Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 673— Search: RCE×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
ggml Library Arbitrary RCE Vulnerability Analysis: tensor->op Logic Flaw
github.com · 2026-04-02

Based on the webpage screenshots provided by the user, I have extracted the following key information regarding the vulnerability: 1. **Vulnerability Overview**: * This is an arbitrary RCE (Remote Cod…

Read more
Salesforce Agentforce & Anypoint Code Builder Arbitrary Command Execution Leading to RCE (CVE-2025-10875, CVE-2025-64320
help.salesforce.com · 2025-11-05

## Vulnerability Key Information ### Vulnerability Description Salesforce Security has identified and resolved vulnerabilities in the "Agentforce Vibes extension" and "MuleSoft Anypoint Code Builder f…

Read more
Keycloak CVE-2020-4030 UMA Policy Bypass Vulnerability Analysis
bugzilla.redhat.com · 2026-04-02

### **CVE-2020-4030 Vulnerability Summary** --- #### **1. Vulnerability Overview (漏洞概述)** - **Title:** CVE-2020-4030: UMA policy bypass allows

Read more
Roundcube Password Plugin Type Juggling Vulnerability Fix
github.com · 2026-04-03

**1. Extracted Key Information:** - **Commit ID:** 6a27567 - **Title:** Fix bug where a password could get changed without providing the old password - **Description:** -

Read more
OpenSourcePOS 3.4.1 CVE-2026-26746 LFI to RCE via Invoice Type
github.com · 2026-02-21

- **CVE ID**: CVE-2026-26746 - **Vulnerability Type**: Local File Inclusion (LFI) and Directory Traversal (CWE-22) - **Affected Product**: OpenSourcePOS - **Affected Version**: 3.4.1 - **Affected Comp…

Read more
Apple macOS GeForce.kext Null Pointer Dereference Leading to Kernel RCE (CVE-2016-1846)
www.exploit-db.com · 2025-11-20

- **Title**: Apple Mac OS X Kernel - Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext - **EDB-ID**: 39920 - **CVE**: 2016-1846 - **Author**: Google Security Research - **Type…

Read more
Linux Kernel RCU Crash Fix: CONFIG_FORCE_NR_CPUS percpu access bug
git.kernel.org · 2024-11-11

From this webpage screenshot, we can extract the following key information about the vulnerability: 1. **Vulnerability Description**: - The vulnerability describes a scenario during kernel build where…

Read more
premsql LLM Prompt Injection RCE (CVE premsql-rce) Analysis and POC
github.com · 2026-04-06

## Vulnerability Overview **Prompt Injection RCE (CVE premsql-rce)** - A prompt injection remote code execution vulnerability targeting LLM applications. Attackers use carefully crafted malicious prom…

Read more
Huatian Software InforCenter PLM Arbitrary File Upload leading to RCE
my.feishu.cn · 2026-04-02

### 漏洞关键信息总结 * **漏洞概述**:山东和泰软件有限公司(Shandong Hoteam Software Co., Ltd.)的产品存在任意文件上传漏洞,可导致远程代码执行(RCE)。 * **影响范围**:Huatan Software InforCenter PLM BaseHandle(华天软件 InforCenter PLM BaseHandle)。 * **修复方案**:截…

Read more
WordPress WP E-Commerce Plugin Arbitrary File Upload Leading to RCE
github.com · 2026-04-02

### Vulnerability Summary **Overview** * **Vulnerability Type:** Arbitrary File Upload / Remote Code Execution (RCE) * **Affected Component:** WordPress plugin `wp-ecommerce` (specifically `wp-ecommer…

Read more
CVE-2025-70457: Arbitrary File Upload in Sourcecodester Modern Image Gallery v1.0 Leading to RCE
github.com · 2026-01-27

## Vulnerability Key Information ### Vulnerability Name Arbitrary File Upload in Sourcecodester Modern Image Gallery v1.0 Leading to Remote Code Execution ### Vulnerability Severity - **Severity Level…

Read more
SourceCoders Online Shopping Portal 3.1 RCE via SQLi and Unrestricted File Upload (CVE-2023-38890)
tagmachan.com · 2025-12-09

### Key Information Summary #### Vulnerability Overview - **CVE ID**: CVE-2023-38890 - **Affected Version**: SourceCoders Online Shopping Portal 3.1 - **Vulnerability Type**: Remote Code Execution (RC…

Read more
SourceCodester Prison Management System v1.0 Unrestricted File Upload RCE
vuldb.com · 2025-11-13

## Vulnerability Key Information **Title**: https://www.sourcecodester.com Prison Management System v1.0 remote command/code execute **Description**: A critical vulnerability has been discovered in th…

Read more
WooCommerce Return Refund and Exchange < 4.0.9 Unauthenticated Arbitrary File Upload to RCE (CVE-2022-4047)
wpscan.com · 2025-11-09

### Key Information - **Vulnerability Name**: Return Refund and Exchange For WooCommerce < 4.0.9 - Unauthenticated Arbitrary File Upload - **Vulnerability Description**: The plugin does not validate a…

Read more
Open Source Job Portal V1.0 File Upload Vulnerability and RCE POC
github.com · 2025-09-29

### Critical Vulnerability Information #### Affected Product - **Product Name**: Open Source Job Portal V1.0 - **Version**: V1.0 - **Affected File**: /jobportal/admin/user/controller.php?action=photos…

Read more
itsourcecode E-Commerce Website V1.0 Unrestricted File Upload
vuldb.com · 2025-09-19

- **Title**: itsourcecode E-Commerce Website V1.0 Unrestricted Upload - **Description**: The 'products.php' script suffers from insufficient validation and filtering of uploaded files. An attacker can…

Read more
SourceCodester Pet Grooming System v1.0 Authenticated File Upload to RCE
vuldb.com · 2025-09-09

### Critical Vulnerability Information #### Vulnerability Title SourceCodester Pet grooming management software 1.0 OS Command Injection #### Description - Title: [Authenticated File Upload → Remote C…

Read more
Atlassian Sourcetree RCE Vulnerability (CVE-2024-21697) Advisory
jira.atlassian.com · 2024-11-24

### Key Information #### Vulnerability Description - **Type**: Public Security Vulnerability - **Priority**: High - **Affected Versions**: 4.2.8, 3.4.19 - **Component**: None - **Tags**: advisory, adv…

Read more
SpEL Injection RCE in baomidou dynamic-datasource via @DS Annotation
github.com · 2026-04-26

# SpEL Injection Vulnerability Summary ## Overview - **Vulnerability Name**: SpEL Injection in baomidou_dynamic-datasource - **Vulnerability ID**: #766 - **Vulnerability Type**: Server-side Expression…

Read more
dynamic-datasource RCE Vulnerability Analysis and POC
github.com · 2026-04-26

### Vulnerability Overview In the `dynamic-datasource` project, there is a potential Remote Code Execution (RCE) vulnerability located in the `DsSpelExpressionProcessor` class. This vulnerability may …

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.