Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 666— Search: RCE×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Filter
GetSimple CMS My SMTP Contact Plugin CSRF to Stored XSS to RCE Chain
github.com · 2026-01-27

Based on the information in the screenshot, the following key details about the vulnerability can be obtained: - **Vulnerability Name and Target**: GetSimple CMS My SMTP Contact Plugin <= v1.1.1 - CSR…

Read more
CVSS 6.5
ImageMagick Vulnerability Fixes: RCE/DoS/Memory Errors (GHSA Series)
github.com · 2026-01-27

From this webpage screenshot, we can extract the following key vulnerability information: ### Key Vulnerability Information - **ImageMagick#8496**: - **Issue Description**: Check if the aspect ratio i…

Read more
CVE-2026-22241: RCE via Arbitrary File Upload in Theme Upload
github.com · 2026-01-27

### Critical Vulnerability Information **Vulnerability Type**: Remote Code Execution (RCE) via Arbitrary File Upload **Affected Versions**: 4.2 **CVE ID**: CVE-2026-22241 **CVE Weakness**: CWE-434 (Un…

Read more
Premium intel
CVSS 9.1
Grist pyodide Sandbox Bypass Leads to RCE (CVE-2026-24002)
github.com · 2026-01-27

### Key Information - **Vulnerability Title**: pyodide sandbox option is insecure - **CVE ID**: CVE-2026-24002 - **Severity**: Critical (9.1/10) - **Affected Versions**: - `gristlabs/grist`, affected …

Read more
CVE-2025-70458: DOM-based XSS in sourcecodester-domain-availability-checker v1.0
github.com · 2026-01-27

### Critical Vulnerability Information - **Vulnerability Type**: DOM-based Cross-Site Scripting (XSS) - **Affected Package**: `sourcecodester-domain-availability-checker` - **Affected Version**: 1.0 -…

Read more
CVSS 8.8
Sangfor OSM SSH Protocol RCE via OS Command Injection (CWE-78)
github.com · 2026-01-27

## Key Information Summary ### Vulnerability Overview - **Product**: Sangfor OSM (DeepSec) - **Product Name**: Operations Security Management System (OSM) - **Affected Versions**: 3.0.12 (and earlier)…

Read more
CVSS 6.3
Sangfor OSM OS Command Injection RCE Vulnerability Analysis
github.com · 2026-01-27

### Critical Vulnerability Information - **Product**: Sangfor - **Product Name**: Operation and Maintenance Security Management System (OSM / 运维安全管理系统) - **Affected Component**: IpOrPortController (`/…

Read more
Premium intel
CVSS 9.8
Laravel Reverb <1.7.0 Insecure Deserialization RCE Vulnerability
github.com · 2026-01-27

### Vulnerability Key Information #### Vulnerability Description - **Vulnerability Type**: Insecure Deserialization (CWE-502) - **Severity**: Critical (9.8) - **Impact**: Affects Laravel Reverb versio…

Read more
TMS Management Console RCE via File Upload (CVE-2025-69828) with PoC
github.com · 2026-01-27

## Critical Vulnerability Information - **CVE ID**: CVE-2025-69828 - **Affected Product**: TMS Management Console - **Affected Versions**: ``` The page will render the result of the mathematical opera…

Read more
Salesforce Marketing Cloud Broken Crypto & Hardcoded Key Vulnerabilities (CVE-2026-22585/22586)
help.salesforce.com · 2026-01-27

From the screenshot, the following key information about the vulnerability can be obtained: * **Vulnerability Discovery and Resolution** * Salesforce Security identified and resolved Web Services Prot…

Read more
zhblue/hustoj CSV Injection Leading to RCE (CVE-2026-23873)
github.com · 2026-01-27

### Vulnerability Key Information - **Vulnerability Type**: CSV Injection (Formula Injection) - **CVE ID**: CVE-2026-23873 - **CVE**: CWE-1236 - **Affected Component**: zhblue/hustoj (Composer) - **Af…

Read more
Premium intel
CVSS 8.2KEV
Cisco Unified CM RCE Vulnerability Advisory (CVE-2026-20045)
sec.cloudapps.cisco.com · 2026-01-27

- **Vulnerability Summary**: - **Advisory ID**: cisco-sa-voice-rce-mORhqY4b - **CVE**: CVE-2026-20045 - **CVSS Score**: Base 8.2 - **Severity**: Critical - **Affected Products**: - Unified CM (CSCwr21…

Read more
CVSS 9.4
CISA ICSA-26-022-08: EVMAPA EV Charger Vulnerabilities (RCE/DoS) Advisory
www.cisa.gov · 2026-01-27

From the webpage screenshot, the following key vulnerability information can be obtained: - **Release Date**: January 22, 2026 - **Alert Code**: ICSA-26-022-08 - **Related Topics**: Industrial Control…

Read more
GetSimple CMS My SMTP Contact Plugin CSRF to RCE via PHP Code Injection
www.exploit-db.com · 2026-01-27

## Key Information - **Vulnerability Type**: CSRF (Cross-Site Request Forgery) and PHP Code Injection - **Affected System**: GetSimple CMS My SMTP Contact Plugin version 1.1.1 - **Affected Platform**:…

Read more
Premium intel
KEV
CVE-2026-23760: SmarterMail Auth Bypass via Password Reset API Leading to RCE
www.vulncheck.com · 2026-01-27

### Critical Vulnerability Information #### Vulnerability Title - SmarterTools SmarterMail < Build 9511 Authentication Bypass via Password Reset API #### Severity - CRITICAL #### Date - January 22, 20…

Read more
Premium intel
KEV
CVE-2026-24423: SmarterMail Unauthenticated RCE via ConnectToHub API
www.vulncheck.com · 2026-01-27

### Vulnerability Key Information - **Vulnerability Name**: SmarterTools SmarterMail < Build 9511 Unauthenticated RCE via ConnectToHub API - **Severity**: CRITICAL - **Date**: January 23, 2026 - **Aff…

Read more
CVE-2026-0786: ALGO 8180 IP Audio Alerter SCI Command Injection RCE
www.zerodayinitiative.com · 2026-01-27

### Critical Vulnerability Information - **Date**: January 9th, 2026 - **Vulnerability Name**: (0Day) ALGO 8180 IP Audio Alerter SCI Command Injection Remote Code Execution Vulnerability - **ID**: ZDI…

Read more
Anritsu ShockLine CHX File Parsing Deserialization RCE (CVE-2025-15348)
www.zerodayinitiative.com · 2026-01-27

### Vulnerability Key Information #### Basic Information - **Date**: December 30th, 2025 - **Title**: (0Day) Anritsu ShockLine CHX File Parsing Deserialization of Untrusted Data Remote Code Execution …

Read more
ALGO 8180 IP Audio Alerter API Command Injection RCE (CVE-2026-0785)
www.zerodayinitiative.com · 2026-01-27

From the webpage screenshot, the following key information about the vulnerability can be obtained: - **Vulnerability Name**: (0Day) ALGO 8180 IP Audio Alerter API Command Injection Remote Code Execut…

Read more
ALGO 8180 Web UI Command Injection RCE (CVE-2026-0782)
www.zerodayinitiative.com · 2026-01-27

## Vulnerability Key Information ### Vulnerability Overview - **Title**: (0Day) ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability - **ID**: - ZDI-26-004 - ZDI-CAN…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.