Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 666— Search: RCE×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Filter
CVSS 6.3
TOTOLINK A7000R Unauthenticated RCE via /cgi-bin/cstecgi.cgi
github.com · 2026-01-30

# Key Information Summary ## Vulnerability Overview - **Vendor**: TOTOLINK - **Affected Product**: A7000R - **Affected Firmware Version**: V4.1cu.4154 ## Vulnerability Details - **Vulnerability Type**…

Read more
AutoGPT Platform RCE via Disabled Block Execution (CVE-2026-24780)
github.com · 2026-01-30

## Critical Vulnerability Information ### Vulnerability Description - **Vulnerability Type**: RCE (Remote Code Execution) via Disabled Block Execution - **CVE ID**: CVE-2026-24780 ### Affected Version…

Read more
Premium intel
CVSS 10.0
Erugo CVE-2026-24897 Arbitrary File Upload Leading to RCE
github.com · 2026-01-29

### Key Information Summary #### Vulnerability Overview - **Vulnerability Type**: Remote Code Execution (RCE) via Arbitrary File Upload - **CVE ID**: CVE-2026-24897 - **Severity Level**: Critical (CVS…

Read more
CVSS 6.3
TOTOLINK A7000R CloudACMunualUpdateUserdata RCE via Unsanitized URL Parameter
github.com · 2026-01-29

### Key Information about the Vulnerability from the Screenshot - **Vendor:** TOTOLINK - **Affected Product:** A7000R - **Affected Firmware Version:** V4.1cu.4154 - **Vulnerability Type:** Remote Code…

Read more
CVSS 6.3
TOTOLINK A7000R Unauthenticated RCE via /cgi-bin/cstecgi.cgi
github.com · 2026-01-29

### Critical Vulnerability Information #### Information - **Vendor**: TOTOLINK - **Affected Product**: A7000R - **Affected Firmware Version**: V4.1cu.4154 #### Vulnerability Overview - A critical unau…

Read more
Drupal Commerce Paybox Signature Forgery Vulnerability (CVE-2026-0750)
www.herodevs.com · 2026-01-29

- **CVE ID**: CVE-2026-0750 - **Vulnerability Type**: Signature Forgery - **Affected Component**: Commerce Paybox in Drupal 7 - **Affected Versions**: >=7.1.0 <=7.1.5 - **Fixed in**: Commerce Paybox N…

Read more
Exploration Blue CVE-2025-57795 Remote File Download Leading to RCE
github.com · 2026-01-29

## Critical Vulnerability Information **CWE ID:** CWE-434: Unrestricted Upload of File with Dangerous Type **CVE ID:** CVE-2025-57795 **Description:** Versions of Exploration Blue prior to 8.14.13 con…

Read more
Premium intel
CVSS 9.8
Zortam Mp3 Media Studio 27.60 SEH Overwrite RCE Exploit
www.exploit-db.com · 2026-01-29

From the screenshot, the following key vulnerability information can be obtained: ### Vulnerability Information - **EDB-ID**: 49084 - **CVE**: N/A - **Author**: Vincent Wolterman - **Type**: LOCAL - *…

Read more
OpenProject Argument Injection RCE via Repository Diff (CVE-2026-24685)
github.com · 2026-01-29

## Key Information Summary ### Vulnerability Title - **Argument Injection on Repository Diff allows Arbitrary File Write and Remote Code Execution** ### Severity - **Critical** ### Affected Versions -…

Read more
CVSS 5.3
Open5GS SGW-C RCE/DoS via late BearerResourceFailureIndication
github.com · 2026-01-29

- **Title**: [Bug]: SGW-C crash: sgwc_s5c_handle_bearer_resource_failure_indication asserts on missing/stale s11_xact when BearerResourceFailureIndication arrives after S11 transaction timeout (s5c-ha…

Read more
Premium intel
CVSS 9.9
Dokploy Pre-Auth RCE via Command Injection in Docker Container Terminal WebSocket
github.com · 2026-01-28

### Key Information #### Vulnerability Name - Authenticated Remote Code Execution via Command Injection in Docker Container Terminal WebSocket Endpoint #### Severity - Critical #### Affected Versions …

Read more
Premium intel
CVSS 10.0
CVE-2026-23830: Sandbox Escape RCE in @nyariv/SandboxJS via AsyncFunction
github.com · 2026-01-28

### Vulnerability Key Information - **Vulnerability Type**: Sandbox Escape - **CVE ID**: CVE-2026-23830 - **Severity**: Critical (10.0 / 10) - **Affected Versions**: {}; const AsyncConstructor = af.co…

Read more
Premium intel
CVSS 8.4
GnuPG 2.5.17 Security Release: Fixes gpg-agent RCE and Buffer Overflows
www.openwall.com · 2026-01-28

## GnuPG Security Release (GnuPG 2.5.17) ### Key Information - **Vulnerability Fix**: - GnuPG 2.5.17 addresses a potential Remote Code Execution (RCE) vulnerability caused by a stack buffer overflow i…

Read more
zhblue/hustoj Arbitrary File Write to RCE via Zip Slip (CVE-2026-24479)
github.com · 2026-01-27

## Critical Vulnerability Information ### Vulnerability Overview - **Name**: Arbitrary File Write (Zip Slip) in Problem Import Modules leads to RCE - **Critical**: Yes - **Disclosure Date**: Last week…

Read more
CVE-2026-24480: GitHub Actions RCE and Repo Takeover via pull_request_target Misconfiguration
github.com · 2026-01-27

## Vulnerability Key Information ### Vulnerability Title - **Critical Validated RCE and Repository Takeover via GitHub Actions** ### CVE Number - **CVE-2026-24480** ### Affected Versions - **CI/CD onl…

Read more
CVSS 5.3
WeMail Plugin CSV Handling Potential RCE/RFI Vulnerability Analysis
plugins.trac.wordpress.org · 2026-01-27

- **Plugin Name**: WeMail - **File Version**: 2.0.6 - **File Path**: includes/Rest/Csv.php - **Last Change**: Revision 3359591, checked in by bdmeheidi, 5 months ago - **File Size**: 5.0 KB **Key Vuln…

Read more
OpenSolution Quick.Cart Reflected XSS and Path Traversal Leading to RCE (CVE-2025-67683, CVE-2025-67684)
cert.pl · 2026-01-27

## Key Vulnerability Information from the Webpage Screenshot ### Vulnerabilities in Quick.Cart #### Vulnerability 1 - **CVE ID**: CVE-2025-67683 - **Publication Date**: January 22, 2026 - **Software V…

Read more
LangGenius Dify CVE-2025-56157 Hardcoded Credentials RCE
gist.github.com · 2026-01-27

- **CVE ID:** CVE-2025-56157 - **Date:** 2025-12-18 - **Vendor:** LangGenius (Dify) - **Product:** Dify - **Affected Versions:** - CVE Record: - Related Discussion: ### Credits Discovered by Zhihuang …

Read more
Ollama <=v0.12.3 Auth Bypass Leading to RCE/Privilege Escalation (CVE-2025-63389)
gist.github.com · 2026-01-27

### Key Information - **CVE ID**: CVE-2025-63389 - **Date**: 2025-12-18 - **Vendor**: Ollama - **Product**: Ollama - **Affected Versions**: ).

Read more
PLY CVE-2025-56005: Untrusted Data Deserialization RCE
github.com · 2026-01-27

### Critical Vulnerability Information - **Vulnerability Name**: Undocumented Remote Code Execution in PLY - **CVE ID**: CVE-2025-56005 - **Reporter**: Ahmed Abd - **Disclosure Date**: July 1, 2025 - …

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.