Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 23479+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
ResourceSpace 8.6 collection_edit.php SQL Injection Vulnerability
www.exploit-db.com · 2026-04-18

# ResourceSpace 8.6 'collection_edit.php' SQL Injection Vulnerability ## Overview - **Vulnerability Type**: SQL Injection - **Affected File**: `collection_edit.php` - **Platform**: PHP - **Release Dat…

Read more
Easy Video to iPod Converter 1.6.20 Local Buffer Overflow (SEH Overwrite) PoC
www.exploit-db.com · 2026-04-18

# Easy Video to iPod Converter 1.6.20 - Buffer Overflow (SEH) ## Vulnerability Overview * **Vulnerability Type**: Local Buffer Overflow * **Trigger Mechanism**: Structured Exception Handling (SEH) Ove…

Read more
Echo Mirage 3.1 Buffer Overflow PoC
www.exploit-db.com · 2026-04-18

# Echo Mirage 3.1 - Buffer Overflow (PoC) ## Vulnerability Overview * **Vulnerability Type**: Buffer Overflow * **EDB-ID**: 40216 * **Release Date**: 2019-01-21 * **Affected Platform**: Windows * **Af…

Read more
Heatmiser Wifi Thermostat 1.7 CSRF Vulnerability (EDB-46100)
www.exploit-db.com · 2026-04-18

# Heatmiser Wifi Thermostat 1.7 - Cross-Site Request Forgery (Admin Update) ## Vulnerability Overview - **Vulnerability Type**: Cross-Site Request Forgery (CSRF) - **Impact**: Attacker can change admi…

Read more
Faleemi Desktop Software 1.8 Local Buffer Overflow (SEH/DEP Bypass) Exploit
www.exploit-db.com · 2026-04-18

# Faleemi Desktop Software 1.8 - Local Buffer Overflow (SEH) (DEP Bypass) ## Vulnerability Overview - **EDB-ID**: 46269 - **Release Date**: 2019-01-28 - **Author**: BZYO - **Type**: Local - **Platform…

Read more
ImpressCMS 1.3.11 'bid' Time-Based Blind SQL Injection
www.exploit-db.com · 2026-04-18

# ImpressCMS 1.3.11 'bid' SQL Injection Vulnerability ## Vulnerability Overview - **Vulnerability Type**: SQL Injection - **Vulnerability ID**: EDB-ID: 46239 - **Release Date**: 2019-01-24 - **Author*…

Read more
HTML5 Video Player 1.2.5 Local Buffer Overflow Vulnerability (EDB-46279)
www.exploit-db.com · 2026-04-18

# HTML5 Video Player 1.2.5 - Local Buffer Overflow (Non SEH) ## Vulnerability Overview * **Vulnerability Type**: Local Buffer Overflow * **EDB-ID**: 46279 * **Release Date**: 2019-01-29 * **Author**: …

Read more
CMSsite 1.0 SQL Injection in category.php cat_id Parameter
www.exploit-db.com · 2026-04-18

# CMSsite 1.0 'cat_id' SQL Injection Vulnerability ## Vulnerability Overview - **Vulnerability Type**: SQL Injection - **Vulnerable File**: `category.php` - **Vulnerable Parameter**: `cat_id` - **EDB-…

Read more
ManageEngine Password Manager Pro/PAM360 SQL Injection Vulnerability (CVE-2026-5785) Advisory
www.manageengine.com · 2026-04-18

# SQL Injection Vulnerability Summary (CVE-2026-5785) ## Vulnerability Overview * **Vulnerability Name**: SQL Injection Vulnerability in Password Manager Pro and PAM360 * **CVE ID**: CVE-2026-5785 * *…

Read more
HAProxy CVE-2026-26080/26081 Vulnerability Advisory
www.haproxy.org · 2026-04-18

### Vulnerability Overview - **CVE-2026-26080 and CVE-2026-26081** - **Release Date**: December 31, 2026 - **Description**: Two vulnerabilities affect certain parts of HAProxy, causing CPU contention …

Read more
Malware Analysis Report: rkqiodtl.exe TrojanDropper
www.virustotal.com · 2026-04-18

# Malware Analysis Report ## Vulnerability Overview - **File Name**: rkqiodtl.exe - **File Type**: EXE executable file - **File Size**: 3.78 MB - **Threat Score**: 25/71 (Medium Risk) - **Detection St…

Read more
HGiga iSherlock OS Command Injection Vulnerability (CVE-2026-6349) Advisory
www.twcert.org.tw · 2026-04-18

# Vulnerability Summary: HGiga iSherlock OS Command Injection ## Overview * **Vulnerability Name**: HGiga iSherlock - OS Command Injection * **Vulnerability ID**: TVN-202604002 / CVE-2026-6349 * **CVS…

Read more
Ruby CGI/URI Vulnerabilities Advisory: CVE-2025-27219/27220/27221
www.ruby-lang.org · 2026-04-18

# Ruby Security Advisory Summary (CVE-2025-27219, CVE-2025-27220, CVE-2025-27221) ## 1. CVE-2025-27219: Denial of Service Vulnerability in CGI::Cookie.parse * **Vulnerability Overview**: `CGI::Cookie.…

Read more
ByteDance DeerFlow Path Traversal and Arbitrary File Write via Bootstrap Mode
www.vulncheck.com · 2026-04-18

# Vulnerability Summary: ByteDance DeerFlow Path Traversal and Arbitrary File Write ## Overview * **Vulnerability Title**: ByteDance DeerFlow Path Traversal and Arbitrary File Write via Bootstrap Mode…

Read more
rsync xattr Use-After-Free via receive_xattr()
www.openwall.com · 2026-04-18

### Vulnerability Overview **Vulnerability Name**: rsync: Use-After-Free via xattr Out-of-Bounds in receive_xattr() **Vulnerability Description**: In the `receive_xattr()` function of rsync, a user-pr…

Read more
OpenStack Keystone LDAP Auth Bypass Vulnerability (CVE-2026-0071)
www.openwall.com · 2026-04-18

# OpenStack Keystone LDAP Identity Backend Vulnerability Summary ## Vulnerability Overview A logic vulnerability exists in the LDAP identity backend of OpenStack Keystone. When the configuration optio…

Read more
CMSsite 1.0 SQL Injection in category.php (CVE-89)
www.vulncheck.com · 2026-04-18

# CMSsite 1.0 SQL Injection via category.php ## Vulnerability Overview CMSsite 1.0 contains a SQL injection vulnerability that allows unauthorized attackers to inject malicious SQL code through the `c…

Read more
Vtiger CRM v8.4.0 Reflected XSS in MailManager (CVE-2025-70936) with POC
www.simonjuguna.com · 2026-04-18

# Vulnerability Summary: Vtiger CRM v8.4.0 Reflected XSS ## Overview - **CVE ID**: CVE-2025-70936 - **Vulnerability Type**: Reflected Cross-Site Scripting (Reflected XSS) - **Affected Module**: MailMa…

Read more
Echo Mirage 3.1 Stack Buffer Overflow Vulnerability Analysis
www.vulncheck.com · 2026-04-18

# Echo Mirage 3.1 Stack Buffer Overflow Vulnerability Summary ## Vulnerability Overview * **Vulnerability Name**: Echo Mirage 3.1 Stack Buffer Overflow via Rules Action Field * **Severity**: HIGH * **…

Read more
Accessibly WordPress Plugin <=3.0.3 Unauthenticated Stored XSS via REST API
www.wordfence.com · 2026-04-18

# Vulnerability Summary: Accessibly <= 3.0.3 Stored XSS Vulnerability ## Overview - **Vulnerability Name**: Accessibly <= 3.0.3 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting v…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.