Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 11+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
Critical
Kyverno Controller API Token Leakage Vulnerability and Fix
github.com · 2026-04-24
Kyverno <= 3.0.4
Read more
High
Kyverno Outbound API Token Replay Vulnerability and Fix
github.com · 2026-04-24
Kyverno v1.7.2 and earlier
Read more
High
Kyverno ConfigMap Cross-Namespace Unauthorized Access Fix
github.com · 2026-04-24
Kyverno <= 3.8.0-rc.1
Read more
High
Kyverno apiCall SSRF Leading to ServiceAccount Token Leakage
github.com · 2026-04-24
Kyverno v1.17.1
Read more
High
Kyverno ForEach patchesJson6902 nil panic causing CrashLoopBackOff fix
github.com · 2026-04-24
kyverno
Read more
High
Kyverno CVE-2026-22039: RBAC Bypass via configMap Context Loader with POC
CVE-2026-22039 · github.com · 2026-04-24
kyverno/kyverno <= 1.17.0
Read more
High
Kyverno Controller DoS via ForEach Type Assertion Panic in patchesJson6902
github.com · 2026-04-24
Kyverno >=1.13.0 <1.17.1 · Kyverno <=1.16.3 …
Read more
Medium
Kyverno Apical ServiceCall Implicit Bearer Token Injection Vulnerability
github.com · 2026-04-22
Kyverno < 1.16.4
Read more
High
Kyverno CEL HTTP SSRF Vulnerability (CVE-2026-4789) Analysis and Mitigation
CVE-2026-4789 · kb.cert.org · 2026-04-02
Kyverno 1.16.0 and later
Read more
CVSS 7.7
Kyverno CVE-2021-47581 DoS via JMESPath Variable Replacement
github.com · 2025-07-26

### Key Information Summary #### Vulnerability Overview - **CVE ID**: CVE-2021-47581 - **Severity**: 7.7/10 - **Affected Versions**: <1.14.1 - **Fixed Version**: 1.14.2 #### Vulnerability Description …

Read more
Kyverno CVE-2024-48921: PolicyException Namespace Bypass Vulnerability Analysis
github.com · 2024-10-30

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Name**: PolicyException objects can be created in any namespace by default 2. **…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.