Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 666— Search: RCE×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Filter
CVE-2024-45717: XXE Injection in .NET System.Data.DataSetExtensions
github.com · 2026-04-03

Based on the provided image, here is the extracted and summarized information about the vulnerability CVE-2024-45717: --- ### 1. **Vulnerability Overview (漏洞概述):** - **Title:** XXE injection via unsaf…

Read more
CVSS 6.8
OpenShell Sandbox Escape Vulnerability Fix and Boundary Hardening Analysis
github.com · 2026-04-29

# OpenShell Vulnerability Summary ## Vulnerability Overview OpenShell is a tool that allows arbitrary code execution within a sandboxed environment. This vulnerability involves the bypassing of sandbo…

Read more
PIXERA 25.2 Overview and Changelog - Pixera
help.pixera.one · 2026-05-04

# PIXERA 25.2 Version Update and Security Fixes Summary ## Vulnerability Overview The PIXERA 25.2 series versions (R27, R12, R3, RC 9) contain several critical fixes, primarily involving: - **Resource…

Read more
CVSS 6.3
CaniasERP 8.03 Unauthenticated RCE via Java RMI IasServerRemoteInterface.doAction()
gist.github.com · 2026-05-10

### Vulnerability Overview - **Vulnerability Name**: CaniasRCEChain.java - **Vulnerability Type**: Remote Code Execution (RCE) - **Vulnerability Description**: This vulnerability allows an unauthentic…

Read more
MyBatis-Plus TenantPlugin SQL Injection Vulnerability Analysis
github.com · 2025-11-09

## Vulnerability Summary **Threat**: SQL Injection **MavenGroupId**: com.baomidou **MavenArtifactId**: mybatis-plus **Affected Versions**: 3.x **Affected Component**: TenantPlugin **Description**: The…

Read more
CVSS 6.5
Spring Framework JndiObjectFactoryBean Resource Validation Fix
github.com · 2025-05-29

From this webpage screenshot, the following key information about the vulnerability can be obtained: - **Submission ID**: 8a66aa3 - **Submission Date**: January 29, 2021 - **Submitter**: @svenkueenle …

Read more
Fix: Remote Code Execution via Jinacore Deserialization in OkAuth
github.com · 2026-04-02

### Vulnerability Summary **Vulnerability Overview** * **Vulnerability Type**: Remote Code Execution (RCE) * **Root Cause**: Deserialization vulnerability in the `Jinacore` component within `OkAuth`. …

Read more
Kubeflow ResourceComposition SSRF and HTTP Header Injection Vulnerability Analysis
gist.github.com · 2026-04-02

**Vulnerability Summary** * **Vulnerability Name**: Kubeflow ResourceComposition ChartUtil.SSIF + Header Injection * **Vulnerability Type**: Server-Side Request Forgery (SSRF) and HTTP Header Injectio…

Read more
CVSS 7.3
AgentSeek RCE via Unsandboxed LLM Code Execution
github.com · 2026-04-06

## CVE Report: Remote Code Execution via Unsandboxed LLM-Generated Code Execution ### Vulnerability Overview AgentSeek contains a critical remote code execution vulnerability where unauthenticated att…

Read more
CVSS 7.3
OpenShell Mirror Sync Directory Exclusion Bypass Vulnerability Analysis
github.com · 2026-04-24

### Vulnerability Overview This vulnerability involves the mirror synchronization feature of `OpenShell`, specifically that the `replaceDirectoryContents` function does not correctly exclude certain d…

Read more
CVSS 5.0
Jeesite XXE Vulnerability (CWE-611): Unfiltered logoutRequest Causes SSRF
www.yuque.com · 2026-03-02

## Jeesite XXE Vulnerability Report (CWE-611) ### 1. Description Jeesite contains an XXE vulnerability. The user-controlled `logoutRequest` XML is parsed without adequate XXE protections, enabling att…

Read more
CVSS 8.2
Red Hat Corosync Security Update: CVE-2026-35091 & CVE-2026-35092 (DoS/Info Leak)
access.redhat.com · 2026-05-10

### Vulnerability Overview - **Vulnerability ID**: RHSA-2026:13644 - **Publication Date**: 2026-05-05 - **Update Date**: 2026-05-05 - **Severity**: Moderate - **Description**: - **CVE-2026-35091**: Co…

Read more
DataEase SQL Injection Vulnerability Fix Analysis
github.com · 2025-08-27

From this webpage screenshot, the following key information about the vulnerability can be obtained: - **Vulnerability Type**: SQL Injection (SQLi) - **Remediation Measures**: - Added input parameter …

Read more
CVSS 5.3
Arbitrary Local File Read in PromptX @prompts/mcp-office (CVE-2026-571)
github.com · 2026-04-28

# Vulnerability Summary: Arbitrary Local File Read Vulnerability in PromptX @prompts/mcp-office ## Vulnerability Overview - **Vulnerability Title**: Arbitrary Local File Read Vulnerability in @prompts…

Read more
CVSS 4.7
AstrBot T2I SSTI Vulnerability and RCE POC
github.com · 2026-04-26

# Vulnerability Summary: AstrBot T2I Template Management Server-Side Template Injection (SSTI) ## Vulnerability Overview * **Vulnerability ID**: #7330 * **Vulnerability Type**: Server-Side Template In…

Read more
JD-Security-SHENYI-Team/MindsDB_Pickle_RCE.md at main · nn0nkey/JD-Security-SHENYI-Team · GitHub
github.com · 2026-05-04

# Analysis of MindsDB Pickle Deserialization Remote Code Execution Vulnerability ## Vulnerability Overview MindsDB is an open-source SQL server that allows developers to train and deploy machine learn…

Read more
Premium intel
CVSS 9.8
CVE-2024-10571: LFI Vulnerability in Chartify WordPress Plugin Analysis
abrahack.com · 2026-04-09

### Vulnerability Summary **1. Vulnerability Overview** * **CVE ID**: CVE-2024-10571 * **Vulnerability Type**: Local File Inclusion (LFI) * **CVSS Score**: 9.8 (Critical) * **Description**: This vulne…

Read more
Premium intel
CVSS 9.6
OpenClaw sandbox CDP source range restriction bypass fix
github.com · 2026-05-07

### Vulnerability Overview This vulnerability involves a CDP (Chrome DevTools Protocol) source range restriction issue in the `sandbox` module of the OpenClaw project. By default, the CDP source range…

Read more
Premium intel
CVSS 8.8
CH22 Firmware Buffer Overflow Vulnerability Analysis and PoC
github.com · 2026-04-02

# CH22 漏洞总结 ### 漏洞概述 * **漏洞名称**: CH22 Vulnerability * **漏洞类型**: 缓冲区溢出 (Buffer Overflow) * **受影响版本**: Version CH22, Version V1.0.3 * **漏洞描述**: * 在 `initpage()` 函数中发现缓冲区溢出漏洞。 * `initpage()` 函数调用 `parsei…

Read more
CVSS 6.3
CVE Report: Zero-Click RCE in pi-mono via Auto-Loaded Extensions
github.com · 2026-04-05

# CVE Report: Zero-Click Remote Code Execution via Auto-Loaded Project Extensions in pi-mono ## Vulnerability Overview | Field | Value | |:---|:---| | **Product** | pi-mono (Pi Coding Agent Monorepo) …

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.