Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 2196+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
Low
vLLM Fix: FullAttention KV Cache Zeroing to Prevent Memory Leak
github.com · 2026-04-28
vLLM
Read more
Critical
Wooey Missing Authorization in add_or_update_script API Leads to RCE
github.com · 2026-04-28
Wooey master (0.13.3) · Wooey <= 0.13.2
Read more
High
FuelPHP Blocks.php Unauthenticated File Upload Leading to RCE
github.com · 2026-04-28
FUEL-CMS
Read more
High
diskover-community CVE-2026-38935 Reflected XSS Vulnerability Analysis
CVE-2026-38935 · github.com · 2026-04-28
diskover-community <= 2.3.5
Read more
High
Wooyee add_or_update_script API Privilege Escalation to RCE Fix
github.com · 2026-04-28
Wooey <= pre-fix version
Read more
High
CVE-2026-38934: CSRF Authentication Bypass and Fix
CVE-2026-38934 · github.com · 2026-04-28
DiskoverData <= 2.3.5
Read more
High
GPAC Integer Overflow Fix in box_code_base and isom_intern
github.com · 2026-04-28
GPAC
Read more
Critical
GPAC elng_box_read Integer Truncation Heap OOB Read/Write Vulnerability Analysis
GHSA-3516 · github.com · 2026-04-28
GPAC
Read more
High
GreenCMS v2.3 Arbitrary File Upload Vulnerability Analysis
github.com · 2026-04-26
GreenCMS v2.3
Read more
High
JizhiCMS v2.5.6 Admin SQL Injection Vulnerability Analysis
github.com · 2026-04-25
JizhiCMS v2.5.6
Read more
Unknown
ClassroomIO CVE-2025-67259 Broken Access Control via API Method Manipulation
CVE-2025-67259 · github.com · 2026-04-25
ClassroomIO v0.1.13
Read more
Medium
HostBill Business Logic Vulnerability: Negative Balance Bypass Leading to DoS
github.com · 2026-04-25
HostBill (Client Management module)
Read more
Medium
HostBill Client Area CAPTCHA Bypass and Rate Limit Bypass in Login Flow
github.com · 2026-04-25
HostBill Client Area < latest fixed version
Read more
Unknown
ToTOLINK A3300R cstecgi.cgi Command Injection Vulnerability (CVE-2026-31162) with PoC
CVE-2026-31162 · github.com · 2026-04-24
ToTOLINK A3300R V17.0.0cU557_B20221024
Read more
Unknown
ToTolink A3300R Command Injection in cstecgi.cgi (CVE-2026-31167) with PoC
CVE-2026-31167 · github.com · 2026-04-24
A3300R V17.0.0cu.557_B20221024
Read more
Unknown
ToTolink A3300R Command Injection in cstecgi.cgi (CVE-2026-31169) with PoC
CVE-2026-31169 · github.com · 2026-04-24
TOTOLINK A3300R V17.0.0c557_B20221024
Read more
Unknown
ToTolink A3300R Command Injection in cstecgi.cgi (CVE-2026-31173) with PoC
CVE-2026-31173 · github.com · 2026-04-24
TOTOLINK A3300R V17.0.0.cu557_B20221024
Read more
Unknown
ToTolink A3300r Command Injection in cstextcgi.cgi (CVE-2026-31166)
CVE-2026-31166 · github.com · 2026-04-24
ToTolink A3300r V17.0.0c557_B20221024
Read more
Critical
ToTolink A3300r cstecgi.cgi Command Injection Vulnerability (CVE-2026-31163) with PoC
CVE-2026-31163 · github.com · 2026-04-24
TOTOLINK A3300r V17.0.0cu557_B20221024
Read more
Unknown
ToTolink A3300r catcgi.cgi Command Injection Vulnerability (CVE-2026-31168)
CVE-2026-31168 · github.com · 2026-04-24
TOTOLINK A3300r V17.0.0c.557_B20221024
Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.