Security Intel Hub 23479+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

craftql SSRF Vulnerability Report and PoC

github.com · 2026-04-18

# craftql_ssrf Vulnerability Report ## Vulnerability Overview This is a vulnerability report on `craftql_ssrf`, including code analysis, proof of concept (PoC), and reproduction steps. ## Impact Scope…

Basic Library System v1.0 SQL Injection Vulnerability with POC

github.com · 2026-04-18

# Basic Library System v1.0 SQL Injection Vulnerability ## Vulnerability Overview - **Vulnerability Type**: SQL Injection - **Vulnerable File**: `/librarysystem/load_student.php` - **Vulnerable Locati…

Krayin CRM 2.2.x SQL Injection Vulnerability (CVE-2026-38528) Analysis and Fix

github.com · 2026-04-18

# CVE-2026-38528 Vulnerability Summary ## Overview * **CVE ID**: CVE-2026-38528 * **Vulnerability Type**: SQL Injection (CWE-89) * **Affected Product**: Krayin CRM (version 2.2.x) * **Root Cause**: Th…

Pyro 3.x Unsafe Pickle Deserialization Leads to Unauthenticated RCE

github.com · 2026-04-18

# Vulnerability Overview Pyro 3.x contains an insecure pickle deserialization vulnerability. An attacker can send a specially crafted serialized payload to a Pyro 3.x server and exploit Python’s `pick…

git-js block-unsafe-operations-plugin.ts security configuration and bypass fix analysis

github.com · 2026-04-18

### Vulnerability Overview This vulnerability involves the file `block-unsafe-operations-plugin.ts` in the `git-js` project. The vulnerability allows an attacker to bypass security restrictions via sp…

CVE-2024-40259: Arbitrary File Delete Vulnerability and Fix

github.com · 2026-04-18

# Vulnerability Summary: Publish Reader Can Arbitrarily Delete Attribute View Files ## Overview - **Vulnerability Name**: Publish Reader Can Arbitrarily Delete Attribute View Files via `/api/av/remove…

CVE-2025-65135: Time-Based Blind SQL Injection in School Management System

github.com · 2026-04-18

# CVE-2025-65135 Vulnerability Summary ## Overview * **Vulnerability Type**: Time-Based Blind SQL Injection * **Vulnerability ID**: CVE-2025-65135 * **Affected Product**: School Management System (ver…

simple-git RCE via case-insensitive protocol.allow config bypass

github.com · 2026-04-18

### Vulnerability Overview **Vulnerability Name**: `blockUnsafeOperationsPlugin` bypass via case-insensitive `protocol.allow` config key enables RCE **Vulnerability Description**: - The `blockUnsafeOp…

CVE-2026-38530: Krayin CRM Broken Object-Level Authorization (BOLA) Analysis

github.com · 2026-04-18

# CVE-2026-38530 Vulnerability Summary ## Overview * **Vulnerability Name**: Krayin CRM Broken Object-Level Authorization (BOLA) * **CVE ID**: CVE-2026-38530 * **Vulnerability Type**: Insecure Direct …

simple-git Command Injection via Option-Parsing Bypass (CVE-2022-25860 Patch Bypass) with POC

github.com · 2026-04-18

### Vulnerability Overview **Vulnerability Name**: Command Execution via Option-Parsing Bypass in simple-git **Vulnerability Description**: - `simple-git` is a library that allows running native Git c…

CVE-2025-63939: SQL Injection in Grocery Store Management System PHP App

github.com · 2026-04-18

# CVE-2025-63939 Vulnerability Summary ## Vulnerability Overview * **Vulnerability Type**: SQL Injection * **Vulnerability ID**: CVE-2025-63939 * **CVSS Score**: 9.8 (Critical) * **Affected Component*…

SiYuan Mermaid javascript: Injection Leads to Stored XSS and Electron RCE (CVE-2024-40322)

github.com · 2026-04-18

# SiYuan Mermaid `javascript:` Link Injection Leads to Stored XSS and Electron RCE ## Vulnerability Overview When rendering Mermaid diagrams, SiYuan uses the configuration `securityLevel: "loose"`, wh…

CVE-2025-65134: Reflected XSS in School Management System

github.com · 2026-04-18

# CVE-2025-65134 Vulnerability Summary ## Overview * **Vulnerability Type**: Reflected Cross-Site Scripting (Reflected XSS) * **CVE ID**: CVE-2025-65134 * **Affected Product**: School Management Syste…

Homebox CVE-2026-40196 Insecure Default Group Privilege Escalation via API

github.com · 2026-04-18

# Vulnerability Summary ## Overview - **Vulnerability Title**: The `defaultGroup` ID and access permissions remain retained after revoking access to the said group (“collection”). - **Description**: T…

SiYuan Note Path Traversal in removeUnusedAttributeView Leading to Arbitrary File Deletion

github.com · 2026-04-18

# Vulnerability Summary: Path Traversal in `removeUnusedAttributeView` Leads to Arbitrary File Deletion ## Vulnerability Overview - **Vulnerability Type**: Path Traversal (CWE-22) - **Affected Compone…

Stirling-PDF Reflected XSS Vulnerability (CVE-2026-33436) Analysis and Fix

github.com · 2026-04-18

# Vulnerability Summary: Stirling-PDF Reflected XSS Vulnerability ## Overview - **Vulnerability Name**: Reflected XSS Triggered by Malicious Filename in File Upload Functionality - **Vulnerability Typ…

SiYuan Bazaar README XSS via iframe srcdoc (CVE-2026-40922)

github.com · 2026-04-18

# Vulnerability Summary: CVE-2026-33066 ## Overview **Title**: Incomplete fix for CVE-2026-33066: XSS in github.com/siyuan-note/siyuan **CVE ID**: CVE-2026-40922 **Severity**: Moderate **CWE**: CWE-79…

sigstore timestamp-authority Improper Certificate Validation Bypass (CVE-2020-39984)

github.com · 2026-04-18

# Vulnerability Overview **Title**: Improper Certificate Validation in verifier **Severity**: Moderate (5.5 / 10) **CVE ID**: CVE-2020-39984 **GHSAs**: GHSA-xm5m-wgh2-rrg3 **Release Date**: 3 days ago…

SP1 V6 Recursive Circuit Row Count Binding Integrity Vulnerability

github.com · 2026-04-18

# Security Advisory: SP1 V6 Recursive Circuit Row Count Binding Vulnerability ## Vulnerability Overview A **soundness vulnerability** exists in the SP1 V6 recursive shard verifier, allowing a maliciou…

OpenJPEG Integer Overflow in Encoding Path Leading to Heap Buffer Overflow

github.com · 2026-04-18

# Vulnerability Summary: Integer Overflow in OpenJPEG Leads to Heap Buffer Overflow ## Overview There is an integer overflow vulnerability in the `opj_pi_initialise_encode()` function. The vulnerabili…

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.

Goal Reached Thanks to every supporter — we hit 100%!

Security Intel Hub 23479+