Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 60+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
Premium intel
Unknown
Live Plugin statusURL Protocol Whitelist Bypass Fix
github.com · 2026-04-22
WWBN/AVideo
Read more
Premium intel
High
AVideo CVE-2026-33502 Command Injection Vulnerability Analysis and Fix
CVE-2026-33502 · github.com · 2026-04-22
AVideo (pre-commit 1e6cf03e93b5)
Read more
High
CloneSite Plugin RCE Vulnerability (CVE-2024-41304) Analysis and Exploitation
CVE-2024-41304 · github.com · 2026-04-22
WWBN/AVideo <=29
Read more
High
CloneSite Plugin Command Injection Fix Analysis
github.com · 2026-04-22
WWBN/AVideo < commit 473c609
Read more
High
Video Platform XSS Vulnerability: Duration Validation and Output Encoding Flaw
github.com · 2026-04-22
WWBN/AVideo
Read more
Medium
AVideo ParsedownSafeWithLinks XSS Bypass via Markdown Links (CVE-2026-33500)
CVE-2026-33500 · github.com · 2026-04-22
AVideo < commit 3ae02fa24093
Read more
Medium
Stored XSS in wwbn/avideo due to unanchored duration regex
github.com · 2026-04-22
wwbn/avideo <= 29.0
Read more
High
Parsedown URL Protocol Whitelist Bypass Fix Analysis
github.com · 2026-04-22
WWBN/AVideo
Read more
Medium
wwbn/avideo Directory Traversal Bypass via Query String and Arbitrary File Read
github.com · 2026-04-22
wwbn/avideo <= 29.0
Read more
High
Directory Traversal Fix for avideoEncoderReceiveImage.json.php
github.com · 2026-04-22
WWBN/AVideo
Read more
High
Path Traversal Fix Analysis: URL Decoding Bypass and realpath Defense
github.com · 2026-04-22
WWBN/AVideo
Read more
Medium
Fix CORS Preflight Handling in pluginAPI/router.php
github.com · 2026-04-22
AVideo
Read more
Medium
CORS Credential Reflection Vulnerability Fix Analysis
github.com · 2026-04-22
WWBN/AVideo
Read more
High
wwbn/avideo CORS Origin Reflection Leads to Cross-Domain Account Takeover
github.com · 2026-04-22
wwbn/avideo <= 29.0
Read more
High
SSRF Fix: Enforcing Hostname and Port Matching for Same-Origin Requests
github.com · 2026-04-22
WWBN/AVideo
Read more
High
wvbn/avideo CORS Origin Reflection Bypass Leads to Auth API Data Leakage
github.com · 2026-04-22
wvbn/avideo <= 29.0
Read more
High
AVideo SSRF via Same-Domain Hostname Bypass (CVE-2024-41060)
CVE-2024-41060 · github.com · 2026-04-22
WWBN/AVideo <= 29.0
Read more
Medium
AVideo CloneSite Path Traversal via deleteDump Parameter (CVE-2026-33293)
CVE-2026-33293 · github.com · 2026-04-22
AVideo < commit 941decd6d19e
Read more
High
AVideo/WVPN SSRF Bypass via DNS Rebinding and Fix Analysis
github.com · 2026-04-22
AVideo
Read more
Premium intel
Medium
CVE-2026-33039: AVideo LiveLinks SSRF via DNS Rebinding Bypass
CVE-2026-33039 · github.com · 2026-04-22
AVideo < 0e56382921fc71e64829cd1ec35f04e338c70917
Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.