Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 36+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
Premium intel
Critical
PraisonAI Unauthenticated WebSocket Session Hijacking (CVE-2025-4289)
CVE-2025-4289 · github.com · 2026-04-18
praisonal<=4.5.138 · praisonalagents<=1.5.139
Read more
High
PraisonAI SQLite SQL Injection Vulnerability in table_prefix Parameter
github.com · 2026-04-18
PraisonAI
Read more
High
SQL Identifier Injection in prisonal SQLiteConversationStore table_prefix
github.com · 2026-04-18
prisonal < 1.5.130
Read more
Premium intel
Critical
CVE-2024-43713 GitHub Actions Credential Persistence Vulnerability Analysis
CVE-2024-43713 · github.com · 2026-04-18
praisonal < 4.5.140
Read more
Premium intel
Critical
Critical RCE in praisonai via workflow YAML (CVE-2026-40288) with POC
CVE-2026-40288 · github.com · 2026-04-18
praisonai <= 4.5.138 · praisonagents <= 1.5.139
Read more
Premium intel
Critical
Praisonal OS Command Injection Vulnerability (CVE-2024-40088) Analysis and PoC
CVE-2024-40088 · github.com · 2026-04-10
praisonal < 4.5.121
Read more
High
CVE-2024-40149: praisonai Unauthenticated Allow-List Manipulation Bypass
CVE-2024-40149 · github.com · 2026-04-10
PraisonAI <= 4.5.124
Read more
Premium intel
Critical
Praisonal <=4.5.117 RCE via Unverified Remote Template Execution
CVE-2026-40154 · github.com · 2026-04-10
praisonal <= 4.5.117
Read more
Medium
Praisonal WSGI Server Local DoS via Unbounded Content-Length (CVE-2026-40115)
CVE-2026-40115 · github.com · 2026-04-10
PraisonAI <= 4.5.124
Read more
Critical
prisonaiaagents Command Injection Vulnerability (CVE-2024-40111) Analysis
CVE-2024-40111 · github.com · 2026-04-10
prisonaiaagents <= 1.5.126
Read more
High
prisonaagents web_crawl SSRF and Local File Read Vulnerability
github.com · 2026-04-10
prisonaagents <= 4.5.124
Read more
Medium
AgentOS Unauth Info Disclosure & System Prompt Extraction via /api/agents
github.com · 2026-04-10
AgentOS < 4.5.120
Read more
High
praisonai CVE-2024-40113 gcloud --set-env-vars Unsanitized Comma Injection
CVE-2024-40113 · github.com · 2026-04-10
praisonai <= 4.5.126
Read more
High
praisonaiagents env var info disclosure via os.path.expandvars
github.com · 2026-04-10
praisonaiagents <= 4.5.120
Read more
Medium
PraisonAI Stored XSS via Missing nh3 Dependency Silent Fallback
github.com · 2026-04-10
PraisonAI <= 4.5.124
Read more
High
Praisonal Jobs API SSRF Vulnerability and Exploit PoC
github.com · 2026-04-10
praisonal <= 4.5.124
Read more
Medium
Decompression Bomb DoS in praisonal safe_extractall() without size limits
github.com · 2026-04-10
praisonal <= 4.5.124
Read more
High
PraisonAI Unauthenticated WebSocket Proxy to OpenAI Realtime API Causing API Credit Exhaustion
github.com · 2026-04-10
PraisonAI < 4.5.124
Read more
High
PraisonAI list_files Path Traversal Vulnerability in Pattern Parameter
github.com · 2026-04-10
MervinPraison/PraisonAI <= 0.87
Read more
Premium intel
Critical
prisonagents Sandbox Escape via Exception Frame Traversal (CVSS 9.9)
github.com · 2026-04-09
prisonagents <= 1.5.114
Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.