Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 23479+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Unauthenticated SQL Injection in Pharmacy Sales and Inventory System V1.0
github.com · 2026-04-18

# Vulnerability Summary ## Overview * **Vulnerability Name**: sourcecodester Pharmacy Sales and Inventory System V1.0 SQL Injection Vulnerability * **Affected Product**: Pharmacy Sales and Inventory S…

Read more
libexpat CVE-2026-41080 Hash Flooding DoS Vulnerability Analysis
github.com · 2026-04-18

# CVE-2026-41080 Vulnerability Summary ## Overview * **Vulnerability Name**: Hash Flooding * **Description**: This vulnerability involves improvements to the hash table processing mechanism, aimed at …

Read more
TOTOLINK A7100RU cstecgi.cgi Command Injection Vulnerability with PoC
github.com · 2026-04-18

# A7100RU Command Injection Vulnerability Summary ## Vulnerability Overview A command injection vulnerability was discovered in the `cstecgi.cgi` script of the TOTOLINK A7100RU router. An attacker can…

Read more
TOTOLINK A7100RU cstecgi.cgi Command Injection Vulnerability with PoC
github.com · 2026-04-18

# A7100RU Command Injection Vulnerability Summary ## Vulnerability Overview The TOTOLINK A7100RU router has a command injection vulnerability. In `cstecgi.cgi`, an attacker can craft a request to inje…

Read more
LibreNMS Remote Code Execution via Binary Path Manipulation (GHSA-pr3g-phhr-h8fh)
github.com · 2026-04-18

# LibreNMS Remote Code Execution Vulnerability (GHSA-pr3g-phhr-h8fh) ## Vulnerability Overview LibreNMS contains a remote code execution vulnerability. An attacker can modify the **binary path setting…

Read more
Tenda F456 Router mit_ssid Stack Buffer Overflow Vulnerability Analysis
github.com · 2026-04-18

# F456 Vulnerability Summary ## Vulnerability Overview - **Vulnerability Type**: Buffer Overflow - **Affected Component**: `formWriteSet` function in Tenda F456 router - **Trigger Cause**: The functio…

Read more
Tenda F456 httpd NatStaticSetting Buffer Overflow Vulnerability Analysis
github.com · 2026-04-18

# F456 Vulnerability Summary ## Vulnerability Overview - **Title**: F456 Vulnerability - **Type**: Buffer Overflow - **Vendor**: Tenda - **Product**: F456 - **Version**: v1.0.0.5 - **Author**: Li Teng…

Read more
TOTOLINK A7100RU cstecgi.cgi Command Injection Vulnerability with PoC
github.com · 2026-04-18

# A7100RU Command Injection Vulnerability Summary ## Vulnerability Overview * **Vulnerability Type**: Command Injection * **Affected Product**: TOTOLINK A7100RU * **Affected Version**: 7.Acu.2313_b201…

Read more
TOTOLINK A7100RU catsec1.cgi Command Injection Vulnerability Analysis
github.com · 2026-04-18

# A7100RU Vulnerability Summary ## Overview - **Vulnerability Type**: Command Injection - **Affected Component**: `catsec1.cgi` - **Description**: A command injection vulnerability was discovered in `…

Read more
TOTOLINK A7100RU catcgi.cgi Command Injection Vulnerability with PoC
github.com · 2026-04-18

# A7100RU Command Injection Vulnerability Summary ## Vulnerability Overview A command injection vulnerability exists in the `catcgi.cgi` of the TOTOLINK A7100RU router. An attacker can inject arbitrar…

Read more
Tenda F456 httpd Stack Buffer Overflow Vulnerability Analysis
github.com · 2026-04-18

# F456 Vulnerability Summary ## Overview - **Vulnerability Type**: Buffer Overflow - **Affected Component**: `FormWebTypeLibrary` function in `httpd` - **Trigger Condition**: In the user-provided para…

Read more
Construction Management System V1.0 Authenticated SQL Injection in requirements.php
github.com · 2026-04-18

# itsourcecode Construction Management System V1.0 SQL Injection Vulnerability ## Vulnerability Overview * **Vulnerability Type**: SQL Injection * **Affected Product**: Construction Management System …

Read more
LuaTi Coroutine Confusion Vulnerability and Fix Analysis
github.com · 2026-04-18

# LuaTi Vulnerability Summary ## Vulnerability Overview LuaTi has a coroutine confusion vulnerability, where an attacker can use a malicious mod to override functions and steal their return values (e.…

Read more
movary Authorization Bypass Vulnerability in User Management
github.com · 2026-04-18

# Vulnerability Summary: movary User Management Authorization Bypass ## Vulnerability Overview An authorization bypass vulnerability exists in the user management module of `movary` (`/settings/users`…

Read more
SQL Injection in Pharmacy Sales and Inventory System V1.0
github.com · 2026-04-18

# Vulnerability Summary: Pharmacy Sales and Inventory System V1.0 SQL Injection ## Vulnerability Overview * **Project Name**: Pharmacy Sales and Inventory System Project V1.0 * **Vulnerability Type**:…

Read more
Tenda F456 Buffer Overflow in fromgosetting Function via HTTP page Parameter
github.com · 2026-04-18

# F456 Vulnerability Summary ## Overview - **Vulnerability Type**: Buffer Overflow - **Vulnerable Location**: `fromgosetting` function - **Trigger Condition**: Triggered via the `page` parameter in an…

Read more
Construction Management System V1.0 SQL Injection Vulnerability Analysis
github.com · 2026-04-18

# itsourcecode Construction Management System V1.0 SQL Injection Vulnerability (#15) ## Vulnerability Overview * **Vulnerability Type**: SQL Injection * **Affected Product**: Construction Management S…

Read more
Tenda F456 httpd Buffer Overflow Vulnerability (RCE/DoS)
github.com · 2026-04-18

# F456 Vulnerability ## Overview - **Vulnerability Type**: Buffer Overflow - **Affected Component**: `formexeCommand` function in `httpd` - **Description**: This function reads the user-provided param…

Read more
CVE-2024-03349 Privilege Escalation via PUT /settings/users with POC
github.com · 2026-04-18

### Vulnerability Overview - **Vulnerability Name**: Authenticated User Can Self-Escalate to Administrator via PUT /settings/users/{userId} by Setting isAdmin=true - **Vulnerability Description**: An …

Read more
LuaJIT Coroutine Confusion Vulnerability Fix Analysis
github.com · 2026-04-18

# LuaJIT Vulnerability Fix Summary ## Vulnerability Overview - **Vulnerability Type**: Coroutine Confusion - **Affected Function**: `ScriptApiSecurity::GetCurrentModuleName` - **Vulnerability Principl…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.