Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 23479+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
CVE-2026-5426: Digital Knowledge KnowledgeDeployer ViewState Deserialization RCE
github.com · 2026-04-18

# Vulnerability Summary: MNDT-2026-0009 ## Overview - **Vulnerability ID**: MNDT-2026-0009 - **CVE ID**: CVE-2026-5426 - **Description**: The KnowledgeDeployer deployment may use a pre-shared ASP.NET …

Read more
STProcessMonitor Driver LPE Vulnerability (CVE-2025-70795) and BYOVD Exploitation Analysis
github.com · 2026-04-18

# Vulnerability Summary: STProcessMonitor Driver Vulnerability (CVE-2025-70795) ## Overview * **CVE ID**: CVE-2025-70795 * **Affected Component**: STProcessMonitor Driver (developed by Safetica) * **V…

Read more
Prototype Pollution in protocol-buffers-schema
github.com · 2026-04-18

# Vulnerability Summary: Prototype Pollution in protocol-buffers-schema ## Overview When parsing a proto file, if the field options contain the key `proto`, the parser uses `reduce` to traverse the pa…

Read more
jQuery v3.3.1 XSS Vulnerability Fix Guide (CVE-2019-11358/CVE-2020-11022)
github.com · 2026-04-18

### Vulnerability Overview - **Vulnerability Name**: Vulnerability of jquery v3.3.1 - **CVE ID**: CVE-2019-11358, CVE-2020-11022 - **CVSS Score**: 6.1 (Medium) - **Vulnerability Description**: jQuery …

Read more
Gravity VM heap-buffer-overflow in gravity_vm_exec (CVE-2026-40504)
github.com · 2026-04-18

# Vulnerability Overview **Title**: heap-buffer-overflow in gravity_vm_exec with many string literals + recursion #437 **Status**: Closed (已关闭) **Description**: During the execution of `gravity_vm_exe…

Read more
PraisonAI Unauthenticated WebSocket Session Hijacking (CVE-2025-4289)
github.com · 2026-04-18

# PraisonAI Browser Server WebSocket Unauthorized Session Hijacking Vulnerability Summary ## Vulnerability Overview - **Vulnerability Name**: PraisonAI Browser Server allows unauthenticated WebSocket …

Read more
Nimiq RequestMacroChain Panic Vulnerability Fix: Micro Block Hash Locator Type Check
github.com · 2026-04-18

### Vulnerability Overview In the `nimiq/core-rs-albatross` project, there is a vulnerability related to `RequestMacroChain`. When using a micro block hash as a locator, the system attempts to retriev…

Read more
SQL Injection in Payroll Management and Information System v1.0 with POC
github.com · 2026-04-18

# Payroll Management and Information System v1.0 SQL Injection Vulnerability ## Vulnerability Overview - **Vulnerability Type**: SQL Injection - **Vulnerable File**: `/payroll/view_account.php?emp_id=…

Read more
PraisonAI SQLite SQL Injection Vulnerability in table_prefix Parameter
github.com · 2026-04-18

### Vulnerability Overview This vulnerability involves insufficient protection against SQL injection. Specifically, the `table_prefix` parameter in the file `praisonai/persistence/conversation/sqlite.…

Read more
CVE-2026-37749: CodeAstro Simple Attendance Management System SQL Injection Auth Bypass
github.com · 2026-04-18

### Vulnerability Overview - **CVE ID**: CVE-2026-37749 - **Type**: SQL Injection – Authentication Bypass - **Severity**: Critical (CVSSv3: 9.8) - **Discoverer**: Varad AP Mene - **Date**: 2026-04-16 …

Read more
CVE-2024-43713 GitHub Actions Credential Persistence Vulnerability Analysis
github.com · 2026-04-18

# [Security Report] ArtiPACKED Vulnerability – GitHub Actions Credential Persistence ('artipacked') ## Vulnerability Overview - **Vulnerability Name**: ArtiPACKED - **Vulnerability Type**: GitHub Acti…

Read more
SQL Identifier Injection in prisonal SQLiteConversationStore table_prefix
github.com · 2026-04-18

# SQLiteConversationStore Table Prefix Injection Vulnerability Summary ## Vulnerability Overview In the `SQLiteConversationStore` class of the `prisonal` library, the value of the configuration item `…

Read more
Nimiq Proposal Buffer Signer Out-of-Bounds Access Vulnerability Fix
github.com · 2026-04-18

# Vulnerability Summary ## Vulnerability Overview In the `nimiq/core-rs-albatross` project, there is an **out-of-bounds access vulnerability** in the proposer buffer signer boundary check. - **Root Ca…

Read more
Command Injection in ShoppingCart connect function (ssh.go)
github.com · 2026-04-18

# Vulnerability Summary: Command Injection Vulnerability in the `connect` Function ## Overview A command injection vulnerability exists in the `connect` function within the `ssh.go` file. This vulnera…

Read more
Vehicle Showroom Management System V1.0 Unauthenticated SQL Injection
github.com · 2026-04-18

# Vulnerability Summary: Vehicle Showroom Management System SQL Injection ## Vulnerability Overview * **Affected Product**: Vehicle Showroom Management System V1.0 * **Vulnerability Type**: SQL Inject…

Read more
Critical RCE in praisonai via workflow YAML (CVE-2026-40288) with POC
github.com · 2026-04-18

# Key Information Summary ## Vulnerability Overview - **Vulnerability Name**: Critical RCE via `type: job` workflow YAML - **Vulnerability Description**: The `praisonai` command `workflow run ` loads …

Read more
Vehicle Parking Area Management System v1.0 SQL Injection Vulnerability (CVE-2021-4480) with POC
github.com · 2026-04-18

# Vulnerability Summary ## Overview - **Vulnerability Name**: Vehicle Parking Area Management System v1.0 SQL Injection - **Vulnerability Type**: SQL Injection - **Vulnerability ID**: CVE-2021-4480 - …

Read more
Payroll Management System v1.0 SQL Injection Vulnerability and POC
github.com · 2026-04-18

# Payroll Management and Information System v1.0 SQL Injection Vulnerability ## Vulnerability Overview - **Vulnerability Name**: SQL injection 2 - **Vulnerability Type**: SQL Injection - **Affected Fi…

Read more
Simple Music Cloud v1.0 SQL Injection Vulnerability and POC
github.com · 2026-04-18

# Simple Music Cloud Community System v1.0 SQL Injection Vulnerability ## Vulnerability Overview * **Vulnerability Type**: SQL Injection * **Vulnerability ID**: SQL injection 4 * **Vulnerability Autho…

Read more
Vehicle Parking Area Management System v1.0 SQL Injection Vulnerability with POC
github.com · 2026-04-18

# Vehicle Parking Area Management System v1.0 SQL Injection Vulnerability ## Vulnerability Overview - **Vulnerability Type**: SQL Injection - **Vulnerable File**: `/parking/view_parked_details.php` - …

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.