Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

Security Intel Hub 29457+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Premium intel
CVSS 8.8
WordPress Blocksy Theme validator.php Security Check Bypass Logic Flaw Analysis
themes.trac.wordpress.org · 2026-06-13

### Vulnerability Overview This webpage screenshot displays the `validator.php` code file within the WordPress theme named `blocksy`. The file contains a function named `blocksy_is_value_suspicious`, …

Read more
Premium intel
CVSS 8.8
Blocksy Theme SearchReplacer Class Potential Security Risk and Mitigation Guide
themes.trac.wordpress.org · 2026-06-13

### Vulnerability Overview The web page screenshot displays a file named `db-search-replacer.php`, which is part of the `blocksy` theme. The file contains a class named `SearchReplacer`, designed to s…

Read more
Premium intel
CVSS 8.8
WordPress blocksy Theme XSS Vulnerability Analysis and Fix Guide
themes.trac.wordpress.org · 2026-06-13

### Vulnerability Overview This vulnerability affects the `admin/helpers/validator.php` file within the `blocksy` WordPress theme. The specific issue lies in the `blocksy_is_value_suspicious` function…

Read more
Premium intel
CVSS 8.8
Blocksy Theme RailPattern Arbitrary Callback RCE via Unserialization
themes.trac.wordpress.org · 2026-06-13

### Vulnerability Overview - **Vulnerable File**: `blocksy/2.1.35/inc/classes/rail.php` - **Vulnerability Type**: Property stylesheet set to `native` - **Description**: The property stylesheet in this…

Read more
Premium intel
CVSS 8.8
WordPress Blocksy SearchReplacer Recursive Logic Vulnerability Analysis
themes.trac.wordpress.org · 2026-06-13

### Vulnerability Overview The webpage screenshot displays a PHP class named `SearchReplacer`, which is used for database replacement operations during WordPress theme development. This class contains…

Read more
TYPO3 CMS Form Framework SQL Injection and Privilege Escalation Vulnerability (TYPO3-CORE-SA-2018-003)
typo3.org · 2026-06-13

### Vulnerability Overview **Vulnerability ID**: TYPO3-CORE-SA-2018-003 **Vulnerability Type**: Privilege Escalation & SQL Injection **Description**: The TYPO3 CMS Form Framework (system extension "fo…

Read more
TYPO3 html-sanitizer XSS Bypass Vulnerability Advisory
typo3.org · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: TYPO3-CORE-SA-2026-006: Bypassing Cross-Site Scripting Protection in HTML Sanitizer - **Publication Date**: June 9, 2026 - **Vulnerability Type**: …

Read more
TYPO3-CORE-SA-2026-008: Broken Access Control in Form Framework (CVE-2026-47346)
typo3.org · 2026-06-13

# TYPO3-CORE-SA-2026-008: Broken Access Control in Form Framework ## Vulnerability Overview - **Component Type**: TYPO3 CMS - **Sub-component**: Form Framework (ext:form) - **Publication Date**: June …

Read more
TYPO3 CMS Open Redirect Vulnerability Advisory (CVE-2026-47347)
typo3.org · 2026-06-13

# TYPO3-CORE-SA-2026-009: Open Redirect in TYPO3 CMS ## Vulnerability Overview - **Vulnerability Type**: Open Redirect - **Severity**: Medium - **Release Date**: June 9, 2026 - **Affected Component**:…

Read more
TYPO3 Indexed Search XSS Vulnerability Advisory (CVE-2026-47348)
typo3.org · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: TYPO3-CORE-SA-2026-010: Cross-Site Scripting in Indexed Search - **Release Date**: June 9, 2026 - **Vulnerability Type**: Cross-Site Scripting (XSS…

Read more
TYPO3 Backend API Access Control Failure Vulnerability (CVE-2026-47352)
typo3.org · 2026-06-13

### Vulnerability Overview - **Vulnerability ID**: TYPO3-CORE-SA-2026-015 - **Vulnerability Type**: Broken Access Control in Backend API - **Publication Date**: June 9, 2026 - **Severity**: Medium - *…

Read more
TYPO3 Broken Access Control in File Abstraction Layer (CVE-2026-49738)
typo3.org · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: TYPO3-CORE-SA-2026-016: Broken Access Control in File Abstraction Layer - **Publication Date**: June 9, 2026 - **Vulnerability Type**: Broken Acces…

Read more
TYPO3 Broken Access Control in DataHandler Advisory (CVE-2026-47350)
typo3.org · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: TYPO3-CORE-SA-2026-012: Broken Access Control in DataHandler - **Release Date**: June 9, 2026 - **Vulnerability Type**: Broken Access Control - **S…

Read more
TYPO3 Insecure Deserialization Vulnerability Advisory (CVE-2026-49740)
typo3.org · 2026-06-13

### Vulnerability Overview **Vulnerability Name**: TYPO3-CORE-SA-2026-018: Insecure Deserialization in Core API **Release Date**: June 9, 2026 **Vulnerability Type**: Insecure Deserialization **Severi…

Read more
TYPO3 Form Framework Privilege Escalation & SQL Injection Vulnerability (CVE-2026-49741)
typo3.org · 2026-06-13

### Vulnerability Overview **Vulnerability Name**: TYPO3-CORE-SA-2026-017: Privilege Escalation & SQL Injection in Form Framework **Publication Date**: June 9, 2026 **Vulnerability Type**: Privilege E…

Read more
TYPO3 Clipboard Broken Access Control Vulnerability (CVE-2026-47351) Advisory
typo3.org · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: TYPO3-CORE-SA-2026-014: Broken Access Control in Clipboard - **Publication Date**: June 9, 2026 - **Vulnerability Type**: Broken Access Control - *…

Read more
TYPO3 Media Module Broken Access Control Vulnerability Advisory (CVE-2026-49742)
typo3.org · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: TYPO3-CORE-SA-2026-013: Broken Access Control in Media Module - **Publication Date**: June 9, 2026 - **Severity**: High - **CVSS Score**: 4.0 (AV:N…

Read more
TYPO3 Form Framework Broken Access Control Advisory (CVE-2026-11607)
typo3.org · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: TYPO3-CORE-SA-2026-019: Broken Access Control in Form Framework - **Publication Date**: June 9, 2026 - **Vulnerability Type**: Broken Access Contro…

Read more
CVSS 7.5
Fix for DoS vulnerability (infinite loop) in image-size ICONS parser
web.archive.org · 2026-06-13

### Vulnerability Overview - **Vulnerability Title**: security: fix potential Denial of Service due to infinite loop #439 - **Vulnerability Description**: This vulnerability may lead to a Denial of Se…

Read more
CleanTalk < 6.79 Unauthenticated Stored XSS via Comment Shortcode Bypass CVE-2026-8071
wpscan.com · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: Spam protection, Honeypot, Anti-Spam by CleanTalk key_is_ok` and only registers 1. Install and activate the `cleantalk-spam-protect` plugin v6.78. …

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.