Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 354— Search: GHSA×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Filter
Release v3.6.14 · traefik/traefik · GitHub
github.com · 2026-05-01

# Traefik v3.6.14 Vulnerability Remediation Summary ## Vulnerability Overview Traefik version v3.6.14 addresses multiple security vulnerabilities, primarily those associated with CVE identifiers. ## A…

Read more
CVE-2020-36439: ticketed_lock Data Race Vulnerability
rustsec.org · 2025-11-20

### Key Information - **ID**: RUSTSEC-2020-0119 - **CVE**: CVE-2020-36439 - **GHSA**: GHSA-77m6-x95j-75r5, GHSA-gq4h-f254-7cw9 - **Package**: ticketed_lock - **Type**: Vulnerability - **Categories**: …

Read more
CVSS 7.2
Shopware Improper Control of Code Generation in Twig Views (CVE-2026-23498)
github.com · 2026-01-20

### Vulnerability Overview **Summary**: Improper Control of Generation of Code in Twig rendered views **Publisher**: mkraeml **Published**: 5 days ago **GHS Number**: GHSA-7cw6-7h3h-v8pf **CVE Number*…

Read more
Zebra/zcashd CVE-2026-44497 Consensus Split Vulnerability and POC
github.com · 2026-05-09

# Vulnerability Summary: Consensus Divergence in Transparent Sighash Hash-Type Handling due to Stale Buffer ## Vulnerability Overview - **CVE ID**: CVE-2026-44497 - **Severity**: Critical (9.3 / 10) -…

Read more
eyelessgoddd/README.md at main · eyelessgoddd/eyelessgoddd · GitHub
github.com · 2026-05-05

# Vulnerability Disclosure Summary ## Vulnerability Overview This page is the GitHub profile of security researcher `eyelessg0d`, which contains a vulnerability disclosure record named `disclosures.lo…

Read more
Premium intel
CVSS 7.5
Manyfold CVE-2026-27635 OS Command Injection via ZIP Filename RCE
github.com · 2026-02-26

### Critical Vulnerability Information #### Vulnerability Overview - **Name**: OS command injection via ZIP filename in f3d render - **CVE ID**: CVE-2026-27635 - **GHSA ID**: GHSA-p589-cf26-v7h2 - **S…

Read more
CVSS 8.6
pdfminer fix arbitrary code execution and directory traversal in font loading
github.com · 2025-11-11

From this webpage screenshot, the following key vulnerability information can be obtained: - **Fixes Applied**: - Fixed a remote code execution vulnerability when loading pickle font files. - Resolved…

Read more
CVSS 8.5
AWS EMR Secret Agent Privilege Escalation via Keytab File (CVE-2025-8904)
github.com · 2025-09-20

### Critical Vulnerability Information - **CVE ID**: CVE-2025-8904 - **GHSA ID**: GHSA-hf6h-76fm-735v - **Severity**: Critical (9.0/10) - **CVSS v4 Base Metrics**: - Attack Vector: Network - Attack Co…

Read more
Unsafe array index getter in mathjs · Advisory · josdejong/mathjs · GitHub
github.com · 2026-05-07

# Vulnerability Overview - **Vulnerability Name**: Unsafe array index getter in mathjs - **Vulnerability ID**: GHSA-5v89-rwgr-qj6g - **Severity**: High (8.8 / 10) - **CVSS v3 Base Metrics**: - Attack …

Read more
Premium intel
CVSS 8.1
Keycloak Low Privilege User Privilege Escalation via Admin API (CVE-2024-3656)
github.com · 2024-10-12

### Key Information #### Vulnerability Description - **Vulnerability Name**: Keycloak's admin API allows low privilege users to use administrative functions - **Severity**: High - **Affected Versions*…

Read more
MathLive CVE-2025-29049 XSS Vulnerability via \htmlData
github.com · 2025-04-09

### Key Information #### Vulnerability Overview - **CVE ID**: CVE-2025-29049 - **GHSA ID**: GHSA-qwj6-q94f-8425 - **Severity**: Medium (CVSS v3: 6.3/10) - **Affected Versions**: <img/onerror=alert(1) …

Read more
gorilla/csrf CSRF Bypass Vulnerability (CVE-2025-24358) Analysis
github.com · 2025-05-14

### Critical Vulnerability Information #### Vulnerability Overview - **CVE ID**: CVE-2025-24358 - **GHSA ID**: GHSA-rq77-p4h8-4crw - **Severity**: Medium (5.4/10) - **Affected Versions**: < 1.7.3 - **…

Read more
Premium intel
CVSS 9.9
GeoTools XXE Vulnerability (CVE-2025-30220) in XSD Schema Handling
github.com · 2025-06-11

### Key Information #### Vulnerability Name XML External Entity (XXE) Processing Vulnerability in XSD schema handling #### Severity - **CVSS v3 Base Score**: 9.9 / 10 - **Attack Vector**: Network - **…

Read more
CVSS 2.9
Sequoia PGP buffered-reader Out-of-Bounds Array Access DoS Vulnerability (CVE-2023-53161)
github.com · 2025-07-30

### Critical Vulnerability Information - **Vulnerability Name**: buffered-reader vulnerable to out-of-bounds array access leading to panic - **CVE ID**: CVE-2023-53161 - **GHSA ID**: GHSA-29mf-62xx-28…

Read more
CVSS 2.9
Sequoia-PGP CVE-2023-53160 Out-of-bounds Read DoS Vulnerability
github.com · 2025-07-30

### Critical Vulnerability Information #### Vulnerability Overview - **Vulnerability Name**: sequoia-openpgp vulnerable to out-of-bounds array access leading to panic - **CVE ID**: CVE-2023-53160 - **…

Read more
CVSS 7.0
runc CVE-2025-54867: Symlink bypass allows host rootfs access
github.com · 2025-08-15

### Critical Vulnerability Information #### Vulnerability Description - **Title**: If `/proc` and `/sys` in the root filesystem are symbolic links, they may be exploited to gain access to the host's r…

Read more
CVSS 3.5
OpenProject Stored HTML Injection and Repository Changes RCE via Git Argument Injection
github.com · 2026-02-07

### Critical Vulnerability Information #### Security Fixes - **GHSA-q523-c695-h3hp - Stored HTML Injection in Time Tracking** - OpenProject version 17.0.2 contains an HTML injection vulnerability in i…

Read more
Fiber v2 UUID Predictable on crypto/rand Failure (CVE-2025-66630)
github.com · 2026-02-10

## Vulnerability Overview - **Title**: Utils generate a predictable / zero-UUID on crypto/rand failure - **Severity**: Critical - **CVE ID**: CVE-2025-66630 - **GHSA ID**: GHSA-68rr-p4fp-j59v ## Affec…

Read more
Premium intel
CVSS 9.9
Rancher local-path-provisioner Path Traversal Vulnerability (CVE-2025-62878)
github.com · 2026-02-25

### Key Information Summary #### Vulnerability Overview - **CVE ID**: CVE-2025-62878 - **GHSA ID**: GHSA-jr3w-9vfr-c746 - **Vulnerability Type**: Path Traversal - **Severity**: Critical (CVSS v3 score…

Read more
APTRS Privilege Escalation Vulnerability Fix (CVE-2026-34406)
github.com · 2026-04-02

### Vulnerability Key Information Summary * **Vulnerability Overview**: A critical privilege escalation vulnerability exists in the APTRS project. * **Affected Scope**: The APTRS project (referenced a…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.