Security Intel Hub 6+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Filter

KEV only

Verified PoC

Clear filters

Medium

DOMPurify Prototype Pollution and Config Leak Vulnerability Fix Analysis

github.com · 2026-04-24

DOMPurify (commit c361baa before)

High

DOMPurify 3.4.0 Security Advisory: Fixes Prototype Pollution, mXSS, and Filter Bypass

github.com · 2026-04-24

DOMPurify < 3.4.0

High

DOMPurify Prototype Pollution Leading to XSS Bypass

github.com · 2026-04-24

DOMPurify 3.0.1 · DOMPurify 3.0.2 …

Medium

DOMPurify CVE-2025-41240 FORBID_TAGS Bypass via ADD_TAGS Predicate

CVE-2025-41240 · github.com · 2026-04-24

DOMPurify <= 3.2.6

High

Dompurify Template Injection XSS via SAFE_FOR_TEMPLATES and RETURN_DOM Mode Bypass

github.com · 2026-04-24

dompurify < 3.3.3

CVSS 7.5

Path Traversal Vulnerability Fix Analysis (Commit 6bc6d60)

github.com · 2025-05-16

### Key Information - **Vulnerability Type**: Path Traversal - **Fix Commit**: Commit `6bc6d60` - **Fix Description**: Fixed the issue where uncontrolled data was used in server-side path expressions.…

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.

Goal Reached Thanks to every supporter — we hit 100%!

Security Intel Hub 6+

DOMPurify Prototype Pollution and Config Leak Vulnerability Fix Analysis

DOMPurify 3.4.0 Security Advisory: Fixes Prototype Pollution, mXSS, and Filter Bypass

DOMPurify Prototype Pollution Leading to XSS Bypass

DOMPurify CVE-2025-41240 FORBID_TAGS Bypass via ADD_TAGS Predicate

Dompurify Template Injection XSS via SAFE_FOR_TEMPLATES and RETURN_DOM Mode Bypass

Path Traversal Vulnerability Fix Analysis (Commit 6bc6d60)