Security Intel Hub 23479+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Argo Workflows Controller Crash via Unchecked Annotation Parsing (DoS)

github.com · 2026-04-24

# Argo Workflows Unchecked Annotation Parsing Leads to Controller Crash Vulnerability ## Vulnerability Overview In Argo Workflows' `podInformer`, the `parsePodGCStrategy` function uses `strings.Split`…

OpenClaw Unauthorized Access to Assistant Media Files Fix

github.com · 2026-04-24

# Vulnerability Summary ## Vulnerability Overview A security vulnerability exists in the OpenClaw project that allows unauthorized access to assistant media files. Specific manifestations include: - I…

OpenTelemetry OTLP Response Body Size Limitation Missing Leading to DoS

github.com · 2026-04-24

# Vulnerability Summary: Missing Response Body Size Limit in OpenTelemetry ## Vulnerability Overview The OpenTelemetry protocol specification lacks a limit on the size of response bodies received by c…

ToTolink A3300r catcgi.cgi Command Injection Vulnerability (CVE-2026-31168)

github.com · 2026-04-24

# ToTolink A3300r Command Injection Vulnerability (CVE-2026-31168) ## Vulnerability Overview A command injection vulnerability exists in the `catcgi.cgi` file of the ToTolink A3300r router. An attacke…

OpenTelemetry .NET gRPC RetryDelay Deserialization Fix

github.com · 2026-04-24

### Vulnerability Overview The webpage screenshot illustrates an issue related to deserialization of `GrpcStatusDetailsHeader`, specifically the functionality of retrieving `GrpcRetryDelay` from `Grpc…

OpenTelemetry .NET SDK CVE-2024-40891 Unbounded gRPC Parsing DoS

github.com · 2026-04-24

# Vulnerability Overview - **Vulnerability Name**: Unbounded `grpc-status-details-bin` parsing in OTLP/gRPC retry handling - **CVE ID**: CVE-2024-40891 - **Severity**: Medium (CVSS v3 base metrics: 5.…

ToTolink A3300r Command Injection in cstecgi.cgi (CVE-2026-31172)

github.com · 2026-04-24

# ToTolink A3300r Command Injection Vulnerability Summary ## Vulnerability Overview * **Vulnerability Name**: ToTolink A3300r Command Injection Vulnerability * **CVE ID**: CVE-2026-31172 * **Vulnerabi…

ToTolink A3300R Command Injection Vulnerability (CVE-2026-31165) with PoC

github.com · 2026-04-24

# ToTolink A3300R Command Injection Vulnerability (CVE-2026-31165) ## Vulnerability Overview A command injection vulnerability has been discovered in the `cste cgi` module of the ToTolink A3300R route…

ToTolink A3300r Command Injection in cstextgi.cgi (CVE-2026-31175)

github.com · 2026-04-24

# ToTolink A3300r Vulnerability Summary ## Vulnerability Overview - **Vulnerability Type**: Command Injection - **CVE ID**: CVE-2026-31175 - **Description**: A command injection vulnerability was disc…

ToTolink A3300R Command Injection in extcwg1.cgi (CVE-2026-31164) with PoC

github.com · 2026-04-24

# ToTolink A3300R Command Injection Vulnerability Summary ## Vulnerability Overview * **Vulnerability Type**: Command Injection * **Vulnerability Location**: Function `sub_422380` in `extcwg1.cgi`. * …

ToTolink A3300r Command Injection in cstcgi.cgi (CVE-2026-31171)

github.com · 2026-04-24

# ToTolink A3300r Command Injection Vulnerability (CVE-2026-31171) ## Vulnerability Overview * **Vulnerability Type**: Command Injection * **Affected File**: `cstcgi.cgi` * **Vulnerability Principle**…

ToTolink A3300r CVE-2026-31174 Command Injection Vulnerability and PoC

github.com · 2026-04-24

ToTolink A3300R Command Injection in cstcgi.cgi (CVE-2026-31160)

github.com · 2026-04-24

# ToTolink A3300R Command Injection Vulnerability Summary ## Vulnerability Overview * **Vulnerability Name**: ToTolink A3300R Command Injection (CVE-2026-31160) * **Vulnerability Type**: Command Injec…

ToTolink A3300R Command Injection Vulnerability (CVE-2026-31181) Analysis and PoC

github.com · 2026-04-24

# ToTOLink A3300R Command Injection Vulnerability Summary ## Vulnerability Overview * **Vulnerability Type**: Command Injection * **CVE ID**: CVE-2026-31181 * **Vulnerability Description**: There is a…

ToTolink A3300r Command Injection in extcgi.cgi (CVE-2026-31178) with PoC

github.com · 2026-04-24

# ToTolink A3300r Command Injection Vulnerability Summary ## Vulnerability Overview * **Vulnerability Type**: Command Injection * **CVE ID**: CVE-2026-31178 * **Affected Product**: ToTolink A3300r * *…

ToTolink A3300r Command Injection in cstecgi.cgi (CVE-2026-31177)

github.com · 2026-04-24

ToTolink A3300r cstecgi.cgi Command Injection Vulnerability (CVE-2026-31176)

github.com · 2026-04-24

ToTolink A3300R Command Injection in cstecgi.cgi (CVE-2026-31179) with PoC

github.com · 2026-04-24

# ToTolink A3300R Command Injection Vulnerability Summary ## Vulnerability Overview * **Vulnerability Name**: ToTolink A3300R Command Injection Vulnerability (CVE-2026-31179) * **Vulnerability Type**:…

ToTolink A3300R cstecgi.cgi Command Injection Vulnerability (CVE-2026-31159) with PoC

github.com · 2026-04-24

# ToTolink A3300R Command Injection Vulnerability Summary ## Vulnerability Overview * **Vulnerability Type**: Command Injection * **CVE ID**: CVE-2026-31159 * **Affected File**: `cstecgi.cgi` * **Vuln…

CVE-2026-23751: Kofax Capture Unauthenticated File Read/Write and SMB Coercion via .NET Remoting

gist.github.com · 2026-04-24

# Vulnerability Summary: Kofax Capture Unauthorized File Read/Write and SMB Coercion Vulnerability ## Vulnerability Overview * **Vulnerability Title**: Tungsten Automation - Kofax Capture Unauthentica…

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.

Goal Reached Thanks to every supporter — we hit 100%!

Security Intel Hub 23479+