Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 18+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
Medium
Erlang/OTP SSH chroot Path Traversal Vulnerability (CVE-2026-32147)
CVE-2026-32147 · github.com · 2026-04-21
OTP >= 17.0 · ssh >= 3.0.1
Read more
High
Erlang SSH SFTP Root Directory Escape Vulnerability Fix Analysis
github.com · 2026-04-21
Erlang/OTP lib/ssh/src/ssh_xfpp.erl (version unspecified)
Read more
Medium
Erlang OTP public_key OCSP Responder Certificate Signature Verification Bypass Fix
github.com · 2026-04-07
Erlang/OTP public_key module
Read more
High
Erlang OTP public_key OCSP Responder Certificate Signature Verification Bypass
GHSA-gvr4-pf64-90wv · github.com · 2026-04-07
Erlang OTP public_key module
Read more
High
Erlang/OTP OCSP Signature Verification Bypass (CVE-2026-32144)
CVE-2026-32144 · github.com · 2026-04-07
OTP >= 27.0 · public_key (OTP) >= 1.16 …
Read more
Medium
Erlang/OTP Kernel Network Modules Type Spec Fix for Port -1
github.com · 2026-04-07
gen_udp · inet6 …
Read more
High
Erlang/OTP OTP-20037 Patch: Fix inet module port randomization logic and type specs
OTP-20037 · github.com · 2026-04-07
Erlang/OTP
Read more
Low
Erlang/OTP inet module port binding logic fix
github.com · 2026-04-07
Erlang/OTP
Read more
High
Erlang/OTP inets httpd ScriptAlias CGI Auth Bypass (CVE-2026-2808)
CVE-2026-2808 · github.com · 2026-04-07
OTP >= 17.0 · inets >= 5.10
Read more
High
Erlang/OTP inets mod_auth Authentication Bypass (CVE-2020-28000) Fix Analysis
CVE-2020-28000 · github.com · 2026-04-07
Erlang/OTP inets module with mod_auth and mod_cgi configured with script_alias prior to fix
Read more
High
Erlang SSH CVE-2020-38712 KEX Strict Implementation Fix
CVE-2020-38712 · github.com · 2026-01-20
Erlang/OTP SSH module
Read more
Erlang/OTP SSH SFTP File Handle Exhaustion Vulnerability (CVE-2025-48041)
github.com · 2025-09-12

### Key Information #### Vulnerability Title - **SSH_FXP_OPENDIR may Lead to Exhaustion of File Handles** #### Severity - **Severity**: High (7.1/10) #### Affected Scope - **Affected versions**: - OTP…

Read more
Analysis of SQL Injection Vulnerability Introduction in Java Servlet
github.com · 2025-09-12

From this webpage screenshot, the following key vulnerability information can be obtained: - **File Path**: `/src/main/java/com/example/vulnapp/VulnerableServlet.java` - **Commit ID**: `5f98e63` - **C…

Read more
OpenSSH SFTP File Handle Length Limit Fix
github.com · 2025-09-12

From this webpage screenshot, the following key vulnerability information can be extracted: - **Submission Details**: - Submission ID: `4e3bf86` - Submitter: `u3s` - Submission Time: 2 weeks ago - Sub…

Read more
SSH SFTP File Handle Length Validation Fix
github.com · 2025-09-12

### Critical Vulnerability Information - **Commit ID**: f09e020 - **Committer**: u3s - **Commit Time**: 2 weeks ago - **Commit Description**: - Validate file handle size limit to process client data. …

Read more
Erlang/OTP erl_tar Path Traversal Vulnerability Fix Analysis
github.com · 2025-07-06

### Key Information #### 1. Vulnerability Type - **Path Traversal**: The code improperly handles user-supplied file paths, potentially allowing attackers to access or manipulate arbitrary files on the…

Read more
CVSS 3.7
Erlang/OTP Security Fix: CVE-2025-46712 SSH Strict Key Exchange and Simulator Crash Fixes
github.com · 2025-05-11

### Critical Vulnerability Information #### Vulnerability IDs and Related Issues - **CVE-2025-46712**: Related to OTP-19625, fixes an issue with SSH strict implementation. - **ERIERL-1220, PR-9966**: …

Read more
CVSS 3.7
Erlang/OTP 26.2.5.12 Security Update: Fixes CVE-2025-46712 (SSH KEX) and Multiple Component Crashes
github.com · 2025-05-11

### Critical Vulnerability Information #### Vulnerability IDs and Related Issues - **CVE-2025-46712**: Related to `OTP-19625`, fixes an issue with SSH KEX strict implementation. - **ERIEIRL-1220**: Re…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.