Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 24724+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
CVSS 4.8
Medtronic MiniMed 600 Series Insulin Pumps CVE-2022-32537 Vulnerability Analysis
www.cisa.gov · 2026-05-08

# Medtronic NGP 600 Series Insulin Pumps Vulnerability Summary ## Vulnerability Overview * **Vulnerability Name**: Protection Mechanism Failure * **CVE ID**: CVE-2022-32537 * **CVSS Score**: 4.8 (CVSS…

Read more
Premium intel
CVSS 8.9
Ivanti EPMM Security Advisory: 5 High-Severity CVEs (RCE, Privilege Escalation, Auth Bypass)
hub.ivanti.com · 2026-05-08

# Ivanti Endpoint Manager Mobile (EPMM) Security Vulnerability Summary ## Vulnerability Overview Ivanti has released security updates for Ivanti Endpoint Manager Mobile (EPMM) to address **5 high-seve…

Read more
CVSS 4.8
Medtronic MiniMed 600 Series Wireless Communication Vulnerability (CVE-2022-32537) Advisory
www.medtronic.com · 2026-05-08

# Medtronic MiniMed™ 600 Series Pump System Communication Vulnerability Summary ## Vulnerability Overview * **Vulnerability Name**: MiniMed™ 600 Series Pump System Communication Issue * **CVSS Score**…

Read more
CVE-2026-36388: PHPGURUKUL HMS v4.0 Stored XSS Leading to Session Hijacking
github.com · 2026-05-08

# CVE-2026-36388: Session Hijacking Due to Improper Session Management in PHPGURUKUL Hospital Management System v4.0 ## Vulnerability Overview The PHPGURUKUL Hospital Management System v4.0 contains a…

Read more
CVE-2026-36387: CODEASTRO Membership Management System Unrestricted File Upload RCE
github.com · 2026-05-08

# CVE-2026-36387: Remote Code Execution (RCE) in CODEASTRO Membership Management System v1.0 Due to Unrestricted File Upload ## Vulnerability Overview CODEASTRO Membership Management System v1.0 conta…

Read more
CVSS 6.8
Medtronic MyCareLink 24950 Patient Monitor CVE-2018-10626/10622 Vulnerability Summary
www.cisa.gov · 2026-05-08

# Medtronic MyCareLink 24950 Patient Monitor (Update A) Vulnerability Summary ## Vulnerability Overview * **Vulnerability ID**: CVE-2018-10626, CVE-2018-10622 * **CVSS Score**: v3 6.8 * **Vulnerabilit…

Read more
CVSS 6.8
Medtronic MyCareLink Patient Monitor Credential Extraction Vulnerability
www.medtronic.com · 2026-05-08

# Medtronic MyCareLink™ Patient Monitor Vulnerability Summary ## Vulnerability Overview - **Release Date**: August 7, 2018 - **Vulnerability Type**: External researchers identified security vulnerabil…

Read more
CVSS 4.2
Weblate Password Reset Triggers Unintended API Token Reset Vulnerability Analysis
github.com · 2026-05-07

# Weblate API Token Reset Vulnerability Summary ## Vulnerability Overview In Weblate version 3.7.1, the system triggers an API Token reset when a user resets their password via the "Forgot Password" f…

Read more
Premium intel
CVSS 6.0
CVE-2024-41689: Wallos Webhook SSRF Leading to RCE
github.com · 2026-05-07

# Vulnerability Summary: Shared local webhook allowlist allows low-privilege users to send arbitrary requests to allowlisted internal services ## Vulnerability Overview - **CVE ID**: CVE-2024-41689 - …

Read more
CVSS 4.3
CVE-2026-41687: SSRF CGNAT Bypass in wallios via is_cgnat_ip() Omission
github.com · 2026-05-07

# SSRF CGNAT Bypass in subscription/payments Logo URL — is_cgnat_ip() Not Used in Inline Checks (CWE-918) ## Vulnerability Overview - **Vulnerability Type**: CWE-918 Server-Side Request Forgery (SSRF)…

Read more
CVSS 8.3
Dagster SQL Injection Vulnerability (CVE-2024-41400) Advisory
github.com · 2026-05-07

# SQL Injection Vulnerability Summary: Database I/O Manager Dynamic Partition Key ## Vulnerability Overview In Dagster's DuckDB, Snowflake, BigQuery, and DeltaLake I/O managers, dynamic partition key …

Read more
Premium intel
CVSS 8.7
RELATE Predictable Token Generation Vulnerability in auth.py/exam.py (CVE-2020-41920)
github.com · 2026-05-07

# Vulnerability Summary: Predictable Token Generation in auth.py and exam.py ## Vulnerability Overview A security vulnerability was identified in the RELATE project involving the use of a non-cryptogr…

Read more
CVSS 6.5
LXC/Incus Instance Restore Nil Pointer Dereference Vulnerability
github.com · 2026-05-07

# Vulnerability Summary: Null Pointer Dereference in LXC/Incus via Malformed YAML ## Vulnerability Overview A null pointer dereference vulnerability exists in the instance restore and import processes…

Read more
CVE-2026-41648: Incus Unbounded YAML Metadata Decode OOM Vulnerability
github.com · 2026-05-07

# Vulnerability Summary: Unbounded YAML Metadata Decode via Parsing ## Vulnerability Overview - **CVE ID**: CVE-2026-41648 - **Severity**: Low - **Description**: User-provided image and backup tarball…

Read more
CVSS 6.1
fast-xml-parser XMLBuilder Comment and CDATA Injection Vulnerability Analysis
github.com · 2026-05-07

# fast-xml-parser XMLBuilder Vulnerability Summary ## Vulnerability Overview In **fast-xml-parser v5.5.12**, the `XMLBuilder` fails to escape the `-->` sequence within comments and the `]]>` sequence …

Read more
CVSS 8.3
Security fix: SQL injection in aggregate API (CWE-89)
github.com · 2026-05-07

# v0.11.4 — Security fix: SQL injection in aggregate API ## Vulnerability Overview - **Vulnerability Name**: SQL Injection in Aggregate API - **Vulnerability ID**: CWE-89, CVSS 8.8 - **Severity**: Hig…

Read more
CVSS 8.3
CVE-2024-41422 SQL Injection Vulnerability Analysis and Fix
github.com · 2026-05-07

# SQL Injection Vulnerability Summary ## Vulnerability Overview - **Vulnerability Name**: SQL injection via unvalidated `goqu.L()` calls in aggregate API - **CVE ID**: CVE-2024-41422 - **CVSS Score**:…

Read more
CVSS 7.7
Wallos Incomplete Fix for CVE-2026-3399: SSRF via DNS Rebinding
github.com · 2026-05-07

N/A.神龙无法分析-数据量过载

Read more
CVSS 4.3
Incus GHSA-98vh-x9cx-9cfp Unbounded Binary Import Disk Exhaustion Vulnerability
github.com · 2026-05-07

# Vulnerability Summary: Unbounded binary import disk exhaustion (GHSA-98vh-x9cx-9cfp) ## Vulnerability Overview This is an **unbounded binary import disk exhaustion** vulnerability. * **Mechanism**: …

Read more
CVSS 6.5
CVE-2024-41547: LXC Incus S3 Backup Import Nil-Pointer Dereference
github.com · 2026-05-07

# Vulnerability Summary: Nil-Pointer Dereference via S3 Bucket Import ## Vulnerability Overview - **Vulnerability Name**: Nil-Pointer Dereference via S3 Bucket Import - **CVE ID**: CVE-2024-41547 - **…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.