Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 48+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
Unknown
Python tarfile GNU Long Filename Directory Type Misidentification
github.com · 2026-05-02

### Vulnerability Overview - **Vulnerability ID**: gh-141707 - **Description**: The normalization of `TarInfo` `DIRTYPE` is skipped when processing GNU long filenames. Specifically, when a filename en…

Read more
Unknown
Python CVE-2020-2297: SourcelessFileLoader io.open_code Fix
CVE-2020-2297 · github.com · 2026-05-02
Python < 3.11
Read more
Medium
Python tarfile GNU Long Name Type Misclassification Fix
CVE-2025-0000 · github.com · 2026-05-02
Python 3.10
Read more
High
Python shutil.unpack_archive ZIP Path Traversal Vulnerability Analysis
github.com · 2026-04-30
Python standard library shutil module
Read more
Medium
Python http.cookies BaseCookie.js_output Cookie Injection Fix
GHSA-gh-90309 · github.com · 2026-04-30
Python http.cookies module (BaseCookie.js_output method)
Read more
High
Python shutil.unpack_archive ZIP Path Traversal Vulnerability and Fix
GHSA-146581 · github.com · 2026-04-30
Python 3.14 and earlier
Read more
High
Python shutil.unpack_archive ZIP Path Traversal Vulnerability Fix Analysis
GHSA-gh-146581 · github.com · 2026-04-30
Python 3.13
Read more
Medium
Python Lib/http/cookies.py BaseCookie.js_output Unencoded Cookie Value Leading to JS Injection Fix
CVE-2025-42304 · github.com · 2026-04-30
Python 3.12 < 3.12.9 · Python 3.13 < 3.13.2
Read more
High
Python webbrowser Module URL Bypass Vulnerability Fix Analysis (GH-148169)
GH-148169 · github.com · 2026-04-30
Python
Read more
Medium
Python webbrowser Tab substitution bypass vulnerability (GH-148170) and fix
github.com · 2026-04-30

# Vulnerability Summary ## Overview - **Vulnerability ID**: GH-148170 - **Vulnerability Type**: Browser Tab Substitution Bypass - **Description**: In the `webbrowser` module, URLs prefixed with the `n…

Read more
High
Python shutil.unpack_archive ZIP Path Traversal Fix
gh-146581 · github.com · 2026-04-28
Python 3.10 · Python 3.11 …
Read more
High
Python shutil.unpack_archive() Path Traversal on Windows
github.com · 2026-04-28
Python 3.14 · Python 3.13 …
Read more
Medium
Python http.cookies SimpleCookie.js_output HTML Injection Vulnerability Analysis
gh-90309 · github.com · 2026-04-23
http.cookies SimpleCookie.js_output
Read more
Medium
Python http.cookies Cookie Injection via Unencoded JS Embedding
gh-90309 · github.com · 2026-04-23
Python http.cookies module
Read more
Medium
Python CPython asyncio.sock_recv_into buffer boundary check fix
github.com · 2026-04-22
Python CPython (asyncio module, asyncio.ProactorEventLoop)
Read more
High
Python asyncio sock_recv_into Buffer Overflow Fix (GH-148809)
GH-148809 · github.com · 2026-04-22
Python 3.14
Read more
High
Python http.client HTTP Tunnel Header Injection Fix
GHSA-gh-146211 · github.com · 2026-04-22
Python http.client module
Read more
High
Python asyncio AbstractEventLoop.sock_recvfrom_into buffer length check missing vulnerability
github.com · 2026-04-22
Python CPython main branch
Read more
Unknown
Python CPython Remote Debugging Offset Table Validation Fix
github.com · 2026-04-18

### Vulnerability Overview This vulnerability involves the remote debug offset tables in the Python CPython project, which do not perform strict validation when processing data from the target process…

Read more
High
Python bz2/lzma/zlib Decompressor UAF Vulnerability Fix Analysis
CVE-2024-6345 · github.com · 2026-04-18
Python 3.13 before 3.13.1 · Python 3.12 before 3.12.8 …
Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.