Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 11+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
High
Amazon Athena ODBC Driver Multiple Vulnerabilities Advisory (CVE-2020-5493/5500/5510/5520/5530/5540)
2020-0175-aws · aws.amazon.com · 2026-04-04
Amazon Athena ODBC Driver < 2.1.0.0
Read more
Medium
Amazon Ion-C Integer Overflow Leading to Uninitialized Memory Read (CVE-2025-12829)
GHSA-7mgf-6x73-5h7r · github.com · 2025-11-09
Amazon Ion-C <1.1.4
Read more
CVSS 8.5
AWS EMR Secret Agent Privilege Escalation via Keytab File (CVE-2025-8904)
github.com · 2025-09-20

### Critical Vulnerability Information - **CVE ID**: CVE-2025-8904 - **GHSA ID**: GHSA-hf6h-76fm-735v - **Severity**: Critical (9.0/10) - **CVSS v4 Base Metrics**: - Attack Vector: Network - Attack Co…

Read more
CVSS 4.0
AWS Amazon Q Developer VS Code Extension CVE-2025-8217 Supply Chain Poisoning
github.com · 2025-07-31

### Critical Vulnerability Information #### Vulnerability Overview - **CVE ID**: CVE-2025-8217 - **Affected Version**: 1.84.0 - **Fixed Version**: 1.85.0 - **Severity**: Medium (CVSS v3 Base Score: 4.…

Read more
FreeRTOS-Plus-TCP CVE-2025-5688 Out of Bounds Write Vulnerability
aws.amazon.com · 2025-06-06

### Key Information #### Vulnerability Overview - **CVE ID**: CVE-2025-5688 - **Vulnerability Type**: Out of Bounds Write in FreeRTOS-Plus-TCP - **Affected Scope**: AWS - **Severity**: Important (Requ…

Read more
CVSS 6.3
GHSA-p69m-h9rw-584v: data.all Authentication Token Not Invalidated on Logout
github.com · 2024-11-11

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: data.all does not invalidate authentica…

Read more
CVSS 4.9
data.all <2.6.1 Information Disclosure via Logs (CVE-2024-52314)
github.com · 2024-11-11

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: data.all admin user may access potentia…

Read more
CVSS 4.3
AWS data.all Authenticated User Authorization Bypass (CVE-2024-52313)
github.com · 2024-11-11

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: data.all authenticated users can obtain…

Read more
CVSS 7.5
CVE-2024-10125: Missing JWT Issuer Validation in AWS ALB Identity ASP.NET Core
aws.amazon.com · 2024-10-24

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability ID**: CVE-2024-10125 2. **Vulnerability Name**: missing JWT issuer and signer va…

Read more
CVSS 7.5
GHSA-789x-wph8-m68r: Lack of JWT issuer and signer validation in AWS ALB Route Directive Adapter for Istio
github.com · 2024-10-24

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: [awslabs/aws-alb-route-directive-adapte…

Read more
CVSS 7.5
Lack of JWT issuer and signer validation in AWS ALB Identity ASP.NET Core
github.com · 2024-10-24

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: [awslabs/aws-alb-identity-aspnetcore] L…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.