Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 7+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
Premium intel
Critical
ZimaOS CVE-2023-28788 SSRF via Cloudflare Tunnel
CVE-2023-28788 · github.com · 2026-04-04
ZimaOS < 1.5.0
Read more
Premium intel
High
ZimaOS GHSA-65mg-9gw5 Unauthorized File Creation via API Bypass
GHSA-65mg-9gw5-vr7g · github.com · 2026-03-03
ZimaOS v1.5.2-beta3
Read more
CVSS 5.3
ZimaOS 1.5.0 Unauthenticated User Enumeration via /v1/users/name API (GHSA-9mrr-px2c-w42c)
github.com · 2025-11-06

### Vulnerability Key Information - **Vulnerability ID**: GHSA-9mrr-px2c-w42c - **CVE ID**: No known CVE - **Affected Versions**: ZimaOS 1.5.0 - **Fixed Version**: None - **Severity**: Medium (CVSS Sc…

Read more
CVSS 5.3
ZimaOS Unauthenticated API Discloses Usernames (CVE-2024-48932)
github.com · 2024-10-26

From this webpage screenshot, the following key vulnerability information can be obtained: 1. **Vulnerability Description**: - **Vulnerability Type**: Unauthenticated API Discloses Usernames. - **Affe…

Read more
CVSS 5.3
ZimaOS CVE-2024-49358 Username Enumeration via API
github.com · 2024-10-26

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Title**: Username Enumeration via API Responses in ZimaOS - *…

Read more
Premium intel
CVSS 7.5
CasaOS <=1.2.4 Unauthenticated Sensitive Information Disclosure
github.com · 2024-10-26

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: Unauthorized Sensitive Data Disclosure …

Read more
CVSS 7.5
ZimaOS CVE-2024-49359 Directory Traversal via Parameter Manipulation
github.com · 2024-10-26

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Title**: Directory Listing via Parameter Manipulation in Zima…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.