Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 21+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
High
Improper validation of NBNS name_len in arduino-esp32 NetBIOS leads to memory corruption · Advisory · espressif/arduino-
CVE-2020-41429 · github.com · 2026-04-25
espressif/arduino-esp32 < 3.3.8
Read more
High
ESP-IDF protocomm BLE Buffer Overflow Fix
github.com · 2026-02-05
Espressif ESP-IDF protocomm module
Read more
High
ESP-IDF protocomm BLE Buffer Overflow Fix
github.com · 2026-02-05
Espressif ESP-IDF (protocomm module)
Read more
High
ESP-IDF protocomm BLE Buffer Overflow Fix
github.com · 2026-02-05
esp-idf protocomm module
Read more
High
Espressif protocomm BLE Buffer Overflow Fix
github.com · 2026-02-05
esp-idf protocomm
Read more
High
Wi-Fi supplicant Invalid Memory Access Fix Analysis
github.com · 2026-02-05
esp-idf < release/v5.2
Read more
Medium
WPS Enrollee Integer Underflow Vulnerability (CVE-2026-25532) Advisory
CVE-2026-25532 · github.com · 2026-02-05
esp-idf v5.5.2 · esp-idf v5.4.3 …
Read more
Unknown
CVE-2026-25508: Out-of-Bounds Read in BLE Provisioning and Patch Analysis
CVE-2026-25508 · github.com · 2026-02-05
v5.5.2 · v5.4.3 …
Read more
Medium
CVE-2025-68657: Double-Free Race Condition in usb_host_hid
CVE-2025-68657 · github.com · 2026-01-20
usb_host_hid <= 1.0.4
Read more
Medium
ESP32 Bluetooth AVRCP Out-of-Bounds Read Vulnerability (CVE-2025-66409)
CVE-2025-66409 · github.com · 2025-12-04
ESP-IDF v5.5.1 · ESP-IDF v5.4.3 …
Read more
Medium
ESP32-P4 JPEG Decoder Out-of-Bounds Access Vulnerability (CVE-2025-65092)
CVE-2025-65092 · github.com · 2025-11-22
ESP32-P4 v5.5.1 · ESP32-P4 v5.4.3 …
Read more
Unknown
Espressif ESP-IDF JPEG Decoder Buffer Overflow Fix
github.com · 2025-11-22
esp-idf (esp_driver_jpeg)
Read more
Medium
Espressif ESP-IDF Bluetooth Stack Connection State Spoofing Fix
github.com · 2025-11-18
ESP-IDF v5.5.1 · ESP-IDF v5.4.2 …
Read more
ESP-IDF BluFi Example Memory Overflow Vulnerability (CVE-2025-55297)
github.com · 2025-08-23

### Key Information #### Vulnerability Overview - **Vulnerability Name**: BluFi Example Memory Overflow Vulnerability - **CVE ID**: CVE-2025-55297 - **Severity**: Medium - **Affected Component**: BluF…

Read more
Espressif ESP-IDF Blufi Buffer Overflow Fix
github.com · 2025-08-23

### Key Information #### Vulnerability Description - **Issue Type**: Security vulnerability fix - **Affected Files**: - `examples/bluetooth/blufi/main.c` - `blufi_security.c` #### Fix Details 1. **`ma…

Read more
Espressif ESP32 Blufi Example Buffer Overflow Fix
github.com · 2025-08-23

### Key Information #### Vulnerability Description - **Issue Type**: Security issue fix - **File**: `examples/bluetooth/blufi/main/blufi_example_main.c` - **Fix Content**: Fixed certain security issue…

Read more
ESP-IDF BLE Blufi Security Fix: Password Validation, Memory Init, Key Length
github.com · 2025-08-23

### Key Information #### Vulnerability Type - Security Enhancement: This submission primarily addresses security issues in the Bluetooth Low Energy (BLE) example. #### Fixes Implemented 1. **Password …

Read more
Espressif ESP32 BLUFI Fix: Uninitialized Memory Use & Incorrect Key Length
github.com · 2025-08-23

### Key Information - **Commit ID**: b1657d9 - **Commit Date**: February 11, 2023 - **Committer**: esp-shhp - **Co-author**: zhanghong (zhanghong@espressif.com) - **Commit Description**: Fix security …

Read more
ESP32 Arduino OTAWebUpdater CSRF Leading to RCE
github.com · 2025-07-12

### Key Information #### Vulnerability Overview - **Vulnerability Type**: CSRF (Cross-Site Request Forgery) - **Affected Scope**: Firmware update endpoint in ESP32 Arduino devices - **Severity**: Crit…

Read more
WebServer HTTP Header Injection Fix (CRLF)
github.com · 2025-07-06

From this webpage screenshot, the following key information about the vulnerability can be extracted: - **Submission Details**: - Submission ID: `21640ac` - Submitter: `lucasssvaz` - Submission Time: …

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.