Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 11+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
High
FreePBX API Key Generation Logic Flaw Analysis
github.com · 2026-04-21
FreePBX
Read more
High
FREEI-2866: Command Injection in GraphQL Module via Unescaped Shell Args
FREEI-2866 · github.com · 2026-04-21
FreePBX Api release/17.0.8 · FreePBX Api release/17.0.5
Read more
Low
FreePBX api Privilege Escalation via GraphQL JWT Forgery (CVE-2025-55210)
GHSA-gvgh-p7wj-76cf · github.com · 2026-02-13
FreePBX 16 api < 16.0.17 · FreePBX 17 api < 17.0.5
Read more
FreePBX Endpoint Manager Authenticated Command Injection (CVE-2025-59051)
github.com · 2025-10-15

### Critical Vulnerability Information #### Vulnerability Title - **Authenticated Command Injection in Network Scanning feature of Endpoint Manager** #### Affected Versions - **endpoint (FreePBX 16)**…

Read more
FreePBX Asterisk HTTP Status Reflected XSS Vulnerability (CVE-2025-59429) and Mitigation
github.com · 2025-10-15

### Critical Vulnerability Information #### Vulnerability Overview - **Type**: Reflected Cross-site Scripting (XSS) - **Location**: Asterisk HTTP Status Page - **CVE ID**: CVE-2025-59429 - **CVSS Scor…

Read more
FreePBX Endpoint Manager Arbitrary File Upload Vulnerability (CVE-2025-61678)
github.com · 2025-10-15

### Critical Vulnerability Information #### Vulnerability Overview - **Title**: Authenticated Arbitrary File Upload in Endpoint Manager - **CVE ID**: CVE-2025-61678 - **GHSA ID**: GHSA-7p8x-8m3m-58j9 …

Read more
FreePBX Endpoint Management Authenticated SQL Injection (CVE-2025-61675)
github.com · 2025-10-15

### Critical Vulnerability Information #### Vulnerability Overview - **Vulnerability Type**: Authenticated SQL Injections in Endpoint Management - **CVE ID**: CVE-2025-61675 - **CVSS Score**: - CVSS v…

Read more
FreePBX contactmanager Stored XSS Vulnerability (CVE-2025-55209)
github.com · 2025-09-05

### Key Information #### Vulnerability Overview - **Vulnerability Type**: Stored XSS - **Affected Component**: FreePBX UCP Contact Group - **Description**: Allows automatic execution of user-supplied …

Read more
FreePBX CVE-2025-55739: Hardcoded OAuth Key Allows JWT Forgery
github.com · 2025-09-05

### Critical Vulnerability Information #### Vulnerability Overview - **Vulnerability Type**: Shared OAuth signing key identical across different instances - **CVE ID**: CVE-2025-55739 - **CVSS v4 Base…

Read more
Premium intel
KEV
FreePBX CVE-2025-57819: Auth Bypass Leading to SQLi and RCE
github.com · 2025-08-30

### Key Information Summary #### Vulnerability Overview - **Vulnerability Name**: Authentication Bypass Leading to SQL Injection and RCE - **Severity**: Critical (10.0/10) - **CVE ID**: CVE-2025-57819…

Read more
CVSS 6.8
FreePBX OSS Endpoint Manager Path Traversal Vulnerability (CVE-2024-47071)
github.com · 2024-10-02

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Module**: OSS Endpoint Manager - **Affected Versions**: <= 14…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.