Security Intel Hub 7+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Filter

KEV only

Verified PoC

Clear filters

High

Ray RCE: Arbitrary Code Execution via Arrow Extension Type Deserialization

github.com · 2026-05-09

Ray 2.49-2.54

High

Ray Multiple Components Vulnerability Fix Advisory (RCE/Serialization)

github.com · 2026-05-09

Ray Data < 2.55.0 · Ray Serve < 2.55.0 …

High

Ray CVE-2024-2056 RCE via Parquet Cloudpickle Deserialization

CVE-2024-2056 · github.com · 2026-05-09

Ray <= 2.49.2.54

High

Ray Parquet Extension Type Deserialization RCE

github.com · 2026-05-09

Ray 2.49.0 · Ray 2.50.0 …

High

Ray Dashboard Fix: Browser DELETE Request Bypass via Whitelist

github.com · 2026-02-22

ray-project/ray

Critical

Ray <2.52.0 DNS Rebinding RCE Vulnerability (CVE-2025-62593)

CVE-2025-62593 · github.com · 2025-11-27

Ray < 2.52.0

High

Ray Dashboard CSRF Fix: Added Sec-Fetch Header Validation

github.com · 2025-11-27

Ray < latest_fix_version

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.

Goal Reached Thanks to every supporter — we hit 100%!

Security Intel Hub 7+

Ray RCE: Arbitrary Code Execution via Arrow Extension Type Deserialization

Ray Multiple Components Vulnerability Fix Advisory (RCE/Serialization)

Ray CVE-2024-2056 RCE via Parquet Cloudpickle Deserialization

Ray Parquet Extension Type Deserialization RCE

Ray Dashboard Fix: Browser DELETE Request Bypass via Whitelist

Ray <2.52.0 DNS Rebinding RCE Vulnerability (CVE-2025-62593)

Ray Dashboard CSRF Fix: Added Sec-Fetch Header Validation