Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 24696+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
LibreNMS CVE-2024-51502 Authenticated OS Command Injection Analysis
github.com · 2026-05-08

# [Critical] - Authenticated OS Command Injection ## Vulnerability Overview This is a critical vulnerability (CVE-2024-51502) present in **LibreNMS**. An attacker can construct malicious configuration…

Read more
LibreNMS Authenticated RCE Vulnerability (CVE-2024-51092) Analysis
raw.githubusercontent.com · 2026-05-08

# LibreNMS Authentication-Based Remote Code Execution Vulnerability (CVE-2024-51092) Summary ## Vulnerability Overview LibreNMS contains two defects: 1. It allows attackers to create dangerous directo…

Read more
BYOB Unauthenticated RCE via Arbitrary File Write and Command Injection (CVE-2024-45256, CVE-2024-45257)
raw.githubusercontent.com · 2026-05-08

# Summary of Unauthenticated Remote Code Execution Vulnerability in BYOB ## Vulnerability Overview The BYOB (Build Your Own Botnet) Web GUI contains two unauthenticated vulnerabilities: 1. **CVE-2024-…

Read more
MikroTik RouterOS SMB DoS Vulnerability (CVE-2024-27686) with POC
github.com · 2026-05-08

### Vulnerability Overview **CVE-2024-27686: RouterOS-SMB-DOS-POC** This vulnerability is a Denial of Service (DoS) condition in the SMB service of RouterOS. An attacker can cause the service to crash…

Read more
MikroTik RouterOS SMB Service DoS Vulnerability (CVE-2024-27686) and POC
www.exploit-db.com · 2026-05-08

# Vulnerability Summary: RouterOS SMB Service Denial of Service Vulnerability ## Vulnerability Overview * **Vulnerability Name**: RouterOS SMB Service Denial of Service (CVE-2024-27686) * **Vulnerabil…

Read more
SOPlanning 1.52.00 Reflected XSS and SQL Injection Vulnerabilities (CVE-2024-33724/33722) with PoC
github.com · 2026-05-08

# SOPlanning 1.52.00 Vulnerability Summary ## Vulnerability Overview SOPlanning 1.52.00 contains two critical security vulnerabilities: 1. **Reflected Cross-Site Scripting (XSS)** - Triggered via the …

Read more
Prison Management System SQL Injection Authentication Bypass (CVE-2024-33288)
www.exploit-db.com · 2026-05-08

# SQL Injection Authentication Bypass Vulnerability in Prison Management System ## Vulnerability Overview - **EDB-ID**: EDB-2017 - **Author**: Sanjay Singh - **Publication Date**: 2024-05-13 - **Platf…

Read more
OpenCMS XXE Vulnerability Analysis (CVE-2023-42344 et al.)
labs.watchtowr.com · 2026-05-08

# OpenCMS XXE Vulnerability Summary ## Vulnerability Overview * **Vulnerability Name**: XXE, You Can Depend On Me (OpenCMS CVE-2023-42344 and Friends) * **CVE Numbers**: CVE-2023-42344, CVE-2023-42343…

Read more
CVE-2025-42278: UltraDAG Smart Account Spending Policy Bypass via Pockets
github.com · 2026-05-08

# Vulnerability Summary: Smart Account Spending Policy Bypass via Pockets ## Overview **Title**: Smart Account Spending Policy Bypass via Pockets **Severity**: Critical **CVE ID**: CVE-2025-42278 **De…

Read more
UltraDAG smart_account Policy Bypass Vulnerability Analysis
github.com · 2026-05-08

# Vulnerability Summary ## Overview A policy execution vulnerability exists in the `smart_account` module of UltraDAG. When initiating a transfer via a pocket (pocket account), if the `SmartAccountCon…

Read more
CVSS 4.3
IDOR in /chat/stop-chat-session allows authenticated users to interrupt other users' LLM sessions
github.com · 2026-05-08

### Vulnerability Overview **Vulnerability Name**: IDOR in /chat/stop-chat-session allows any authenticated user to interrupt other users' chat sessions **Description**: - This vulnerability exists in…

Read more
CVSS 5.8
GitLab TimeEntry Unauthorized Update Fix Analysis
github.com · 2026-05-08

### Vulnerability Overview This vulnerability involves the `TimeEntry` update process. Updates should be denied if the user does not belong to the organization associated with the `TimeEntry`. However…

Read more
CVSS 6.5
IDOR in /chat/file/{file_id} allows authenticated users to download other users' files
github.com · 2026-05-08

### Vulnerability Overview **Vulnerability Name**: IDOR in `/chat/file/{file_id}` allows any authenticated user to download other users' files **Vulnerability Description**: - The vulnerability exists…

Read more
CVSS 5.8
GitLab Time Entry Cross-Organization Modification Vulnerability (v0.12.0)
github.com · 2026-05-08

# Vulnerability Summary ## Vulnerability Overview - **Vulnerability Title**: Time entry update endpoint allows cross-organization modification of a known time-entry UUID - **Vulnerability Description*…

Read more
Premium intel
CVSS 8.8
TOTOLINK X5000R Router Buffer Overflow Vulnerability Analysis
github.com · 2026-05-08

# TOTOLINK Router X5000R V9.1.0u.6369_B20230113 缓冲区溢出漏洞 (#4) ## 漏洞概述 在 TOTOLINK 路由器固件的 `/boafrm/formDdns` 接口中发现了一个严重的缓冲区溢出漏洞。该漏洞位于 `sub_456E49` 函数中,该函数使用 `strcpy` 函数处理用户请求中的 `submit-url` 参数。由于缺乏适当的边界检…

Read more
Premium intel
CVSS 8.8
Tenda CX12L Router Buffer Overflow in SetPptpServerCfg Interface Analysis
github.com · 2026-05-08

# Tenda Router CX12L V16.03.53.12 Buffer Overflow Vulnerability Summary ## Vulnerability Overview * **Vulnerability Type**: Buffer Overflow * **Affected Product**: Tenda Router Latest Version CX12L V1…

Read more
Avast/AVG aswRPot.sys Privilege Escalation Vulnerabilities (CVE-2022-26522/26523) with POC
www.sentinelone.com · 2026-05-08

# SentinelLabs Summary Report on Vulnerabilities in Avast and AVG Security Software ## Vulnerability Overview SentinelLabs discovered two high-severity vulnerabilities in the `aswRPot.sys` security dr…

Read more
Nokia BMC Log Scanner Remote Code Execution (CVE-2022-45899)
www.exploit-db.com · 2026-05-08

# Nokia BMC Log Scanner - Remote Code Execution ## Vulnerability Overview Nokia BMC Log Scanner is a web application that allows users to scan BMC logs via a web interface. The application contains a …

Read more
Thruk Monitoring XSS Vulnerability (CVE-2022-23961) with PoC
herolab.usd.de · 2026-05-08

# Vulnerability Summary: Thruk Monitoring XSS Vulnerability ## Vulnerability Overview - **Vulnerability ID**: usd-2021-0034 (CVE-2022-23961) - **Vulnerability Type**: Cross-Site Scripting (XSS) - **Se…

Read more
Premium intel
CVSS 8.8
Hardcoded Code Execution Sandbox Refactoring and Security Audit Logging Enhancement
github.com · 2026-05-08

# Vulnerability Summary ## Overview This commit fixes a **Hardcoded Execution Sandbox** security vulnerability. - **Issue Description**: The original code execution feature (`execute_code`) directly u…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.