Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 666— Search: RCE×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Filter
zyddnys/manga-image-translator Unsafe Pickle Deserialization RCE
github.com · 2026-02-12

### Key Information #### Vulnerability Description - **Type**: RCE (Remote Code Execution) due to insecure Pickle deserialization - **Affected Project**: zyddnys/manga-image-translator - **Affected En…

Read more
CVE-2026-26215: manga-image-translator Unsafe Deserialization RCE
www.vulncheck.com · 2026-02-12

- **CVE ID:** CVE-2026-26215 - **Exploit Type:** Shared API Unsafe Deserialization RCE - **Affected Software:** manga-image-translator <= beta-0.3 - **Severity:** Critical - **CVSS v4 Vector:** CVSS:4…

Read more
Premium intel
CVSS 8.5
Kanboard <=1.2.49 Admin Auth Bypass Leading to RCE via Plugin Installer
github.com · 2026-02-12

# Key Information on the Vulnerability ## 1. Vulnerability Summary - **Vulnerability Type:** CWE-863 (Incorrect Authorization) / CWE-94 (Code Injection) - **Severity:** High (Administrative RCE) - **A…

Read more
wp-e-commerce Unauthenticated PHP Object Injection via Insecure Deserialization (CVE-2026-1235)
wpscan.com · 2026-02-11

### Vulnerability Key Information #### Description The plugin unserializes user input via AJAX actions, which could allow unauthenticated users to perform PHP Object Injection when a suitable gadget i…

Read more
Premium intel
CVSS 10.0
catalyst-agent Template Injection Leads to Root RCE
github.com · 2026-02-11

## Critical Vulnerability Information ### Vulnerability Title - **Remote Code Execution as Root via Containerized Install Script Execution** ### Vulnerability Severity - **Critical** (10.0/10) ### Aff…

Read more
CVSS 7.8
Siemens NX Data Validation Vulnerability (CVE-2026-22923) Leading to RCE
cert-portal.siemens.com · 2026-02-10

### Key Information - **SSA-535115**: Data Validation Vulnerability in NX Before V2512 - **CVSS Scores** - CVSS v3.1 Base Score: 7.8 - CVSS v4.0 Base Score: 7.3 - **Affected Products and Versions** - …

Read more
Premium intel
CVSS 7.8
PowerDocu.Common Insecure Deserialization RCE Vulnerability
github.com · 2026-02-10

## Key Information ### Vulnerability Description - **Type:** Remote Code Execution (RCE) via unsafe deserialization - **Affected Package:** PowerDocu.Common (NuGet) - **Affected Versions:** (flowJSON,…

Read more
Premium intel
CVSS 9.1
CVE-2026-25881: Sandbox Escape via Prototype Pollution Leading to RCE
github.com · 2026-02-10

## Critical Vulnerability Information - **Vulnerability Type**: Sandbox Escape - **CVE ID**: CVE-2026-25881 - **CVSS v3.1 Score**: 9.1/10 - **Severity**: Critical - **Affected Versions**: <= 0.8.30 - …

Read more
CVSS 8.8
ZAI-Shell CVE-2026-25807 Unauthenticated RCE via P2P
github.com · 2026-02-10

### Critical Vulnerability Information #### Vulnerability Description - **Name**: Unauthenticated Remote Code Execution via P2P Sharing in ZAI-Shell - **CVE ID**: CVE-2026-25807 - **CVSS v3 Base Score…

Read more
CVSS 4.7
DouPHP CMS <= v1.9 Path Traversal RCE via File Upload (CVE-2026-2226)
github.com · 2026-02-09

### Key Information Overview #### Vulnerability Details - **Vulnerability Type**: Remote Code Execution (RCE) via Path Traversal - **CVE ID**: CVE-2026-2226 - **Affected Product**: DouPHP CMS - **Affe…

Read more
CVSS 7.3
SQL Injection in itsourcecode News Portal 1.0 Admin Login (CVE-2026-2225)
vuldb.com · 2026-02-09

### Vulnerability Key Information - **Vulnerability Name**: itsourcecode News Portal Project 1.0 Administrator Login /admin/index.php email SQL Injection - **CVE ID**: CVE-2026-2225 - **VDB ID**: VDB-…

Read more
CVSS 7.3
SQL Injection in itsourcecode Event Management System V1.0 (Pre-Auth)
github.com · 2026-02-09

# Key Information ## Vulnerability Overview - **Vulnerability Type**: SQL Injection - **Affected Product**: itsourcecode Event Management System V1.0 - **Vulnerable File**: /admin/manage_user.php ## R…

Read more
CVSS 7.3
itsourcecode School Management System V1.0 SQL Injection in /ramonsys/report/index.php
vuldb.com · 2026-02-09

- **Vulnerability Title**: itsourcecode School Management System V1.0 SQL Injection - **Vulnerability Description**: SQL injection vulnerability in the "/ramonsys/report/index.php" file of the School …

Read more
CVSS 8.8
Tenda RX3 Stack Buffer Overflow Vulnerability (RCE)
github.com · 2026-02-09

### Key Information #### Affected Product - **Vendor:** Tenda (Shenzhen Tenda Technology Co., Ltd.) - **Product:** Tenda RX3 - **Affected Version:** Firmware V16.03.13.11 #### Vulnerability Details - …

Read more
CVSS 8.8
Tenda RX3 Router Stack Buffer Overflow in SetIpMacBind Endpoint Leading to RCE
github.com · 2026-02-09

## Critical Vulnerability Information ### Affected Products - **Vendor**: Tenda (Shenzhen Tenda Technology Co., Ltd.) - **Product**: Tenda RX3 - **Affected Version**: Firmware V16.03.13.11 - **Vulnera…

Read more
CVSS 7.3
Session Fixation in Sourcecodester Prison Management System v1.0
github.com · 2026-02-09

## Vulnerability Information - **Title**: Session Fixation in Sourcecodester Prison Management System Using PHP v1.0 (/Admin/login.php) - **CVE**: CVE-xxxx-xxxxx (Not specified in the screenshot) - **…

Read more
CVSS 7.3
Unrestricted File Upload to RCE Vulnerability Analysis (CWE-434)
github.com · 2026-02-09

### Vulnerability Overview - **Type:** Unrestricted File Upload leading to Remote Code Execution (RCE) - **Severity:** CRITICAL (CVSS 10.0) - **CVE/CWE:** CWE-434 - **Affected Files:** - `seller/asset…

Read more
CVSS 7.3
detronetdip E-commerce 1.0 Missing Authentication for Critical Function (CWE-306)
vuldb.com · 2026-02-09

### Vulnerability Key Information #### Title - detronetdip E-commerce 1.0 Access Control Violation #### Severity - CRITICAL (9.8) #### CVSS Vector - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H #### B…

Read more
CVSS 7.3
detronetdip E-commerce 1.0 Remote Code Execution via Unrestricted File Upload (CWE-434)
vuldb.com · 2026-02-09

- **Title** detronetdip E-commerce 1.0 Remote Code Execution - **Description** Severity: CRITICAL (10.0) CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Bug Type: CWE-434: Unrestricted Uploa…

Read more
CVSS 4.3
XSS Vulnerability in SourceCodester Patient Waiting Area Queue Management System
github.com · 2026-02-08

### Critical Vulnerability Information - **Vulnerability Type**: XSS (Cross-Site Scripting) - **Affected System**: Patients Waiting Area Queue Management System - **Vulnerability Description**: - An X…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.