Security Intel Hub 6+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Filter

KEV only

Verified PoC

Clear filters

Premium intel

Critical

Shopper Admin RBAC Privilege Escalation via Auth Bypass (CVE-2025-47744)

CVE-2025-47744 · github.com · 2026-05-30

shopper/admin < 2.8.0

Premium intel

High

Shopware Fix: Authorization Bypass, Livewire Hardening, Barcode XSS, Discount Race Condition

github.com · 2026-05-30

shopperlabs/shopper

Medium

CVE-2025-47745: Missing Authorization in Shopper Admin Tables (Pre-Auth RCE/DoS)

GHSA-fxqw-97cc-7g5c · github.com · 2026-05-30

shopper < 2.8.0

High

Shopper Admin Missing Authorization on Order Mutation Actions (CVE-2025-47740)

GHSA-946-9g96-vgch · github.com · 2026-05-30

shopper/admin < 2.8.0

High

Race condition in Shopper cart allows silent oversell of discount usage_limit

github.com · 2026-05-30

Shopper <patched_version

Medium

Shopify Cart Race Condition Vulnerability Allows Silent Discount Over-Redemption (CWE-362)

github.com · 2026-05-30

shopify/cart < 2.8.0 · shopify/core < 2.8

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.

Goal Reached Thanks to every supporter — we hit 100%!

Security Intel Hub 6+

Shopper Admin RBAC Privilege Escalation via Auth Bypass (CVE-2025-47744)

Shopware Fix: Authorization Bypass, Livewire Hardening, Barcode XSS, Discount Race Condition

CVE-2025-47745: Missing Authorization in Shopper Admin Tables (Pre-Auth RCE/DoS)

Shopper Admin Missing Authorization on Order Mutation Actions (CVE-2025-47740)

Race condition in Shopper cart allows silent oversell of discount usage_limit

Shopify Cart Race Condition Vulnerability Allows Silent Discount Over-Redemption (CWE-362)