Security Intel Hub 17+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Filter

KEV only

Verified PoC

Clear filters

Critical

emlog RCE via Malicious Plugin Upload (CVE-2026-41517) Analysis and Fix

CVE-2026-41517 · github.com · 2026-05-09

emlog < 2.6.11

Critical

eMlog log_model.php addLog/updateLog SQL Injection Vulnerability and Fix

github.com · 2026-05-09

eMlog <2.6.11

High

emlog <2.6.11 Admin CSRF Vulnerability and Fix Implementation

github.com · 2026-05-09

emlog < 2.6.11

Premium intel

Critical

Path Traversal in emu2nZip Plugin Leading to RCE

github.com · 2026-04-04

emlog 2.6.2

High

emlog <=2.2.6 Stored XSS via URI Scheme Validation Bypass in Comment Module

github.com · 2026-04-04

emlog <= 2.2.6

Premium intel

Medium

emlog plugin.php Local File Inclusion (LFI) Vulnerability Analysis

github.com · 2026-04-04

emlog <= 2.6.2

Critical

emlog <2.2.2 tag_model.updateTagName SQL Injection Vulnerability

github.com · 2026-04-04

emlog < 2.2.2

Critical

emlog Backend Upgrade CSRF Leading to Arbitrary SQL Execution and File Write (CVE-2024-3628)

CVE-2024-3628 · github.com · 2026-04-04

emlog 2.6.7

Critical

emlog v2.6.1 REST API Arbitrary File Upload Leading to RCE

github.com · 2026-01-20

emlog v2.6.1

emlog <=2.5.22 Stored XSS via File Upload (CVE-2015-6769)

github.com · 2025-10-07

### Critical Vulnerability Information #### Vulnerability Overview - **Type**: Stored XSS - **Affected Versions**: <=2.5.22 - **Fixed Version**: None - **Severity**: Low (0.0/10) #### Description A cr…

EmLOG Pro <=2.5.21 Stored XSS in Twitter Feature (CVE-2025-61599)

github.com · 2025-10-03

### Key Information #### Vulnerability Type - **Stored Cross-Site Scripting (XSS)** #### Affected Versions - **`), allowing embedded scripts to execute when users interact with or expand the content. …

CVSS 6.9

emlog Stored XSS in links via siteurl (CVE-2025-53924)

github.com · 2025-07-17

### Key Information #### Vulnerability Overview - **Vulnerability Type**: Stored XSS - **Affected Versions**: <= pro-2.5.17 - **Fixed Version**: None - **Severity**: Medium (6.9/10) #### Description -…

CVSS 6.1

emlog CMS Reflected XSS Vulnerability (CVE-2025-53926) with PoC

github.com · 2025-07-17

### Key Information #### Vulnerability Overview - **Vulnerability Type**: Reflected Cross-Site Scripting (XSS) - **Affected Versions**: emlog history.pushState('', '', '/'); document.forms[0].submit()…

CVSS 5.4

emlog CMS <= pro-2.5.17 Stored XSS via File Upload (CVE-2025-53925)

github.com · 2025-07-17

### Key Information - **Vulnerability Type**: Stored XSS - **Affected Versions**: alert(6x539); ------WebKitFormBoundaryWDS5cFBVEf2uLiv4b-- ``` 2. Access the URL of the uploaded file. After uploading …

CVSS 7.3

Emlog Pro 2.5.11 SQL Injection Vulnerability Analysis

github.com · 2025-05-25

### Critical Vulnerability Information #### Affected Product - **Product Name**: Emlog - **Vendor Homepage**: https://www.emlog.net #### Affected and Fixed Versions - **Affected File**: /include/contr…

Premium intel

CVSS 8.3

EMLOG SQL Injection Vulnerability (CVE-2025-47785) Analysis and Exploitation

github.com · 2025-05-17

### Key Information Summary #### Vulnerability Overview - **Vulnerability Name**: EMLOG SQL Injection Vulnerability - **CVE ID**: CVE-2025-47785 - **Severity**: High (8.3/10) - **Affected Versions**: …

CVE-2025-30372 SQL Injection via URL Double Encoding Bypass PoC

github.com · 2025-03-29

### Key Information - **Vulnerability Type**: SQL Injection Vulnerability - **CVE ID**: CVE-2025-30372 - **Affected Versions**: <= pro-2.5.8 - **Fixed Version**: pro-2.5.9 - **Vulnerable Location**: /…

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.

Goal Reached Thanks to every supporter — we hit 100%!

Security Intel Hub 17+