Read more
Jenkins Security Advisory: Deserialization RCE, Stored XSS, and Permission Bypass CVEs
www.jenkins.io · 2026-06-13

### Jenkins Security Advisory 2026-06-10 #### Vulnerability Summary 1. **Deserialization Vulnerability** - **CVE**: CVE-2026-53435 - **Severity**: High - **Description**: Jenkins uses serialization an…

Read more
Jenkins Security Advisory: RCE, Open Redirect, XSS Fixes (CVE-2026-53435 et al.)
www.jenkins.io · 2026-06-13

### Jenkins Security Advisory 2026-06-10 #### Vulnerability Overview 1. **Deserialization Vulnerability** - **CVE**: CVE-2026-53435 - **Severity**: High - **Description**: Jenkins uses serialization a…

Read more
Jenkins Security Bulletin: Deserialization, XSS, Auth Bypass (CVE-2026-53435) Patch Guide
www.jenkins.io · 2026-06-13

### Jenkins Security Advisory 2026-06-10 #### Vulnerability Overview 1. **Deserialization Vulnerability** - **CVE**: CVE-2026-53435 - **Severity**: High - **Description**: Jenkins uses serialization a…

Read more
Jenkins Security Advisory: Multiple Vulnerabilities Including RCE via Deserialization, Stored XSS, and Privilege Escalat
www.jenkins.io · 2026-06-13

### Jenkins Security Advisory 2026-06-10 #### Vulnerability Overview 1. **Deserialization Vulnerability** - **CVE**: CVE-2026-53435 - **Severity**: High - **Description**: Jenkins uses serialization a…

Read more
Jenkins Security Advisory: RCE, Stored XSS, and IDOR Fixes (CVE-2026-53435 et al.)
www.jenkins.io · 2026-06-13

### Jenkins Security Advisory 2026-06-10 #### Vulnerability Overview 1. **Deserialization Vulnerability** - **CVE**: CVE-2026-53435 - **Severity**: High - **Description**: Jenkins uses serialization a…

Read more
Jenkins Security Bulletin: Deserialization RCE, Stored XSS, Multiple CVEs and Patches
www.jenkins.io · 2026-06-13

### Jenkins Security Bulletin 2026-06-10 #### Vulnerability Overview 1. **Deserialization Vulnerability** - **CVE**: CVE-2026-53435 - **Severity**: High - **Description**: Jenkins uses serialization a…

Read more
Malwarebytes Nebula CVE-2023-43686 DoS Vulnerability Advisory
www.malwarebytes.com · 2026-06-13

# CVE-2023-43686 – Malwarebytes, Nebula – Improper Handling of Exceptional Condition ## Vulnerability Overview A vulnerability was identified in Malwarebytes 4.x and 5.x (as well as Nebula versions fr…

Read more
Malwarebytes & Nebula Heap Buffer Overflow Vulnerability (CVE-2023-43688) Advisory
www.malwarebytes.com · 2026-06-13

# CVE-2023-43688 – Malwarebytes, Nebula – Buffer overflow ## Vulnerability Overview An issue was identified in Malwarebytes 4.x and 5.x (as well as Nebula versions from 2020-10-21 onwards). A heap buf…

Read more
CVSS 5.3
D-link DCS-5615 Firmware Misconfiguration Leading to Privilege Escalation Analysis
www.notion.so · 2026-06-13

# D-link DCS-5615_REV_1.01.00 Vulnerability Summary ## Vulnerability Overview In D-link DCS-5615 firmware version 1.01.00, there is a misconfiguration vulnerability. The device sets the `user` and `gr…

Read more
CVSS 5.3
TOTOLINK EX200 Config Error Leads to Full Device Control
www.notion.so · 2026-06-13

### Vulnerability Overview A configuration error vulnerability exists in TOTOLINK EX200 V4.0.3c.7646_B20201211. This vulnerability allows attackers to gain full control over the device by modifying th…

Read more
CVSS 3.7
D-link DGS-1100-08PD Misconfiguration Vulnerability Grants Root Access via Web Interface
www.notion.so · 2026-06-13

# D-Link DGS-1100-08PD v1.00.006 Vulnerability Summary ## Overview A structural configuration vulnerability exists in D-Link DGS-1100-08PD v1.00.006. The device incorrectly sets the `box` and `group` …

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.