Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 666— Search: RCE×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Filter
BET e-Portal CVE-2025-14598 SQL Injection Leading to RCE
afnaan.me · 2026-01-20

### Critical Vulnerability Information #### CVE ID - CVE-2025-14598 #### CVSS Score - 9.8 (Critical) #### Vulnerability Type - SQL Injection Leading to Remote Code Execution #### Affected Product - Pr…

Read more
Premium intel
CVSS 8.8
Ubiquiti airMAX RCE Vulnerability Advisory (CVSS 8.8)
community.ui.com · 2026-01-20

### Vulnerability Overview - **Advisory**: Security Advisory Bulletin 060 - **Release Date**: January 6, 2026 - **Version**: 1.0 - **Revision**: 1.0 - **Description**: Malicious actors within Wi-Fi ra…

Read more
CVSS 4.7
BiggiDroid CMS Unrestricted File Upload RCE in edit.php
gitee.com · 2026-01-20

## Critical Vulnerability Information - **Unrestricted File Upload Vulnerability**: - Description: The `edit.php` file in BiggiDroid Simple PHP CMS contains an unrestricted file upload vulnerability. …

Read more
CVSS 4.7
PublicCMS <= v5.02506.d Path Traversal to RCE via Task Template
github.com · 2026-01-20

## Key Information Summary ### Vulnerability Overview - **Project**: PublicCMS - **Vulnerability Type**: Remote Code Execution (RCE) via Path Traversal in Task Template Management - **Affected Version…

Read more
CVSS 6.4
AlchemyCMS Authenticated RCE via Eval Injection (CVE-2026-23885)
github.com · 2026-01-20

### Vulnerability Overview - **Vulnerability Type**: Authenticated Remote Code Execution (RCE) via eval injection in ResourcesHelper - **Severity**: Moderate (6.6/10) - **Affected Versions**: 7.4.11, …

Read more
Quest NetVault Backup SQL Injection RCE Vulnerability (CVE-2017-17420)
zerodayinitiative.com · 2025-11-19

## Quest NetVault Backup Server Process Manager Service NVBUJobCountHistory Get Method SQL Injection Remote Code Execution Vulnerability - **Advisory ID:** ZDI-17-985, ZDI-CAN-4231 - **CVE ID:** CVE-2…

Read more
Premium intel
CVSS 9.8
Unauthenticated RCE in AI Feeds WordPress Plugin via actualizador_git.php
github.com · 2025-11-26

## Vulnerability Key Information ### Vulnerability Description The AI Feeds WordPress plugin, version 1.0.11 and earlier, contains an unauthenticated remote code execution vulnerability located in the…

Read more
Premium intel
CVSS 9.8
WordPress AI Feeds Plugin Unauthenticated RCE (CVE-2025-13597) with Exploit
ryankozak.com · 2025-11-26

From the webpage screenshot, the following key information about the vulnerability can be obtained: - **Vulnerability ID**: CVE-2025-13597 - **Affected Versions**: AI Feeds WordPress plugin version 1.…

Read more
TVT DVR/NVR/IPC Anonymous RCE and Hardcoded Credentials Vulnerability Analysis
github.com · 2025-11-25

### Vulnerability Key Information #### Vulnerability Overview - **Target**: Shenzhen TVT Digital Technology Co. Ltd & OEM {DVR/NVR/IPC} API RCE - **Attack Vector**: Remote - **Authentication Required*…

Read more
CVE-2025-63433: Xtool AnyScan Android Hardcoded Key Enables RCE via Update Forgery
github.com · 2025-11-25

- **CVE Reference**: CVE-2025-63433 - **Vulnerability**: Hardcoded Cryptographic Key in Xtool AnyScan Android Application - **Vulnerability Description**: - The Xtooltex AnyScan Android Application (v…

Read more
Planet FW-WGS-804HPT Stack Overflow Vulnerability Leading to RCE
github.com · 2025-11-25

## Vulnerability Details - **Affected Firmware**: Planet FW-WGS-804HPT_v1.305b241111 - **Root Cause**: Analysis of the `dispatcher` file in the `bin` directory reveals that the function `web_aaa_enabl…

Read more
CVSS 4.7
Online Bidding System PHP Unrestricted File Upload and RCE
github.com · 2025-11-24

### Vulnerability Information #### Product and Affected Versions - **Product Name**: Online Bidding System in PHP with Source Code - **Affected Files**: administrator/addcategory.php, administrator/fu…

Read more
CVSS 5.3
bigbuy-wc-droppshipping-connector Plugin File Inclusion, Path Traversal, and RCE Vulnerability Analysis
plugins.trac.wordpress.org · 2025-11-21

### Key Information Summary - **Plugin Name**: bigbuy-wc-droppshipping-connector - **Version**: 2.0.5 - **Last Modified**: 4 months ago by users 333699 and devsmip - **File Path**: src/Controller/ApiC…

Read more
Premium intel
CVSS 8.8
vLLM prompt_embs Deserialization DoS and Potential RCE (CVE-2025-62164)
github.com · 2025-11-21

### Key Information Summary #### Vulnerability Overview - **Vulnerability Name**: VLLM prompt_embs deserialize allows DoS and potential RCE - **CVE ID**: [CVE-2025-62164](#) #### Affected Versions - *…

Read more
ThinkPHP 5.0.24 View Function File Inclusion RCE Vulnerability (CVE-2025-63888)
gist.github.com · 2025-11-21

From the webpage screenshot, we can obtain the following key information about the vulnerability: - **CVE-ID:** - CVE-2025-63888 - **Product:** - ThinkPHP 5.0.24 - **Type:** - File Inclusion RCE - **D…

Read more
Ilevia EVE X1 Server CVE-2025-60738 RCE and SSRF Vulnerability
github.com · 2025-11-21

### Key Information #### Vulnerability Overview - **CVE ID**: CVE-2025-60738 - **Project**: Ilevia EVE X1 Server - **Affected Versions**: Firmware Version <= 4.7.18.0.eden and Logic Version <= 6.00 - …

Read more
QVidium Opera11 CVE-2025-63213 Pre-Auth RCE via Command Injection
github.com · 2025-11-20

### Key Information Summary **Vulnerability Overview** - **Vulnerability ID**: CVE-2025-63213 - **Description**: QVidium Opera11 device (firmware version 2.9.0-Ax4x-opera11) is vulnerable to Remote Co…

Read more
Sound4 FIRST Firmware RCE via Malicious Update (CVE-2025-63220)
github.com · 2025-11-20

## Critical Vulnerability Information - CVE-2025-63220 ### Vulnerability Overview Sound4 FIRST (Firmware 2.33) devices are affected by a Remote Code Execution (RCE) vulnerability, exploitable via mali…

Read more
CVE-2025-63879: Reflected XSS in PHP E-commerce Project
github.com · 2025-11-20

### Key Information #### Vulnerability Overview - **CVE ID**: CVE-2025-63879 - **Vulnerability Type**: Reflected Cross-Site Scripting (XSS) - **Affected Product**: PHP E-commerce Project - **Affected …

Read more
D-Link DIR-868 HNAP Unauthenticated RCE Vulnerability Analysis
github.com · 2025-11-20

## Critical Vulnerability Information ### Vulnerability Overview - **Vulnerability Type**: Unauthorized Remote Code Execution - **Affected Product**: D-Link DIR-868 - **Firmware Version**: DIR868LA1_F…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.