Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 666— Search: RCE×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Filter
CVSS 5.3
WooCommerce Checkout Manager Unauth File Delete & Upload Vulnerability Analysis
plugins.trac.wordpress.org · 2026-02-21

### Critical Vulnerability Information - **Plugin**: WooCommerce Checkout Manager - **Version**: 7.8.0 - **File**: class-upload.php - **Last Change**: Revision 3095974, 21 months ago - **Update**: Fro…

Read more
CVSS 6.4
Code Audit: LFI, SQLi, Reflected XSS, RCE, and IDOR Vulnerabilities in WordPress Plugin
plugins.trac.wordpress.org · 2026-02-21

### Critical Vulnerability Information #### 1. **Local File Inclusion (LFI)** - **Code Snippet**: ```php $template = new Template($atts['template']); $content = $template->readFile($template_file); ec…

Read more
CVSS 6.4
Security Update: Removal of eval() to Mitigate Potential RCE
plugins.trac.wordpress.org · 2026-02-21

### Key Information - **Version Update**: - Version updated from `v251005` to `v260101`. - Test version updated from `6.9-alpha-6900` to `7.0-alpha-61413`. - **Security Updates**: - Removed usage of `…

Read more
WorkTime v118.8 Vulnerability Advisory: RCE, SQLi, LPE, XSS, DoS (CVE-2025-15559 to 15563)
r.sec-consult.com · 2026-02-21

### Critical Vulnerability Information #### Vulnerability Overview 1. **Unauthenticated OS Command Injection (CVE-2025-15559)** - An unauthenticated attacker can inject OS commands when calling server…

Read more
CVSS 6.5
Tanium Enforce Recovery Key Portal Insecure File Permissions Vulnerability (CVE-2026-1344)
security.tanium.com · 2026-02-21

## Critical Vulnerability Information * **CVE Number**: CVE-2026-1344 * **Tanium Number**: TAN-2026-003 * **Release Date**: February 17, 2026 * **Vulnerability Description**: Tanium discovered an inse…

Read more
Grandstream GXP VoIP Phones Multiple CVE Advisories (RCE/Stack Overflow/Privilege Escalation)
psirt.grandstream.com · 2026-02-21

### Grandstream Security Advisories #### Overview - Grandstream does not disclose vulnerability details before an official patch is released. - Full vulnerability information is published on their off…

Read more
CVSS 3.5
CVE-2025-15583: Reflected XSS in detronetdip E-commerce 1.0.0 utility/function.php
vuldb.com · 2026-02-21

From this webpage screenshot, the following key vulnerability information can be extracted: ### Vulnerability Information - **Vulnerability Name**: detronetdip E-commerce 1.0.0 utility/function.php ge…

Read more
Calero VeraSMART .NET Remoting Arbitrary File Read to ViewState RCE (CVE-2022-26333)
www.vulncheck.com · 2026-02-21

## Key Information ### Vulnerability Name Calero VeraSMART < 2022 R1 .NET Remoting Arbitrary File Read Leading to ViewState RCE ### Severity CRITICAL ### Release Date 2023-02-13 ### CVE ID CVE-2022-26…

Read more
Premium intel
CVSS 9.8
Hyland OnBase Unauthenticated .NET Remoting RCE (CVE-2026-26221)
www.vulncheck.com · 2026-02-21

## Critical Vulnerability Information ### Vulnerability Name Hyland OnBase Timer Services Unauthenticated .NET Remoting RCE ### Severity Level CRITICAL ### Release Date 2/13/2026 ### Affected Versions…

Read more
Premium intel
CVSS 9.8
MajorDoMo Supply Chain RCE via Update URL Poisoning (CVE-2026-27180)
www.vulncheck.com · 2026-02-21

## Key Information ### Vulnerability Name MajorDoMo Supply Chain Remote Code Execution via Update URL Poisoning ### Severity CRITICAL ### Date 2023-02-18 ### CVE ID CVE-2026-27180 ### Related Vulnerab…

Read more
Premium intel
CVSS 9.8
WordPress Prodigy Commerce Unauthenticated LFI via parameters[template_name] (CVE-2026-0926)
www.wordfence.com · 2026-02-21

- **Vulnerability Name**: Prodigy Commerce <= 3.2.9 - Unauthenticated Local File Inclusion via parameters[template_name] - **CVE**: CVE-2026-0926 - **CVSS Score**: 9.8 (Critical) - **Publicly Publishe…

Read more
CVSS 7.5
CVE-2026-1982: Local File Inclusion in WooCommerce Plugin Flexi Product Slider
www.wordfence.com · 2026-02-21

```md ## Vulnerability Key Information - **CVE ID**: CVE-2026-1982 - **CVSS Score**: 7.5 (High) - **Public Release Date**: 2024-02-13 - **Last Updated Date**: 2024-02-14 - **Researcher**: Muhammad Yud…

Read more
GIMP PGM File Parsing Uninitialized Memory RCE (CVE-2026-2044)
www.zerodayinitiative.com · 2026-02-21

## Key Vulnerability Information from the Screenshot - **Date:** February 19th, 2026 - **Title:** GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability - **IDs:** - ZDI-26-118…

Read more
CVE-2025-70151: Authenticated Unrestricted File Upload RCE in Scholars Tracking System 1.0
youngkevinn.github.io · 2026-02-21

### CVE-2025-70151 - Scholars Tracking System 1.0: Authenticated Unrestricted File Upload Leads to Remote Code Execution #### Summary | Field | Detail | |---|---| | CVE ID | CVE-2025-70151 | | Product…

Read more
Infoblox NIOS High-Severity Vulnerabilities: Arbitrary File Write (CVE-2025-61879) and Insecure Deserialization RCE (CVE
support.infoblox.com · 2026-02-13

- **Vulnerability Details** - **CVEs:** CVE-2025-61879, CVE-2025-61880 - **Affected Versions:** - NIOS - Version 8.5.2 - NIOS - Version 8.6.x - NIOS - Version 9.0.1, 9.0.2, 9.0.3, 9.0.4, 9.0.5, 9.0.6 …

Read more
Premium intel
CVSS 10.0
Crawl4AI v0.8.0 Security Fix: Critical RCE and High LFI Vulnerabilities
github.com · 2026-02-13

## Critical Vulnerability Information ### Security Fixes - **Remote Code Execution (RCE) Vulnerability** - **Severity**: CRITICAL (CVSS 10.0) - **Impact**: Docker API deployments (all versions prior t…

Read more
CVSS 9.8
CVE-2026-2248: Unauthenticated RCE in METIS WIC Gateway
cydome.io · 2026-02-13

### Key Information Summary #### Vulnerability Overview - **CVE ID**: CVE-2026-2248 - **CVSS 3.1 Score**: 9.8 (Critical) - **Related CWEs**: CWE-306 (Missing Authentication), CWE-287 (Improper Authent…

Read more
Premium intel
CVSS 10.0
Crawl4AI <0.8.0 Remote Code Execution (RCE) via Hooks Parameter
github.com · 2026-02-13

### Key Information #### Vulnerability Description - **Vulnerability Type**: Remote Code Execution (RCE) - **Affected Scope**: Crawl4AI Docker API deployment - **Affected Versions**: < 0.8.0 - **Fixed…

Read more
KEV
visionOS 26.3 Security Update: dyld RCE, Kernel Privilege Escalation CVEs
support.apple.com · 2026-02-12

### Key Information Summary - **Version Information** - visionOS 26.3, Release Date: February 11, 2026 - **Affected Components and Vulnerability Descriptions** - **AppleMobileFileIntegrity** - **CVE-2…

Read more
KEV
Apple watchOS 26.3 Security Update: 14 CVEs including RCE, Sandbox Escape, DoS
support.apple.com · 2026-02-12

### Security Content in watchOS 26.3 - **Release Date**: February 11, 2026 - **Version**: watchOS 26.3 - **Affected Devices**: Apple Watch Series 6 and later #### Vulnerability Key Information 1. **Bl…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.