Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 24+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
Premium intel
Critical
OS Command Injection in Amazon ECS Agent via FSx Windows File Server Volume Credentials
github.com · 2026-05-01
Amazon ECS Agent 1.47.0.1 - 1.102.2
Read more
Medium
FreeRTOS-Plus-TCP Out-of-Bounds Read in IPv6 RA Parser (CVE-2026-7425)
GHSA-gffr-xgjj-jhvj · github.com · 2026-04-30
FreeRTOS-Plus-TCP >=V4.0.0 AND <=V4.2.5 · FreeRTOS-Plus-TCP >=V4.3.0 AND <V4.4.0
Read more
Medium
FreeRTOS-Plus-TCP ICMP Echo Reply Integer Underflow DoS Vulnerability
github.com · 2026-04-30
FreeRTOS-Plus-TCP >=V4.0.0 AND <=V4.2.5 · FreeRTOS-Plus-TCP >=V4.3.0 AND <=V4.4.0
Read more
High
Issues in tough library and tuftool CLI utility
2026-019-AWS · aws.amazon.com · 2026-04-25
tough 0.1.0 - 0.21.x · tuftool 0.1.0 - 0.14.x
Read more
Medium
Missing Delegated Metadata Validation in awslabs/tough · Advisory · awslabs/tough · GitHub
CVE-2026-6967 · github.com · 2026-04-25
tough < 0.22.0 · tuftool < 0.15.0
Read more
Premium intel
High
AWS Ops Wheel Privilege Escalation via Cognito Attribute (CVE-2026-6912)
CVE-2026-6912 · github.com · 2026-04-25
AWS Ops Wheel v2 (deployments between PR #147 and PR #163)
Read more
Premium intel
Critical
AWS Ops Wheel CVE-2026-6911 JWT Signature Verification Bypass Vulnerability
CVE-2026-6911 · github.com · 2026-04-25
aws-ops-wheel < PR #164
Read more
Medium
Firecracker v1.15.1 Vulnerability Fixes: DoS and Memory Safety
github.com · 2026-04-08
Firecracker < 1.15.1
Read more
High
Firecracker v1.14.4 Vulnerability Fixes: Memory Overflow, DoS, Clock Jump
github.com · 2026-04-08
Firecracker v1.14.4
Read more
High
RES Privilege Escalation via CreateSession API and Patch Guide
github.com · 2026-04-07
AWS Research Engineering Studio (RES) 2025.12.01 and earlier
Read more
Premium intel
Critical
RES Virtual Desktop Command Injection Vulnerability and Patch
github.com · 2026-04-07
RES 2025.12.01 · RES 2025.12 …
Read more
Critical
AWS RES Multiple RCE and Privilege Escalation Vulnerabilities (CVE-2026-5707/5708/5709)
CVE-2026-5707 · aws.amazon.com · 2026-04-07
AWS Research and Engineering Studio (RES) <= 2025.12.01
Read more
Unknown
CVE-2026-5190 AWS C Event Stream Stack Buffer Overflow Vulnerability
CVE-2026-5190 · aws.amazon.com · 2026-04-02
aws-c-event-stream < 0.6.0 · aws-crt-python < 1.4.0 …
Read more
High
AWS aws-c-event-stream Decode Buffer Overflow Fix in v0.6.0
github.com · 2026-04-02
aws-c-event-stream < v0.6.0
Read more
Critical
AWS SDK for C++ Memory Corruption in Event-Stream Header Parsing (CVSS 9.8)
github.com · 2026-04-02
aws-sdk-cpp < 1.6.6 · aws-c-io < 0.14.0 …
Read more
High
AWS SageMaker Python SDK CVE-2026-1777 RCE via HMAC Key Leakage
CVE-2026-1777 · github.com · 2026-02-04
sagemaker-python-sdk < 3.2.0 · sagemaker-python-sdk < 2.256.0
Read more
High
AWS SageMaker Python SDK HMAC Key Disclosure and TLS Verification Bypass (CVE-2026-1777/1778)
SA-CORE-2026-004 · aws.amazon.com · 2026-02-03
SageMaker Python SDK < 3.2.0 · SageMaker Python SDK < 2.256.0
Read more
Medium
Firecracker Jacker Arbitrary Host File Overwrite via Symlink (CVE-2026-1386)
GHSA-36j2-f825-qvgc · github.com · 2026-01-27
Firecracker < v1.13.1 · Firecracker v1.14.0
Read more
Medium
AWS SDK for .NET V4 region Parameter Validation Bypass (CVE-2026-22611)
CVE-2026-22611 · github.com · 2026-01-20
AWS SDK for .NET V4 >= 4.0.0, < 4.0.3.3
Read more
High
AWS Wrappers for Aurora PostgreSQL Privilege Escalation (CVE-2025-12967)
CVE-2025-12967 · aws.amazon.com · 2025-11-12
AWS JDBC Wrapper <2.6.5 · AWS Go Wrapper <2025-10-17 …
Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.