Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 10+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
High
CVE-2026-35185: HAXIam mod_status Information Disclosure Vulnerability
CVE-2026-35185 · github.com · 2026-04-07
HAXIam 11.0.5
Read more
CVSS 8.3
HAX CMS CVE-2015-5173 Lack of Authorization Checks Vulnerability with PoC
github.com · 2025-07-30

### Key Information #### Vulnerability Overview - **Vulnerability Name**: Lack of Authorization Checks - **CVE ID**: CVE-2015-5173 - **CVSS Score**: 8.3/10 - **Severity**: High #### Affected Packages …

Read more
HAX CMS NodeJS CSP Disabled Enables XSS (CVE-2025-54128)
github.com · 2025-07-26

### Key Information #### Vulnerability Overview - **Vulnerability Name**: Disabled Content Security Policy Enables Cross-Site Scripting - **CVE ID**: CVE-2025-54128 - **Severity**: High (7.2/10) - **A…

Read more
HAXCMS listFiles.js Path Traversal Vulnerability Analysis (GHSA-9jr9-8ff)
github.com · 2025-07-26

From this webpage screenshot, the following key information about the vulnerability can be obtained: - **Security Advisory Link**: `https://github.com/haxtheweb/issues/security/advisories/GHSA-9jr9-8f…

Read more
HAX CMS NodeJS CVE-2025-54134 Authenticated DoS via Improper Error Handling
github.com · 2025-07-26

### Key Information #### Vulnerability Overview - **Vulnerability Name**: Improper Error Handling Leading to Denial of Service - **Severity**: High (7.1/10) - **Affected Package**: haxcms-nodejs (npm)…

Read more
CVSS 5.3
CVE-2020-49139: HAX CMS iFrame Phishing Vulnerability
github.com · 2025-06-11

### Critical Vulnerability Information #### Vulnerability Type - **iFrame Phishing** #### Affected Versions - `haxcms-nodejs.operations (npm)`: /user?/System/api/saveNode #### PoC Steps 1. Set up an i…

Read more
CVSS 8.5
SQL Injection Vulnerability Analysis and Fix Guide in Node.js API
github.com · 2025-06-11

From this webpage screenshot, the following key information about the vulnerability can be obtained: - **Vulnerability Type**: SQL Injection - **Vulnerability Description**: - In the `/api/v1/users` e…

Read more
CVSS 6.5
HAXCMS CVE-2023-49138 Authenticated Local File Inclusion via saveOutline API
github.com · 2025-06-11

### Key Information #### Vulnerability Name Local File Inclusion via saveOutline API Location Parameter #### Affected Versions - **Affected Versions**: <=10.0.6 - **Fixed Version**: 11.0.0 #### Severi…

Read more
CVSS 8.6
Haxcms PHP/Node.js Command Injection in gitImportSite
github.com · 2025-06-11

### Key Information #### Vulnerability Overview - **Vulnerability Type**: PHP Command Injection Vulnerability - **Affected Versions**: - `haxcms-nodejs.operations (haxcms-nodejs)`: /user/system/api/gi…

Read more
CVSS 5.3
CVE-2025-48996: PSU HAX CMS Unauthorized Information Disclosure via haxPsuUsage API
github.com · 2025-06-04

### Critical Vulnerability Information #### Vulnerability Overview - **Vulnerability Type**: Unauthorized Information Disclosure - **Impact Scope**: PSU HAX CMS site list leaked via the haxPsuUsage AP…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.