Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 5+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
Unknown
Mastodon SSRF Fix: Restricting Private Address Resolution in Request
github.com · 2026-02-25

From the provided webpage screenshot, the following key vulnerability-related information can be extracted: - **Submission Details** - Submission ID: `7b85d21` - Author: `neiros` - Submission Time: 4 …

Read more
Medium
Mastodon Web Cache Poisoning via Rails.cache (CVE-2026-25540)
CVE-2026-25540 · github.com · 2026-02-05
Mastodon < v4.3.19 · Mastodon < v4.4.13 …
Read more
Medium
Mastodon CVE-2026-23964 Insufficient Access Control in Push Notification Settings
CVE-2026-23964 · github.com · 2026-01-27
Mastodon < v4.3.18 · Mastodon < v4.4.12 …
Read more
High
Mastodon SSRF Protection Bypass Vulnerability (CVE-2026-22245)
CVE-2026-22245 · github.com · 2026-01-20
Mastodon < v4.2.29 · Mastodon < v4.3.17 …
Read more
CVSS 5.3
Mastodon CVE-2025-54879: Confirmation Email Rate Limit Bypass via Misconfigured Rack::Attack
github.com · 2025-08-07

### Key Information #### Vulnerability Overview - **Vulnerability Type**: Misconfigured confirmation email rate limiting allowing unlimited confirmation email attacks on unverified emails. - **CVE ID*…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.