Security Intel Hub 666— Search: `RCE`×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Filter

KEV only

Verified PoC

CVSS 8.8

Tenda RX3 Router Wi-Fi Schedule Buffer Overflow Vulnerability Analysis

github.com · 2026-02-09

## Critical Vulnerability Information ### Affected Product - **Vendor**: Tenda (Shenzhen Tenda Technology Co., Ltd.) - **Product**: Tenda RX3 - **Affected Version**: Firmware V16.03.13.11 ### Vulnerab…

CVSS 8.8

UTT HiPER 810G Router Buffer Overflow Vulnerability Analysis

github.com · 2026-02-23

### Vulnerability Key Information - **Affected Product**: UTT HiPER 810G Router - **Affected Firmware Version**: <= v3v1.7.7-171114 - **Vulnerability Type**: Critical Buffer Overflow Vulnerability - *…

Premium intel

CVSS 9.3

AVideo CVE-2026-33502 Command Injection Vulnerability Analysis and Fix

github.com · 2026-04-22

# Vulnerability Summary: CVE-2026-33502 ## Overview * **Vulnerability Name**: AVideo Command Injection Vulnerability (CVE-2026-33502) * **Vulnerability Type**: CWE-78 (OS Command Injection) * **Severi…

CVSS 7.3

WooCommerce Product Table Lite 3.8.6/3.8.7 Security Vulnerability Fix

plugins.trac.wordpress.org · 2024-11-24

From this webpage screenshot, we can extract the following key information about the vulnerability: 1. **Version Information**: - **WCPT_VERSION**: 3.8.6 - **WCPT_VERSION**: 3.8.7 2. **Security Vulner…

Premium intel

CVSS 9.8

llama.cpp RPC RCE Patch: Fix in deserialize_tensor_info

github.com · 2026-04-02

### 漏洞修复总结 **漏洞概述** 该提交记录展示了 `llama.cpp` 项目（一个基于 C++ 的 Llama 模型推理库）中一个关键的安全修复。提交信息明确标注为 `rpc : RCE patch (#20980)`，表明该补丁修复了 RPC 模块中存在的远程代码执行（RCE）漏洞，有效防止攻击者通过构造恶意数据实现远程代码执行。 **影响范围** - **仓库**: `ngml/ll…

CVSS 8.3

mcp-server-kubernetes port_forward Parameter Injection Vulnerability

github.com · 2026-04-18

# Vulnerability Summary: Argument Injection Vulnerability in the `port_forward` Tool ## Overview In the `port_forward` tool of `mcp-server-kubernetes`, there is an argument injection vulnerability. Th…

Premium intel

CVSS 8.1

qmail CVE-2026-41113 RCE via DNS MX Shell Injection with Exploit

github.com · 2026-04-18

# qmail Remote Code Execution Vulnerability (CVE-2026-41113) ## Vulnerability Overview * **Vulnerability Name**: qmail-remote Remote Code Execution (RCE) via DNS MX Hostname Shell Injection * **CVE ID…

Reflected XSS in Inventory System 1.0 (add_purchase.php)

github.com · 2026-04-02

# Vulnerability Summary: Reflected XSS in Inventory System (Add Purchase) **Overview** * **Vulnerability Type**: Reflected Cross Site Scripting (XSS) * **Affected Product**: Inventory System * **Affec…

Fix integer overflow in src_stride calculation in ffz draw-unpack.c

github.com · 2026-04-02

### 漏洞关键信息总结 **漏洞概述** * **编号**: Bug 760990 * **描述**: 在 `unpack_stream` 函数中计算 `src_stride` 时发生整数溢出（overflow）。 * **原因**: 原有计算 `(w * depth * n) >> 1` 使用32位整数运算，数值过大时导致溢出。 **影响范围** * **文件**: `source/ffz/d…

CVSS 6.3

SQL Injection in Modern Loan Management System 1.0 with POC

www.shawroot.cc · 2024-09-24

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Title**: SQL injection in Modern Loan management system 1.0 2. **Date**: Septemb…

NanoMQ 0.22.1 Unauthenticated Memory Leak DoS (CVE-2024-42649)

github.com · 2025-07-15

### Key Information #### CVE Number CVE-2024-42649 #### Vulnerability Type Memory Leak #### Affected Version - NanoMQ 0.22.1 - GIT COMMIT: 70de56cddc87444d120a3a7e477c76a26bca8d56 #### Vulnerability I…

Chromium Blink Geolocation Timer Not Stopped Fix

code.google.com · 2025-11-09

## Key Vulnerability Information ### Basic Information - **Type**: Vulnerability - **Priority**: P1 - **Severity**: S1 - **Status**: Fixed - **Component Tags**: Blink ### Description - This issue was …

E-POINT CMS CVE-2025-65806 Nested ZIP Archive Bypass Arbitrary File Upload

github.com · 2025-12-05

- **CVE ID**: CVE-2025-65806 - **Author**: Kacper Zabiegaj - **Severity**: Medium - **Affected Product**: E-POINT CMS - **Affected Version**: eagle.gsam-1169.1 - **Vendor**: E-POINT SA - **Attack Vect…

FFmpeg zmqsend.c Potential Info Leak/DoS Vulnerability Analysis

ffmpeg.org · 2026-04-18

### FFmpeg Vulnerability Summary #### Vulnerability Overview - **File**: `zmqsend.c` - **Description**: This file is part of FFmpeg and is used to send ZMQ messages. There is a potential vulnerability…

CVE-2025-61546: Print Shop Pro WebDesk Business Logic Flaw (Negative Quantity Bypass)

github.com · 2026-01-20

# CVE-2025-61546: Print Shop Pro WebDesk Business Logic Flaw ## Information - **Summary**: Client-side validation input validation bypass enables negative quantity purchases. - **Vendor**: edu Busines…

Premium intel

CVSS 8.8

WooCommerce Bot for Telegram Auth Bypass via Token Disclosure (CVE-2024-9821)

www.wordfence.com · 2024-10-13

From this webpage screenshot, the following key vulnerability information can be obtained: 1. **Vulnerability Name**: Bot for Telegram on WooCommerce <= 1.2.4 - Authenticated (Subscriber+) Telegram Bo…

CVSS 7.5

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.

Goal Reached Thanks to every supporter — we hit 100%!

Security Intel Hub 666— Search: `RCE`×

Tenda RX3 Router Wi-Fi Schedule Buffer Overflow Vulnerability Analysis

UTT HiPER 810G Router Buffer Overflow Vulnerability Analysis

AVideo CVE-2026-33502 Command Injection Vulnerability Analysis and Fix

WooCommerce Product Table Lite 3.8.6/3.8.7 Security Vulnerability Fix

llama.cpp RPC RCE Patch: Fix in deserialize_tensor_info

mcp-server-kubernetes port_forward Parameter Injection Vulnerability

qmail CVE-2026-41113 RCE via DNS MX Shell Injection with Exploit

Reflected XSS in Inventory System 1.0 (add_purchase.php)

Fix integer overflow in src_stride calculation in ffz draw-unpack.c

SQL Injection in Modern Loan Management System 1.0 with POC

NanoMQ 0.22.1 Unauthenticated Memory Leak DoS (CVE-2024-42649)

Chromium Blink Geolocation Timer Not Stopped Fix

E-POINT CMS CVE-2025-65806 Nested ZIP Archive Bypass Arbitrary File Upload

FFmpeg zmqsend.c Potential Info Leak/DoS Vulnerability Analysis

CVE-2025-61546: Print Shop Pro WebDesk Business Logic Flaw (Negative Quantity Bypass)

WooCommerce Bot for Telegram Auth Bypass via Token Disclosure (CVE-2024-9821)

Fix for Node Crash due to Invalid BLS Voting Key Validation in Blockchain Consensus

Chrome heap-use-after-free in ForceSigninVerifier (CVE-2021-37997)

Release v3.11.0 · patriksimek/vm2 · GitHub

LibreNMS Authenticated RCE Vulnerability (CVE-2024-51092) Analysis

Goal Reached Thanks to every supporter — we hit 100%!

Security Intel Hub 666— Search: RCE×

Security Intel Hub 666— Search: `RCE`×