Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 9+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
Premium intel
High
OAuth2 Proxy CVE-2024-41059 Authentication Bypass via Fragment Confusion
CVE-2024-41059 · github.com · 2026-04-22
oauth2-proxy >= 7.5.0 && < 7.15.2
Read more
Critical
OAuth2 Proxy X-Forwarded-Uri Header Spoofing Authentication Bypass
github.com · 2026-04-22
oauth2-proxy >= 7.5.0 && < 7.15.2
Read more
Medium
CVE-2026-0574: OAuth2 Proxy Authorization Bypass via Malformed Email Claims
CVE-2026-0574 · github.com · 2026-04-22
oauth2-proxy < 7.15.2
Read more
Premium intel
Critical
OAuth2 Proxy Multiple Critical Vulnerabilities: Auth Bypass via Health Check, X-Forwarded-Uri, and Email Validation (CVE
GHSA-v7-15-2-release · github.com · 2026-04-18
oauth2-proxy < 7.15.2
Read more
Low
OAuth2 Proxy Session Cookie Not Cleared on Sign-in Page (CVE-2026-34454)
GHSA-624x-5g9q-753f · github.com · 2026-04-18
oauth2-proxy < 7.15.2
Read more
Premium intel
Critical
CVE-2026-34457: OAuth2 Proxy auth_request Authentication Bypass via User-Agent
CVE-2026-34457 · github.com · 2026-04-18
oauth2-proxy < 7.15.2
Read more
High
OAuth2 Proxy CVE-2025-64484: Header Smuggling via Underscore Leading to Privilege Escalation
CVE-2025-64484 · github.com · 2025-11-11
oauth2-proxy <=7.12.0
Read more
CVSS 9.1
oauth2-proxy CVE-2025-54576 Authentication Bypass via Query Parameter
github.com · 2025-08-02

### Key Information #### Vulnerability Overview - **Vulnerability Name**: Authentication bypass in oauth2-proxy skip_auth_routes due to Query Parameter inclusion - **CVE ID**: CVE-2025-54576 - **Sever…

Read more
CVSS 9.1
oauth2-proxy X-Forwarded-* Header Injection Vulnerability Analysis
github.com · 2025-08-02

### Key Information #### File Location - `util.go` located in the `oauth2-proxy/pkg/requests/util` directory #### Function Purpose - `GetRequestProto`: Retrieves the request protocol, prioritizing the…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.