Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 666— Search: RCE×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Filter
CVSS 6.3
Code Injection RCE in tailwind_config_gen.py _format_plugins
github.com · 2026-05-02

# Vulnerability Summary ## Overview - **Vulnerability Type**: Code Injection - RCE Vulnerability - **CVSS Score**: 9.3 (Critical) - **Report ID**: #246 - **Fix PR**: #275 ## Impact Scope - **Affected …

Read more
Premium intel
CVSS 9.8
ggml Library Arbitrary RCE Vulnerability Analysis: tensor->op Logic Flaw
github.com · 2026-04-02

Based on the webpage screenshots provided by the user, I have extracted the following key information regarding the vulnerability: 1. **Vulnerability Overview**: * This is an arbitrary RCE (Remote Cod…

Read more
CVSS 8.1
Keycloak CVE-2020-4030 UMA Policy Bypass Vulnerability Analysis
bugzilla.redhat.com · 2026-04-02

### **CVE-2020-4030 Vulnerability Summary** --- #### **1. Vulnerability Overview (漏洞概述)** - **Title:** CVE-2020-4030: UMA policy bypass allows

Read more
CVSS 4.2
Roundcube Password Plugin Type Juggling Vulnerability Fix
github.com · 2026-04-03

**1. Extracted Key Information:** - **Commit ID:** 6a27567 - **Title:** Fix bug where a password could get changed without providing the old password - **Description:** -

Read more
Salesforce Agentforce & Anypoint Code Builder Arbitrary Command Execution Leading to RCE (CVE-2025-10875, CVE-2025-64320
help.salesforce.com · 2025-11-05

## Vulnerability Key Information ### Vulnerability Description Salesforce Security has identified and resolved vulnerabilities in the "Agentforce Vibes extension" and "MuleSoft Anypoint Code Builder f…

Read more
CVSS 6.1
uBidAuction v2.0.1 Multiple Non-Persistent XSS Vulnerabilities with PoC
www.vulnerability-lab.com · 2026-05-10

# uBidAuction v2.0.1 多个非持久性 XSS 漏洞总结 ## 漏洞概述 * **漏洞名称**:uBidAuction v2.0.1 - Multiple XSS Web Vulnerabilities * **漏洞类型**:非持久性跨站脚本 (Non-Persistent XSS) * **CVSS 评分**:5.4 * **发现时间**:2022-01-21 * **漏洞详情*…

Read more
Apple macOS GeForce.kext Null Pointer Dereference Leading to Kernel RCE (CVE-2016-1846)
www.exploit-db.com · 2025-11-20

- **Title**: Apple Mac OS X Kernel - Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext - **EDB-ID**: 39920 - **CVE**: 2016-1846 - **Author**: Google Security Research - **Type…

Read more
OpenSourcePOS 3.4.1 CVE-2026-26746 LFI to RCE via Invoice Type
github.com · 2026-02-21

- **CVE ID**: CVE-2026-26746 - **Vulnerability Type**: Local File Inclusion (LFI) and Directory Traversal (CWE-22) - **Affected Product**: OpenSourcePOS - **Affected Version**: 3.4.1 - **Affected Comp…

Read more
Linux Kernel RCU Crash Fix: CONFIG_FORCE_NR_CPUS percpu access bug
git.kernel.org · 2024-11-11

From this webpage screenshot, we can extract the following key information about the vulnerability: 1. **Vulnerability Description**: - The vulnerability describes a scenario during kernel build where…

Read more
PHP-FPM Unix Socket Misconfiguration Leading to Info Disclosure/RCE
www.openwall.com · 2026-04-03

**Vulnerability Overview:** This vulnerability exists

Read more
Atlassian Sourcetree RCE Vulnerability (CVE-2024-21697) Advisory
jira.atlassian.com · 2024-11-24

### Key Information #### Vulnerability Description - **Type**: Public Security Vulnerability - **Priority**: High - **Affected Versions**: 4.2.8, 3.4.19 - **Component**: None - **Tags**: advisory, adv…

Read more
CVSS 6.3
SourceCodester Pet Grooming System v1.0 Authenticated File Upload to RCE
vuldb.com · 2025-09-09

### Critical Vulnerability Information #### Vulnerability Title SourceCodester Pet grooming management software 1.0 OS Command Injection #### Description - Title: [Authenticated File Upload → Remote C…

Read more
CVSS 6.3
itsourcecode E-Commerce Website V1.0 Unrestricted File Upload
vuldb.com · 2025-09-19

- **Title**: itsourcecode E-Commerce Website V1.0 Unrestricted Upload - **Description**: The 'products.php' script suffers from insufficient validation and filtering of uploaded files. An attacker can…

Read more
CVSS 6.3
Open Source Job Portal V1.0 File Upload Vulnerability and RCE POC
github.com · 2025-09-29

### Critical Vulnerability Information #### Affected Product - **Product Name**: Open Source Job Portal V1.0 - **Version**: V1.0 - **Affected File**: /jobportal/admin/user/controller.php?action=photos…

Read more
WooCommerce Return Refund and Exchange < 4.0.9 Unauthenticated Arbitrary File Upload to RCE (CVE-2022-4047)
wpscan.com · 2025-11-09

### Key Information - **Vulnerability Name**: Return Refund and Exchange For WooCommerce < 4.0.9 - Unauthenticated Arbitrary File Upload - **Vulnerability Description**: The plugin does not validate a…

Read more
CVSS 6.3
SourceCodester Prison Management System v1.0 Unrestricted File Upload RCE
vuldb.com · 2025-11-13

## Vulnerability Key Information **Title**: https://www.sourcecodester.com Prison Management System v1.0 remote command/code execute **Description**: A critical vulnerability has been discovered in th…

Read more
SourceCoders Online Shopping Portal 3.1 RCE via SQLi and Unrestricted File Upload (CVE-2023-38890)
tagmachan.com · 2025-12-09

### Key Information Summary #### Vulnerability Overview - **CVE ID**: CVE-2023-38890 - **Affected Version**: SourceCoders Online Shopping Portal 3.1 - **Vulnerability Type**: Remote Code Execution (RC…

Read more
CVE-2025-70457: Arbitrary File Upload in Sourcecodester Modern Image Gallery v1.0 Leading to RCE
github.com · 2026-01-27

## Vulnerability Key Information ### Vulnerability Name Arbitrary File Upload in Sourcecodester Modern Image Gallery v1.0 Leading to Remote Code Execution ### Vulnerability Severity - **Severity Level…

Read more
CVSS 7.8
WordPress WP E-Commerce Plugin Arbitrary File Upload Leading to RCE
github.com · 2026-04-02

### Vulnerability Summary **Overview** * **Vulnerability Type:** Arbitrary File Upload / Remote Code Execution (RCE) * **Affected Component:** WordPress plugin `wp-ecommerce` (specifically `wp-ecommer…

Read more
CVSS 7.3
Huatian Software InforCenter PLM Arbitrary File Upload leading to RCE
my.feishu.cn · 2026-04-02

### 漏洞关键信息总结 * **漏洞概述**:山东和泰软件有限公司(Shandong Hoteam Software Co., Ltd.)的产品存在任意文件上传漏洞,可导致远程代码执行(RCE)。 * **影响范围**:Huatan Software InforCenter PLM BaseHandle(华天软件 InforCenter PLM BaseHandle)。 * **修复方案**:截…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.