Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 10+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
High
Zitadel Privilege Escalation: Self-Verification Bypass via UpdateHumanUser API (CVE-2026-27946)
CVE-2026-27946 · github.com · 2026-02-26
ZITADEL 4.0.0 · ZITADEL 4.11.0 …
Read more
Zitadel Authentication Factor Brute-Force Vulnerability (CVE-2025-64102) Advisory
github.com · 2025-10-30

### Key Information #### Vulnerability Overview - **Vulnerability Type**: Brute-force authentication factor - **CVE ID**: CVE-2025-64102 - **Severity**: High (CVSS v4 base metrics: 7.7/10) #### Affect…

Read more
CVSS 8.1
ZITADEL CVE-2025-64101 Account Takeover via Forwarded Header Injection
github.com · 2025-10-30

### Critical Vulnerability Information #### Vulnerability Overview - **Title**: Account Takeover via Malicious Forwarded Header Injection - **Publisher**: livio-a - **Publication Time**: 3 hours ago -…

Read more
CVSS 5.9
Zitadel Actions URL Validation Bypass Vulnerability
github.com · 2024-10-26

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: Denied Host Validation Bypass in Zitade…

Read more
CVSS 7.5
Zitadel v2.58.7 Security Update: Fixes Registration Check and Domain/IP Deny Logic
github.com · 2024-10-26

From this webpage screenshot, the following key vulnerability-related information can be obtained: 1. **Version Information**: - Version: v2.58.7 - Release Date: October 24, 2024 2. **Vulnerability Fi…

Read more
CVSS 7.5
Zitadel v2.59.5 Release: Fixes for Registration Handling and Domain/IP Access Control
github.com · 2024-10-26

From this webpage screenshot, the following key vulnerability-related information can be obtained: 1. **Version Information**: - Version: v2.59.5 - Release Date: October 23, 2024 2. **Vulnerability Fi…

Read more
CVSS 7.5
Zitadel v2.61.4 Security Update: Fixes Registration Check and IP/Domain Deny List Bypass
github.com · 2024-10-26

From this webpage screenshot, the following key vulnerability-related information can be obtained: 1. **Version Information**: - Version: v2.61.4 - Release Date: October 23, 2024 2. **Vulnerability Fi…

Read more
CVSS 5.9
Zitadel v2.63.6 Patch: Fixes Check for Rejected Domains/IPs (#8810)
github.com · 2024-10-26

From this webpage screenshot, the following key vulnerability-related information can be obtained: 1. **Version Information**: - Version: v2.63.6 - Release Date: October 23, 2024 2. **Vulnerability Fi…

Read more
CVSS 7.3
ZITADEL User Grant Deactivation Failure Vulnerability (GHSA-2w5j-qfvw-2hf5/CVE-2024-46999)
github.com · 2024-09-21

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: User Grant Deactivation not Working - *…

Read more
CVSS 8.1
ZITADEL Service Account Deactivation Bypass Vulnerability (GHSA-qr2h-7pwm-h393) Advisory
github.com · 2024-09-21

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: Service Users Deactivation not Working …

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.