Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 666— Search: RCE×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Filter
AlgoSec Firewall Analyzer CVE-2025-12382 Path Traversal RCE Advisory
techdocs.algosec.com · 2025-11-14

## AlgoSec Vulnerability Advisory ### CVE-2025-12382 Path Traversal Allows Remote Code Execution in AlgoSec Firewall Analyzer | **Details** | **Information** | |---------------------|-----------------…

Read more
Premium intel
CVSS 8.8
WordPress WP All Import RCE via Conditional Logic (CVE-2025-12733)
www.wordfence.com · 2025-11-14

### Key Information - **CVE Identifier**: CVE-2025-12733 - **CVSS Score**: 8.8 (High) - **Publicly Published**: November 12, 2025 - **Last Updated**: November 13, 2025 - **Researcher**: tmrswwr ### Vu…

Read more
CVSS 7.5
WooCommerce Braintree Payment Gateway 3DS Plugin token_id Input Validation Issue Analysis
plugins.trac.wordpress.org · 2025-11-15

- **Vulnerability Information:** - **File Source:** woo-payment-gateway/tags/3.2.78/includes/api/class-wc-braintree-controller-3ds.php - **Plugin:** WooCommerce Braintree Payment Gateway - **Version:*…

Read more
Ubee EVW3226 Firmware Vulnerabilities Analysis: RCE, Auth Bypass, Buffer Overflow
seclists.org · 2025-11-15

### Key Information Summary - **Device/Firmware Version**: Ubee EVW3226, firmware version 1.0.20 - **Confirmed Affected Platforms/Firmware**: - Ubee EVW3226 - Firmware v. 1.0.20 - **Vulnerability Deta…

Read more
CVSS 4.7
News365 PHP Script Unrestricted File Upload Leading to RCE
github.com · 2025-11-15

### Key Information - **Product Information:** - Vendor Homepage: https://www.bdtask.com - Software Link: https://codecanyon.net/item/news365-php-newspaper-magazine-blog-php-script-with-video-newspape…

Read more
Ubee EVW3226 Modem Router Vulnerabilities: RCE, Auth Bypass, Buffer Overflow
web.archive.org · 2025-11-15

From this webpage screenshot, the following key information about the vulnerability can be extracted: - **Affected Device and Firmware** - Ubee EVW3226 modem/router - Firmware version: 1.0.20 - Produc…

Read more
CVSS 6.3
URY Open Source Restaurant Management System SQL Injection Vulnerability Analysis
github.com · 2025-11-15

### Vulnerability Key Information #### Vulnerability Overview - **Product Name**: URY Open Source Restaurant Management System - **Module**: POS (Point of Sale) - **Vulnerability Type**: SQL Injection…

Read more
TG8 Firewall CVE-2021-4470 Unauthenticated RCE via runphpcmd.php
www.vulncheck.com · 2025-11-15

- **Summary**: TG8 Firewall Unauthenticated RCE via runphpcmd.php - **Severity**: CRITICAL - **Date**: November 14, 2025 - **Impact**: - TG8 Firewall firmware - An affected version range remains undef…

Read more
CVSS 4.7
DouPHP v1.8 File Upload Leading to RCE Vulnerability Analysis
github.com · 2025-11-15

## DouPHP v1.8 Release 20251022 RCE #1 ### Vulnerability Analysis - **Exploitable Code**: The vulnerability exists in the `bigfile` method of `upload/include/file.class.php`. ```php if ($_POST['sql_li…

Read more
CVSS 6.3
Unrestricted File Upload RCE in Bdtask Flight Booking Software B2B Portal v4
github.com · 2025-11-16

## Critical Vulnerability Information ### Vulnerability Title - Unrestricted File Upload in Bdtask Flight Booking Software B2B Portal v4 ### Vulnerability Type - Unrestricted File Upload leading to Re…

Read more
CVSS 7.3
SourceCodester Patients Waiting Area Queue Management System v1.0 SQL Injection Vulnerability Analysis
github.com · 2025-11-16

### Key Information Summary #### Affected Product - **Product Name**: Patients Waiting Area Queue Management System - **Vendor**: SourceCodester - **Version**: v1.0 #### Vulnerability Details - **Vuln…

Read more
CVSS 7.3
IsFusion ≤ 6.1 Arbitrary File Upload Leading to RCE
github.com · 2025-11-17

## Vulnerability: Arbitrary file upload in IsFusion ≤ 6.1 ### Bug Details - **Bug_Author:** R1ckyZ - **Affected Version:** IsFusion ≤ 6.1 - **Vendor:** IsFusion GitHub Repository - **Software:** IsFus…

Read more
CVSS 6.3
SQL Injection in SourceCodester Online Magazine Management System 1.0 (CVE-2025-13264)
vuldb.com · 2025-11-17

### Critical Vulnerability Information - **CVE Identifier**: CVE-2025-13264, EUVD-2025-197754, VDB-332599 - **Summary**: - **Severity**: Critical - **Affected Software**: SourceCodester Online Magazin…

Read more
CVSS 6.3
dromara dataCompare ≤1.0.1 JDBC URL Injection Leading to RCE/Arbitrary File Read
github.com · 2025-11-17

Based on the information in the web page screenshot, the following key details about the vulnerability can be extracted: ### Vulnerability Description - **Vulnerability Type**: Arbitrary File Read and…

Read more
Unauthenticated Arbitrary File Upload in jQuery File Upload Demo Leads to RCE
github.com · 2025-11-19

### Vulnerability Title - **Unauthenticated arbitrary file upload in bundled demo endpoint leads to code execution in common deployments #412** ### Vulnerability Overview - **Description**: - A web-ac…

Read more
Losant Arduino MQTT Client Stack-based Buffer Overflow RCE (CVE-2018-17614)
zerodayinitiative.com · 2025-11-19

## Vulnerability Key Information - **Vulnerability Title**: Losant Arduino MQTT Client Stack-based Buffer Overflow Remote Code Execution Vulnerability - **Vulnerability IDs**: - ZDI-18-1337 - ZDI-CAN-…

Read more
Foxit Reader TextBox Keystroke Use-After-Free RCE (CVE-2018-9968)
zerodayinitiative.com · 2025-11-19

## Advisory Details - **Date**: April 20th, 2018 - **Title**: Foxit Reader TextBox Keystroke Use-After-Free Remote Code Execution Vulnerability - **IDs**: - ZDI-18-352 - ZDI-CAN-5572 - **CVE ID**: CVE…

Read more
Foxit Reader ConvertToPDF_x86.dll Out-of-Bounds Write RCE (CVE-2018-11622)
zerodayinitiative.com · 2025-11-19

## Foxit Reader ConvertToPDF_x86 JPG Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability ### ID - ZDI-18-699 - ZDI-CAN-5873 ### CVE ID - CVE-2018-11622 ### CVSS Score - 6.8 (AV:N/AC:M/Au:N…

Read more
MISP 2.4.157 PHAR Deserialization RCE Vulnerability (CVE-2022-29528) Advisory
zigrin.com · 2025-11-19

### Key Information - **Date**: 2022-04-20 - **Affected Vendor**: - CIRCL – Computer Incident Response Center Luxembourg - **Affected Product**: - MISP – Open Source Threat Intelligence Platform & Ope…

Read more
Zoom Security Bulletin: Multiple CVEs including RCE, SSRF, and Auth Bypass in Clients
zoom.us · 2025-11-19

- **ZSB-25045**: Zoom Workplace VDI Plugin macOS Universal Installer - Symlink Following - **Severity**: Medium - **CVE**: CVE-2025-30662 - **Date Published**: 11/11/2025 - **Date Updated**: 11/14/202…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.