Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 28+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
Medium
Craft Commerce Stored XSS Vulnerability (CVE-2026-25488)
CVE-2026-25488 · github.com · 2026-02-04
Craft Commerce 5.0.0-RC1 · Craft Commerce 5.5.1 …
Read more
Medium
Craft Commerce Stored XSS Leading to Privilege Escalation (CVE-2026-25522)
CVE-2026-25522 · github.com · 2026-02-04
Craft Commerce >= 5.0.0-RC1, <= 5.5.1 · Craft Commerce >= 4.0.0-RC1, <= 4.10.0
Read more
High
Craft Commerce Stored XSS Leading to Privilege Escalation (CVE-2026-25490)
CVE-2026-25490 · github.com · 2026-02-04
craftcms/commerce >= 5.0.0-RC1, <= 5.5.1 · craftcms/commerce >= 4.0.0-RC1, <= 4.10.0
Read more
Medium
Craft Commerce Stored XSS and Privilege Escalation (CVE-2026-25485)
CVE-2026-25485 · github.com · 2026-02-04
craftcms/commerce >= 5.0.0-RC1, <= 5.5.1 · craftcms/commerce >= 4.0.0-RC1, <= 4.10.0
Read more
Low
CVE-2026-25484: Stored XSS in Product Type Name with PoC
CVE-2026-25484 · github.com · 2026-02-04
craftcms/commerce >= 5.0.0 <= 5.5.1 · craftcms/commerce >= 4.0.0-RC1 <= 4.10.0
Read more
Premium intel
CVSS 10.0
CraftCMS Remote Code Execution Vulnerability (CVE-2023-41892)
github.com · 2025-11-06

### Vulnerability Key Information #### Vulnerability Title Remote Code Execution #### Vulnerability ID GHSA-4w8r-3xrw-v25g #### Release Date September 13, 2023 #### Vulnerability Severity CVSS v3 Seve…

Read more
CVSS 7.7
GHSA-cw6g-qmjq-6w2w: Arbitrary File Read via Email Template Abuse with PoC
github.com · 2024-11-17

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Name**: Read Arbitrary System Files 2. **Severity**: High (7.7/10) 3. **Publishe…

Read more
Premium intel
CVSS 8.5
CraftCMS file:// Validation Bypass Leading to File Overwrite and Potential RCE
github.com · 2024-11-17

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Name**: Local File System Validation Bypass Leading to File O…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.