Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 666— Search: RCE×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Filter
CVSS 7.1
ResourceSpace 8.6 collection_edit.php SQL Injection Vulnerability
www.exploit-db.com · 2026-04-18

# ResourceSpace 8.6 'collection_edit.php' SQL Injection Vulnerability ## Overview - **Vulnerability Type**: SQL Injection - **Affected File**: `collection_edit.php` - **Platform**: PHP - **Release Dat…

Read more
HuggingFace LeRobot Unauthenticated RCE via Pickle Deserialization (CVE-2026-25874)
chocapikk.com · 2026-04-24

# CVE-2026-25874: HuggingFace LeRobot Deserialization Remote Code Execution Vulnerability ## Vulnerability Overview The asynchronous inference module of HuggingFace’s open-source robotics framework Le…

Read more
Premium intel
CVSS 9.8
CVE-2026-26210: RCE via Unsafe Pickle Deserialization in gRPC PolicyServer balance_serve Module
github.com · 2026-04-24

### Vulnerability Overview - **Vulnerability Name**: CVE-2026-26210 - **Description**: In the `balance_serve` module of gRPC PolicyServer, due to the use of the insecure `pickle.loads()` method, an at…

Read more
CVSS 5.3
binwalk WinCE Extractor Path Traversal Leading to RCE
github.com · 2026-04-28

# Vulnerability Summary: binwalk WinCE Extraction Plugin Path Traversal Vulnerability ## Vulnerability Overview A path traversal vulnerability exists in the WinCE ROM extraction plugin (`winceextract.…

Read more
Premium intel
CVSS 8.1
Omnifaces CVE-2025-41883: EL Injection via Wildcard CDN Mapping Leading to RCE
github.com · 2026-05-09

# Vulnerability Overview **Title**: EL injection via crafted resource name in wildcard CDN mapping **CVE ID**: CVE-2025-41883 **CVSS Score**: 8.1 / 10 (High) **Affected Package**: `org.omnifaces:omnif…

Read more
CVE-2010-0821: Microsoft Office Excel SxView Record Parsing RCE Vulnerability
www.zerodayinitiative.com · 2025-11-07

- **Advisory ID**: ZDI-10-104 - **CVE ID**: CVE-2010-0821 - **CVSS Score**: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) - **Affected Vendor**: Microsoft - **Affected Product**: Office Excel - **Vulnerability Ty…

Read more
Tencent FaceDetection-DSFD Deserialization RCE Vulnerability (CVE-2025-13715)
www.zerodayinitiative.com · 2025-12-29

### Vulnerability Key Information - **Title**: - Tencent FaceDetection-DSFD resnet Deserialization of Untrusted Data Remote Code Execution Vulnerability - **ID**: - ZDI-25-1183 - ZDI-CAN-27197 - **CVE…

Read more
Linux Kernel Crash Fix: CONFIG_FORCE_NR_CPUS=y nr_cpu_ids Mismatch in RCU Tasks
git.kernel.org · 2024-10-24

From this webpage screenshot, we can extract the following key information about the vulnerability: 1. **Vulnerability Description**: - **Issue Description**: For kernels compiled with `CONFIG_FORCE_N…

Read more
Premium intel
CVSS 8.3
LLaMA Factory WebUI RCE via torch.load in Checkpoint Path (<=0.9.3)
github.com · 2025-07-06

### Key Information #### Vulnerability Overview - **Vulnerability Type**: Remote Code Execution (RCE) - **Affected Versions**: <=0.9.3 - **Fixed Version**: 0.9.4 - **Severity**: High (CVSS v3.1: 8.3/1…

Read more
CVSS 7.3
SourceCodester Eye Clinic Management System V1.0 SQL Injection in search_index_Diagnosis.php
vuldb.com · 2025-09-02

### Key Information - **Vulnerability Title**: SourceCodester Eye Clinic Management System V1.0 SQL Injection - **Description**: - During a security review of "Eye Clinic Management System in PHP With…

Read more
CVSS 5.6
Pre-Auth RCE in ChurchCRM <=5.18.0 Setup Wizard via Unsafe String Replacement
github.com · 2025-10-19

### Key Information #### Vulnerability Overview - **Vulnerability Type**: Pre-authentication Remote Code Execution (RCE) - **Affected Product**: ChurchCRM versions getParsedBody(); // Lines 40-45: Dir…

Read more
CVE-2025-61454: Reflected XSS in Ecommerce 1.0 search.php
github.com · 2025-10-20

### Key Information Summary #### Vulnerability Overview - **CVE ID**: CVE-2025-61454 - **Disclosure Date**: October 13, 2025 - **Severity**: MEDIUM (CVSS v3.1 Score: 6.1) - **Vulnerability Type**: Ref…

Read more
CVSS 7.3
Tongfang Electronic Archive System Arbitrary File Upload and RCE
github.com · 2026-02-21

From the provided web screenshot, we can summarize the following key information about the vulnerability: 1. **Vulnerability Title**: Arbitrary File Upload Vulnerability in Tsinghua Tongfang Electroni…

Read more
Jupyter nbconvert Uncontrolled Search Path RCE on Windows (CVE-2025-53000)
github.com · 2026-02-21

### Key Information - **Vulnerability Title**: Uncontrolled search path leads to unauthorized code execution on Windows - **Publisher**: krassowski - **CVE ID**: CVE-2025-53000 - **Severity**: High (7…

Read more
Rayventory Scan Engine Uncontrolled Search Path Element RCE (CVE-2025-69599)
github.com · 2026-05-08

# CVE-2025-69599 Vulnerability Summary ## Vulnerability Overview **CVE-2025-69599** is an **Uncontrolled Search Path Element** vulnerability. When the Rayventory scan engine loads shared objects and i…

Read more
CVSS 4.3
SourceCodester Food Ordering System 1.0 Improper Input Validation in place-order.php (CVE-2024-8558)
vuldb.com · 2024-09-08

### Key Information 1. **Vulnerability ID**: - VDB-276778 - CVE-2024-8558 2. **Vulnerability Name**: - SourceCodester Food Ordering Management System 1.0 Price Place-Order.php Total Improper Validatio…

Read more
CVSS 6.3
SourceCodester Online Eyewear Shop v1.0 Improper Access Controls / Cart ID Manipulation
vuldb.com · 2024-09-19

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability ID**: #409459 2. **Vulnerability Name**: SourceCodester Online Eyewear Shop v1.0…

Read more
CVSS 5.3
CVE-2024-9321 SourceCoderster Railway Reservation System Broken Access Control PoC
github.com · 2024-09-30

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Type**: Broken Access Control (Improper Access …

Read more
CVSS 6.3
Sourcecodester Online Exam System (Django V1.0) Improper Access Control / Privilege Escalation
vuldb.com · 2024-10-26

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Title**: - **Title**: Sourcecodester Online Exam system using Django V 1.0 Impro…

Read more
CVSS 6.3
SourceCodeester Attendance System SQL Injection (CVE-2024-10422)
vuldb.com · 2024-10-29

### Key Information **Vulnerability Name:** - **SourceCodeester Attendance and Payroll System 1.0 /admin/overtime_add.php ID SQL Injection** **Vulnerability ID:** - **VDB-281963** - **CVE-2024-10422**…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.