Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 18+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
High
Budibase JWT Session Cookie Misconfiguration Leading to Account Takeover via XSS
github.com · 2026-05-08
@budibase/backend-core <3.35.10
Read more
Premium intel
Critical
Authentication Bypass via Unanchored Regex in Public Endpoint Matcher — Unauthenticated Access to Protected Endpoints ·
CVE-2024-41428 · github.com · 2026-04-25
Budibase all
Read more
Premium intel
Unknown
CVE-2024-3837 Python requests Library Path Traversal Exploit POC
CVE-2024-3837 · github.com · 2026-04-04
Budibase
Read more
Premium intel
High
libxml2 CVE-2024-3993 Stack-based Buffer Overflow Vulnerability and POC
CVE-2024-3993 · github.com · 2026-04-04
libxml2 < 2.12.4
Read more
Medium
CVE-2023-38278: libcurl HTTP/2 Null Byte Buffer Overflow Vulnerability and Detection Script
CVE-2023-38278 · github.com · 2026-04-04
libcurl < 8.0.2 · pycurl (dependent on libcurl < 8.0.2)
Read more
Critical
Stored XSS in Builder Command Palette via unsanitized entity names
github.com · 2026-04-04
Budibase
Read more
Medium
Bullhorn BRS Unauthenticated Password Reset Endpoint Lacks Rate Limiting
github.com · 2026-04-04
Bullhorn Recruiting Suite 2024.2 and earlier
Read more
Premium intel
Critical
WordPress wp-ecommerce Arbitrary File Upload Vulnerability Analysis
github.com · 2026-04-04
wp-ecommerce (unspecified versions)
Read more
Premium intel
High
VS Code launch.json summary Field XSS Vulnerability Analysis
github.com · 2026-04-04
VS Code
Read more
Critical
Burrow Bash Automation Step Command Injection Vulnerability Analysis
github.com · 2026-04-04
Budibase
Read more
Premium intel
High
WordPress Plugin pix-flags Unauthenticated File Upload Leading to RCE
github.com · 2026-04-04
pix-flags all versions
Read more
Premium intel
Unknown
GitLab gitlab-shell Bash Command Injection Vulnerability Fix
github.com · 2026-04-04
gitlab-shell >= 10.0.0, < 10.0.1 · gitlab-shell >= 10.1.0, < 10.1.1
Read more
Premium intel
Critical
GitLab Unauthenticated RCE via Webhook Trigger and Bash Automation Step
github.com · 2026-04-04
GitLab CE 13.0.0-13.10.0 · GitLab EE 13.0.0-13.10.0
Read more
Premium intel
High
Salesforce REST Connect SSRF via Empty Default Endpoint
github.com · 2026-04-04
Budibase (all versions)
Read more
Premium intel
Critical
Path Traversal in wp-file-upload Plugin (CVE-2023-XXXXX) with POC
github.com · 2026-04-04
wp-file-upload < 3.0.0
Read more
Premium intel
High
Budibase 3.33.4 Security Release: Fixes Command Injection, Path Traversal, and SSRF Risks
github.com · 2026-04-04
Budibase < 3.33.4
Read more
Premium intel
High
Budibase View Filter Injection Vulnerability Fix Analysis
github.com · 2026-02-26
Budibase
Read more
Critical
Budibase CVE-2026-25040: Creator Role API Privilege Escalation via User Invitation Endpoint
CVE-2026-25040 · github.com · 2026-01-30
Budibase App (SaaS)
Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.