Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

Security Intel Hub 29259+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
CVSS 9.3
Aqara Cloud OAuth Redirect URI Bypass Vulnerability (CVE-2026-50090)
www.runzero.com · 2026-06-13

### Vulnerability Overview The Aqara OAuth redirect_uri validation bypass vulnerability (CVE-2026-50090) exists in the Aqara Cloud OAuth authorization endpoint (`open-cn.aqara.com/oauth/authorize`). T…

Read more
CVSS 6.1
Aqara IAM/SSO Gateway Open Redirect Vulnerability (CVE-2026-50089)
www.runzero.com · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: Aqara IAM/SSO Gateway open redirect - **CVE ID**: CVE-2026-50089 - **CVSS Score**: 3.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) - **Vulnerability Type…

Read more
Premium intel
CVSS 8.2
Aqara Developer Portal CORS Misconfiguration Leading to Information Disclosure
www.runzero.com · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: Aqara Developer Portal Cross-Origin Resource Sharing - **CVE ID**: CVE-2026-50088 - **CVSS Score**: 8.2 (High) - **Vulnerability Type**: Cross-Orig…

Read more
CVSS 7.2
Supermicro BMC Command Injection Vulnerability Advisory (CVE-2026-3820)
www.supermicro.com · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: CVE-2026-3820 - **Severity**: High - **Vulnerability Type**: Command Injection - **Description**: An attacker may gain administrator privileges and…

Read more
Premium intel
CVSS 7.5KEV
Java Base64 Decode DoS Vulnerability with POC and Mitigation
www.solarwinds.com · 2026-06-13

# Vulnerability Overview This vulnerability exists in the `com.sun.org.apache.xerces.internal.impl.dv.util.Base64` class, which is used for Base64 encoding and decoding. Attackers can trigger an `Arra…

Read more
TP-Link Tapo C110 Firmware Security Update Advisory
www.tp-link.com · 2026-06-13

### Vulnerability Overview The provided webpage screenshot does not explicitly mention specific vulnerability details. However, it lists update records for multiple firmware versions, which include en…

Read more
TP-Link Archer AX73 V2 Firmware Update: Access Control Bypass and Security Fixes
www.tp-link.com · 2026-06-13

### Vulnerability Overview Multiple security vulnerabilities exist in the firmware of the TP-Link Archer AX73 V2, including scenarios where the access control whitelist feature fails to function corre…

Read more
TP-Link Tapo C110EU V2 Firmware Security Advisories: Privacy, Network, and Control Vulnerabilities
www.tp-link.com · 2026-06-13

Based on the provided webpage screenshot, here is a summary of the key information regarding the vulnerability: ### Vulnerability Overview - **Vulnerability Name**: Multiple security issues in Tapo C1…

Read more
TP-Link Tapo C520WS RTSP Input Handling DoS Vulnerability Advisory (CVE-2026-8714)
www.tp-link.com · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: Denial-of-Service Vulnerability in RTSP Input Handling on Tapo C520WS - **CVE ID**: CVE-2026-8714 - **CVSS Score**: 7.1 / High - **Description**: T…

Read more
TP-Link Archer AX73 V2 Firmware Security Advisory
www.tp-link.com · 2026-06-13

### Vulnerability Overview Multiple security vulnerabilities exist in the firmware of the TP-Link Archer AX73 V2, including issues where the access control whitelist feature fails to function correctl…

Read more
TP-Link Tapo C520WS ONVIF Stack Overflow & Auth Bypass Vulnerabilities (CVE-2026-6239 to 6242)
www.tp-link.com · 2026-06-13

### Vulnerability Overview The TP-Link Tapo C520WS camera contains several security vulnerabilities, specifically: 1. **CVE-2026-6239**: Stack buffer overflow vulnerability in the ONVIF `CreateUsers` …

Read more
TP-Link Routers Command Injection Vulnerability Advisory (CVE-2026-3151)
www.tp-link.com · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: Security Advisory: Command Injection Vulnerability in OpenVPN on Multiple TP-Link Routers (CVE-2026-3151) - **Vulnerability Description**: This vul…

Read more
CVSS 6.5
TWCERT Advisory: Heptabase CVE-2026-12060 Exposed Dangerous Method Vulnerability
www.twcert.org.tw · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: Hepta Platforms | Heptabase - Exposed Dangerous Method or Function - **Vulnerability ID**: TVN-202606003 - **CVE ID**: CVE-2026-12060 - **CVSS Scor…

Read more
CVSS 8.1
iVEC TANK-XM811 Multiple Vulnerabilities: RCE, Arbitrary File Deletion, CVE-2026-11844-11847
www.twcert.org.tw · 2026-06-13

### Vulnerability Overview - **TVN ID**: TVN-202606004 - **CVE ID**: CVE-2026-11844, CVE-2026-11845, CVE-2026-11846, CVE-2026-11847 - **CVSS Score**: - [CVE-2026-11844] 4.9 (Medium) CVSS:3.1/AV:N/AC:L…

Read more
CVSS 5.3
CVE-2026-10597: OMICARD EDM Insecure Direct Object Reference
www.twcert.org.tw · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: OMICARD EDM - Insecure Direct Object Reference - **Vulnerability ID**: TVN-202606001 - **CVE ID**: CVE-2026-10597 - **CVSS Score**: 5.3 (Medium) - …

Read more
CVSS 8.1
TWCERT Advisory: IEI iVEC Virtualization Edge Computer 4 Vulnerabilities (CVE-2026-11844/45/46/47)
www.twcert.org.tw · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: IEI威強電工業電腦 | iVEC-IEI Virtualization Edge Computer - 4 Vulnerabilities Present - **Vulnerability ID**: TVN-20260604 - **CVE ID**: CVE-2026-11844, C…

Read more
Premium intel
CVSS 9.8
IEI iRM Remote Management Vulnerabilities: Missing Auth & Hardcoded Creds (CVE-2026-11848/11849)
www.twcert.org.tw · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: IEI威強電工業電腦 | iRM-IEI Remote Management - 2 Vulnerabilities Found - **Release Date**: 2026-06-12 - **Vulnerability IDs**: - CVE-2026-11848 - CVE-202…

Read more
CVSS 8.2
All in One Video Downloader 1.2 Pre-Auth SQL Injection (CVE-2019-25726)
www.vulncheck.com · 2026-06-13

# All in One Video Downloader 1.2 SQL Injection via admin page-edit ## Vulnerability Overview All in One Video Downloader 1.2 contains an SQL injection vulnerability that allows unauthenticated attack…

Read more
CVSS 7.5
Capgo <12.128.2 Denial of Service via Unverified Email Registration and Deletion
www.vulncheck.com · 2026-06-13

# Capgo = 0, < 12.128.2 - **CVE**: CVE-2026-53868 - **CWE**: CWE-306 Missing Authentication for Critical Function - **CVSS**: 8.7 - **CVSS V4 Vector**: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/SC:N…

Read more
CVSS 5.3
CVE-2026-49949: CodexBar Credential Leakage via HTTP Redirect
www.vulncheck.com · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: Credential Leakage in CodexBar < 0.33.0 via HTTP Redirect - **CVE ID**: CVE-2026-49949 - **CWE ID**: CWE-522 Insufficient Protection of Credentials…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.