Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 12+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
High
IDOR Vulnerability in Employee File Upload Endpoint Allowing Unauthorized Document Overwrite
github.com · 2026-04-22
horilla-hr 1.5.0
Read more
High
IDOR Vulnerability in Employee Document Viewer with PoC
github.com · 2026-04-22
horilla-hr 1.5.0
Read more
High
CVE-2026-40867 Helpdesk IDOR Vulnerability with POC
CVE-2026-40867 · github.com · 2026-04-22
horilla-hr 1.5.0
Read more
Medium
horilla-crm Summernote XSS Vulnerability Fix via DOMPurify
github.com · 2026-02-24
Horilla CRM
Read more
Unknown
Horilla CRM ≤ v1.0.2 Open Redirect Vulnerability in /generics/search/
github.com · 2026-02-24
Horilla CRM ≤ 1.0.2
Read more
High
Horilla HR Software ≥1.4.0 2FA Bypass Vulnerability (CVE-2026-24038)
CVE-2026-24038 · github.com · 2026-01-27
Horilla HR Software >= 1.4.0
Read more
Medium
Unauthenticated Arbitrary Unpublished Job Disclosure in Horilla HR Software (CVE-2026-24036)
CVE-2026-24036 · github.com · 2026-01-27
Horilla HR Software ≥ 1.4.0
Read more
Medium
Horilla HRM XSS Bypass via Project Name (CVE-2026-24037)
CVE-2026-24037 · github.com · 2026-01-27
Horilla HRM >= 1.4.0
Read more
Horilla Stored XSS via File Upload (CVE-2025-59524)
github.com · 2025-09-26

### Key Information #### Vulnerability Overview - **Vulnerability Type**: Stored XSS via file upload in the reimbursement panel - **CVE ID**: CVE-2025-59524 - **Severity**: High #### Affected and Fixe…

Read more
CVSS 4.8
Stored XSS in Horilla HRM v1.3 Project/Task Modules
github.com · 2025-09-26

### Key Information #### Vulnerability Overview - **Vulnerability Type**: Stored Cross-Site Scripting (XSS) - **Affected Version**: Horilla v1.3 - **Fixed Version**: None - **Severity**: Medium (4.8/1…

Read more
CVSS 7.5
Horilla v1.3 Broken Access Control to Candidate Resumes (CVE-2025-48869)
github.com · 2025-09-26

### Critical Vulnerability Information #### Vulnerability Overview - **Title**: Unauthorized Access to Candidate Resume Files Due to Broken Access Control in Horilla v1.3 - **Severity**: High (7.5/10)…

Read more
Premium intel
CVSS 7.2
Horilla v1.3 Authenticated RCE via Eval Injection (CVE-2023-48988)
github.com · 2025-09-25

### Key Information #### Vulnerability Overview - **Vulnerability Type**: Authenticated Remote Code Execution (RCE) - **Affected Version**: Horilla v1.3 - **Fixed Version**: 1.3.1 - **CVE ID**: CVE-20…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.