Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 666— Search: RCE×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Filter
CVSS 6.3
premsql LLM Prompt Injection RCE (CVE premsql-rce) Analysis and POC
github.com · 2026-04-06

## Vulnerability Overview **Prompt Injection RCE (CVE premsql-rce)** - A prompt injection remote code execution vulnerability targeting LLM applications. Attackers use carefully crafted malicious prom…

Read more
Premium intel
CVSS 6.3
SpEL Injection RCE in baomidou dynamic-datasource via @DS Annotation
github.com · 2026-04-26

# SpEL Injection Vulnerability Summary ## Overview - **Vulnerability Name**: SpEL Injection in baomidou_dynamic-datasource - **Vulnerability ID**: #766 - **Vulnerability Type**: Server-side Expression…

Read more
Premium intel
CVSS 6.3
dynamic-datasource RCE Vulnerability Analysis and POC
github.com · 2026-04-26

### Vulnerability Overview In the `dynamic-datasource` project, there is a potential Remote Code Execution (RCE) vulnerability located in the `DsSpelExpressionProcessor` class. This vulnerability may …

Read more
CVSS 7.3
SourceCodester Pizzafy Ecommerce System 1.0 SQL Injection Vulnerability with POC
vuldb.com · 2026-04-28

# Vulnerability Summary ## Overview - **Vulnerability Name**: SourceCodester Pizzafy Ecommerce System 1.0 SQL Injection - **Vulnerability Type**: SQL Injection (Based Error) - **Severity**: HIGH - **S…

Read more
CVSS 4.7
Pizzafy Ecommerce System 1.0 Unrestricted File Upload RCE (CVE-2026-7393)
github.com · 2026-04-30

# Pizzafy Ecommerce System 1.0 Remote Code Execution Vulnerability (CVE-2026-7393) ## Vulnerability Overview * **Vulnerability Type**: Unrestricted File Upload leading to Remote Code Execution (RCE). …

Read more
CVSS 6.5
Wordfence Integrated WooCommerce Payments Remote SQL Injection Vulnerabilities (CVE-2015-1600/1601/1602)
www.wordfence.com · 2026-04-02

Based on the provided screenshot, here is a summary of the vulnerability intelligence: ## Vulnerability Overview The page displays information regarding **Wordfence's Integrated WooCommerce Payments**…

Read more
Cisco Security Advisory: UCCE RCE, Catalyst Center Privilege Escalation, IOS XE Secure Boot Bypass
tools.cisco.com · 2025-11-14

# Critical Vulnerability Information ## Vulnerability List | Advisory Title | Severity | CVE | Last Updated | Version | | --- | --- | --- | --- | --- | | Cisco Unified Contact Center Express Remote Co…

Read more
Hugging Face Accelerate Deserialization RCE (CVE-2025-14925)
www.zerodayinitiative.com · 2025-12-29

### Key Vulnerability Information - **Title**: (0Day) Hugging Face Accelerate Deserialization of Untrusted Data Remote Code Execution Vulnerability - **Identifier**: - ZDI-25-1140 - ZDI-CAN-27985 - CV…

Read more
Premium intel
CVSS 9.1
VRCX VR Overlay RCE via XSS and CefSharp Over-permission (GHSA-j98g-mgjm-wqph)
github.com · 2024-08-10

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Name**: VR Overlay RCE 2. **Severity**: Critical 3. **Publisher**: Natsumi-sama …

Read more
Premium intel
CVSS 8.8
Paperclip Privilege Escalation via Agent-Controlled workspaceStrategy.provisionCommand (RCE)
github.com · 2026-04-23

# Vulnerability Summary: Paperclip Privilege Escalation via Agent-Controlled workspaceStrategy.provisionCommand ## Overview Paperclip contains a privilege escalation vulnerability that allows an attac…

Read more
CVSS 8.1
Adobe Commerce/Magento Security Bulletin APSB25-94: RCE, XSS, and Access Control Vulnerabilities
helpx.adobe.com · 2025-10-15

### Critical Vulnerability Information #### Vulnerability Overview - **Announcement ID**: APSB25-94 - **Release Date**: October 14, 2025 - **Priority**: 2 #### Affected Versions - **Adobe Commerce** -…

Read more
CVSS 5.8
Cisco FTD Snort 3 Detection Engine Bypass Vulnerability (CVE-2024-20407)
sec.cloudapps.cisco.com · 2024-10-26

### Key Information 1. **Vulnerability Description**: - **Vulnerability Name**: Cisco Firepower Threat Defense Software TCP Snort 3 Detection Engine Bypass Vulnerability - **Vulnerability ID**: cisco-…

Read more
Premium intel
CVSS 10.0
Festo CECX Controller Vulnerabilities (CVE-2014-3101 to 3105): RCE, Directory Traversal, Unauthorized Access
www.cisa.gov · 2025-07-06

### Critical Vulnerability Information #### Vulnerability Overview - **CVE IDs**: CVE-2014-3101, CVE-2014-3102, CVE-2014-3103, CVE-2014-3104, CVE-2014-3105 - **CWE IDs**: CWE-287 (Improper Authenticat…

Read more
Cisco Security Advisory: Critical RCE and Unauthorized Access Vulnerabilities in Secure Firewall, ISE, and UCCE (CVE-202
tools.cisco.com · 2025-11-08

### Critical Vulnerability Information - **Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Execution Vulnerability** -…

Read more
OneClick Remote Access Unauthenticated RCE via MCP Interface and Insecure CORS
github.com · 2026-04-02

**Vulnerability Overview** * **Vulnerability Name:** OneClick Remote Access: Insecure CORS & Unauthenticated MCP Interface * **Description:** This vulnerability involves insecure Cross-Origin Resource…

Read more
Hugging Face LeRobot Async Inference gRPC Unpickle RCE (#3047)
github.com · 2026-04-24

# Vulnerability Summary: Insecure Pickle Deserialization Vulnerability in Hugging Face /lerobot Asynchronous Inference ## Overview - **Vulnerability ID**: #3047 - **Vulnerability Type**: CWE-502 - Des…

Read more
YITH WooCommerce Ajax Search <2.7.1 XSS Vulnerability (CVE-2024-7846)
wpscan.com · 2024-09-24

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: YITH WooCommerce Ajax Search < 2.7.1 2. **Vulnerability Type**: XSS (Cross-Site…

Read more
Linux Kernel RCU CONFIG_FORCE_NR_CPUS Misconfiguration Causes System Crash
git.kernel.org · 2024-10-24

From this webpage screenshot, we can extract the following key information about the vulnerability: 1. **Vulnerability Description**: - The vulnerability describes that when the `CONFIG_FORCE_NR_CPUS`…

Read more
SourceCodester Purchase Order Management System v1.0 Command Execution via /admin?page=user (CVE-2024-48454)
github.com · 2024-10-26

From this webpage screenshot, the following key vulnerability information can be obtained: 1. **CVE-ID**: - CVE-2024-48454 2. **Description**: - A vulnerability in SourceCodester Purchase Order Manage…

Read more
PyTorch Distributed RPC RemoteModule Deserialization RCE Vulnerability with PoC
rumbling-slice-eb0.notion.site · 2024-11-03

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Type**: Distributed RPC Framework RemoteModule has Deserialization RCE in pytorc…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.