Security Intel Hub 23479+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

NocoBase plugin-workflow-javascript Sandbox Escape Vulnerability (CVE-2026-6224)

vuldb.com · 2026-04-18

### Vulnerability Overview - **Vulnerability Name**: nocobase plugin-workflow-javascript up to 2.0.23 Vm.js createSafeConsole sandbox - **Vulnerability ID**: CVE-2026-6224 - **CVSS Score**: 6.6 - **Vu…

MobaXterm 26.1 Uncontrolled Search Path Vulnerability (CVE-2026-6421)

vuldb.com · 2026-04-18

### Vulnerability Overview - **Vulnerability Name**: Uncontrolled Search Path in MobaXterm Home Edition 26.1 - **Vulnerability ID**: VDB-358020, CVE-2026-6421, GCVE-100-358020 - **CVSSv3 Score**: 7.0 …

Wavlink WL-WN530H4 OS Command Injection Vulnerability (CVE-2026-6483) Advisory

vuldb.com · 2026-04-18

### Vulnerability Overview - **Vulnerability Name**: Wavlink WL-WN530H4 20220721 /cgi-bin/internet.cgi strcat/sprintf OS command injection - **Vulnerability Type**: OS Command Injection - **Severity**…

arnob78 Hotel Booking Management System Information Disclosure (CVE-2026-6492)

vuldb.com · 2026-04-18

### Vulnerability Overview - **Vulnerability Name**: arnob78 Hotel Booking Management System Information Disclosure Vulnerability - **CVE ID**: CVE-2026-6492 - **CVSS Score**: 4.7 (CVSS v3) - **Vulner…

SQL Injection in QueryMine sms 1.0 admin/deletecourse.php (CVE-2026-6490)

vuldb.com · 2026-04-18

### Vulnerability Overview - **Vulnerability Name**: QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593 GET Request Parameter admin/deletecourse.php ID sql injection - **Vulnerability Type**…

classroombookings Reflected XSS in layout.php (CVE-2026-6486) and Patch

vuldb.com · 2026-04-18

# Vulnerability Overview - **Vulnerability Name**: classroombookings up to 2.17.0 User Display Name layout.php read displayname cross site scripting - **Vulnerability Type**: Cross-Site Scripting (XSS…

lukevella rally <4.8.0 Reset Password DOM-Based XSS via redirectTo (CVE-2026-6493)

vuldb.com · 2026-04-18

### Vulnerability Overview - **Vulnerability Name**: lukevella rally up to 4.7.4 Reset Password reset-password-form.tsx redirectTo cross site scripting - **Vulnerability Description**: An issue was di…

SQL Injection in QueryMine sms admin/editcourse.php (CVE-2026-6488)

vuldb.com · 2026-04-18

### Vulnerability Overview - **Vulnerability Name**: QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593 GET Request Parameter admin/editcourse.php ID sql injection - **Vulnerability Type**: …

Alibaba Cloud ECS IMDS Unauthorized Access Vulnerability and POC

www.aveva.com · 2026-04-18

# Vulnerability Overview **Vulnerability Name**: Unauthorized Access Vulnerability in Alibaba Cloud ECS Instance Metadata Service (IMDS) **Vulnerability Description**: The metadata service (IMDS) of A…

Unauthenticated SQLi in WooCommerce Product Filter < 31.3 (CVE-2026-3830)

wpscan.com · 2026-04-18

# Vulnerability Summary: Product Filter for WooCommerce by WBW < 31.3 - Unauthenticated SQLi ## Vulnerability Overview * **Vulnerability Type**: Unauthenticated SQL Injection (Unauthenticated SQLi) * …

CISA Advisory ICSA-26-106-03: Anviz Multiple Products Vulnerabilities Summary

www.cisa.gov · 2026-04-18

# Anviz Multiple Product Vulnerability Summary ## Vulnerability Overview * **Release Date**: April 16, 2026 * **Alert Code**: ICSA-26-106-03 * **CVSS Score**: 9.8 (Critical) * **Risk Description**: Su…

WordPress Form Maker SQL Injection Vulnerability (CVE-2025-15441) with POC

wpscan.com · 2026-04-18

# WordPress Plugin Form Maker SQL Injection Vulnerability Summary ## Vulnerability Overview - **Vulnerability Name**: Form Maker Forms > Form Options > MySQL Mapping. - Create a query targeting any ta…

Vision Helpdesk Serialized IDOR and Session Prediction Vulnerability Analysis

websec.net · 2026-04-18

# Vulnerability Summary: Vision Helpdesk Critical Vulnerabilities ## Overview * **Vulnerability Name**: Serialized IDOR and Session Prediction * **Affected Software**: Vision Helpdesk * **Vulnerabilit…