Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 36+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
Medium
Discourse XSS via API Category Description Update (CVE-2026-02271)
CVE-2026-02271 · github.com · 2026-04-02
Discourse >= 0 · Discourse >= 2026.2.0-latest …
Read more
Medium
Discourse CVE-2026-32620: Missing Post-Level Authorization Allows Metadata Disclosure
CVE-2026-32620 · github.com · 2026-04-02
>= 0 · >= 2026.2.0-latest …
Read more
Medium
Discourse CVE-2020-22018 Unauthorized Channel Membership Inference
CVE-2020-22018 · github.com · 2026-04-02
Discourse >= 0 · Discourse >= 2026.2.0-latest …
Read more
Low
Discourse CVE-2026-38415 Improper Access Control Vulnerability
CVE-2026-38415 · github.com · 2026-04-02
Discourse >= 0 · Discourse >= 2026.2.0-latest …
Read more
Medium
Discourse CVE-2026-32615 Category Moderator Privilege Escalation
CVE-2026-32615 · github.com · 2026-04-02
>= 0 · >= 2026.2.0-latest …
Read more
Medium
Discourse discourse-ai Stored XSS in Shared Conversations (CVE-2026-32243)
CVE-2026-32243 · github.com · 2026-04-02
>= 0 · >= 2026.2.0-latest …
Read more
Low
Discourse Stored XSS via unescaped assignee name
github.com · 2026-04-02
Discourse >= 0
Read more
Medium
Discourse Authorization Bypass via category-chatables Endpoint Exposing Hidden Groups
github.com · 2026-04-02
Discourse >= 2026.2.0-latest · Discourse >= 2026.1.0-latest
Read more
Medium
Discourse Data Explorer Plugin Unauthorized SQL Execution via Fail-Open Access Control (CVE-2026-28218)
CVE-2026-28218 · github.com · 2026-02-27
Discourse >= 0 · Discourse >= 2026.1.0-latest …
Read more
Low
Discourse Privilege Escalation via Mass Assignment (CVE-2026-28219)
GHSA-8v26-9f7h-jc8x · github.com · 2026-02-27
Discourse >= 0 · Discourse >= 2026.1.0-latest …
Read more
Medium
IDOR in ReviewableNotesController (CVE-2026-26973)
CVE-2026-26973 · github.com · 2026-02-27
Discourse >= 0 · Discourse >= 2026.1.0-latest …
Read more
High
Discourse Patreon Plugin Authentication Bypass via Empty Webhook Secret (CVE-2026-26078)
GHSA-frx4-wg35-4r68 · github.com · 2026-02-27
Discourse >= 0 · Discourse >= 2026.1.0-latest …
Read more
Medium
Discourse CVE-2025-69289 Privilege Escalation via Email Change
CVE-2025-69289 · github.com · 2026-01-29
Discourse >= 0 · Discourse >= 2025.11.0-latest …
Read more
Medium
Discourse Invite Registration Bypasses User Approval Requirement Fix
github.com · 2025-11-09
Discourse
Read more
Discourse CVE-2025-49845 Whisper Information Disclosure
github.com · 2025-07-06

### Critical Vulnerability Information #### Vulnerability Title Users are able to see their own whispers even after being removed from a group that has been configured to see whispers #### Severity - …

Read more
CVSS 5.3
Discourse CVE-2024-45297 Unauthorized Access to Hidden Tag Topics
github.com · 2024-10-09

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Title**: Prevent topic list filtering by hidden tags for unau…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.