Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 330— Search: GHSA×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Rust Cache Crate Thread Safety Vulnerability (RUSTSEC-2020-0128/CVE-2020-36448)
rustsec.org · 2025-11-08

This image is from the Rust Security Advisory Database. Here are the key points about the vulnerability: ### Key Information: - **Advisory ID:** RUSTSEC-2020-0128 - **Reported Date:** November 24, 202…

Read more
lxml_html_clean XSS via SVG/Math context switching bypass (CVE-2024-52595)
github.com · 2024-11-24

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Name**: HTML Cleaner allows crafted scripts in special contexts like svg or math…

Read more
CraftCMS file:// Validation Bypass Leading to File Overwrite and Potential RCE
github.com · 2024-11-17

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Name**: Local File System Validation Bypass Leading to File O…

Read more
FirebirdSQL CVE-2020-33337 Buffer Overflow in Slice Packet Parsing
github.com · 2026-04-18

# Vulnerability Overview **Title**: Buffer overflow on parsing corrupted slice packet **CVE ID**: CVE-2020-33337 **CVSS v3 Score**: 7.5 / 10 (High) **Reporter**: dyemanov **Published Time**: 17 hours …

Read more
h3 Framework Request Smuggling Vulnerability (CVE-2026-23527) Analysis and Fix
simonkoeck.com · 2026-04-18

# Vulnerability Summary: h3 Framework Request Smuggling Vulnerability ## Overview - **Vulnerability Name**: h3 Framework Request Smuggling Vulnerability - **CVE ID**: CVE-2026-23527 - **GHSA ID**: GHS…

Read more
fast-jwt CVE-2026-35041 ReDoS Vulnerability and Fix Analysis
github.com · 2026-04-10

### Vulnerability Summary **1. Vulnerability Overview** * **CVE ID**: CVE-2026-35041 * **GHSA ID**: GHSA-cjw9-ghj4-fwxf * **Vulnerability Type**: ReDoS (Regular Expression Denial of Service) * **Descr…

Read more
Parse Server CVE-2024-34351: Auth Data Exposure via Verify Password Endpoint
github.com · 2026-04-02

## Vulnerability Key Information Summary ### Vulnerability Overview - **Vulnerability Name**: Auth data exposed via verify password endpoint - **CVE ID**: CVE-2024-34351 - **Severity**: High (8.2/10) …

Read more
Parse Server GraphQL Complexity Validator DoS Vulnerability (CVE-2024-34373)
github.com · 2026-04-02

## Vulnerability Key Information Summary ### Vulnerability Overview **GraphQL Complexity Validator Exponential Fragment Traversal DoS** The GraphQL query complexity validator contains a vulnerability …

Read more
sealed-secrets CVE-2026-22728: rotate endpoint widens sealing scope to cluster-wide
github.com · 2026-02-26

### Key Information **Vulnerability Title**: `sealed-secrets /v1/rotate can widen sealing scope to cluster-wide via attacker-controlled template annotations` **SHSA ID**: `GHSA-465p-v42x-3fmj` **CVE I…

Read more
free5GC SMF PFCP Null Pointer Dereference DoS (CVE-2026-25501)
github.com · 2026-02-24

Thinking Process: 1. **Analyze the Request:** * **Task:** Translate a Chinese vulnerability intelligence summary to English. * **Role:** Professional translator specializing in cybersecurity. * **Cons…

Read more
Boltz Insecure Deserialization RCE (CVE-2025-70560)
github.com · 2026-02-21

### Key Information - **Vulnerability Title** - Boltz contains an insecure deserialization vulnerability in its molecule loading functionality - **CVE ID** - CVE-2025-70560 - **GHSA ID** - GHSA-fjm6-8…

Read more
OpenSift SSRF Vulnerability (CVE-2026-27170) Fix Details
github.com · 2026-02-21

### Vulnerability Key Information #### Vulnerability Description - **Vulnerability Name**: SSRF risk in OpenSift URL ingestion endpoint - **CVE ID**: CVE-2026-27170 - **Release Date**: 2 days ago - **…

Read more
Claude Code Symbolic Link Permission Bypass (CVE-2026-25724)
github.com · 2026-02-07

### Vulnerability Key Information - **Vulnerability Name**: Permission Deny Bypass Through Symbolic Links - **CVE ID**: CVE-2026-25724 - **GHSA ID**: GHSA-4q92-rfm6-2cqxl - **Publisher**: ddwroken - *…

Read more
node-tar Arbitrary File Read/Overwrite via Hardlink Path Traversal (CVE-2026-24842)
github.com · 2026-01-28

From this webpage screenshot, the following key information about the vulnerability can be obtained: ### Vulnerability Summary - **Vulnerability Name**: Arbitrary File Read/Overwrite via Hardlink Path…

Read more
Aiven BigQuery Sink Connector Arbitrary File Read/SSRF Vulnerability (CVE-2026-23529)
github.com · 2026-01-20

## Critical Vulnerability Information ### Vulnerability Description - **Vulnerability Name**: Arbitrary File Read in Google BigQuery Sink connector - **CVE ID**: CVE-2026-23529 - **GHSA ID**: GHSA-3mg…

Read more
Nextcloud user_saml Open Redirect via RelayState (CVE-2024-22400)
github.com · 2025-11-11

### Key Information **Vulnerability Title**: Open redirect in user_saml via RelayState parameter **CVE ID**: CVE-2024-22400 **GHSA ID**: GHSA-622q-xhfr-xmv7 **Release Date**: Jan 18, 2024 **Severity**…

Read more
OpenOlat Path Traversal Leading to Code Execution (CVE-2021-39180)
github.com · 2025-11-11

## Summary **Vulnerability**: Path Traversal in Archive Handling Leading to Code Execution **GHSA ID**: GHSA-x95v-2pgj-9x8j **CVE ID**: CVE-2021-39180 **Severity**: High **Published Date**: Aug 31, 20…

Read more
containerd CRI Attach Goroutine Leak Memory Exhaustion Vulnerability (CVE-2025-64329)
github.com · 2025-11-09

### Key Information Summary #### Vulnerability Overview - **Title**: Host memory exhaustion through goroutine leaks of Attach functionality in CRI server - **GHSA ID**: GHSA-m6hq-p25p-ffr2 - **CVE ID*…

Read more
XWiki Blog Plugin RCE via Script Macro (CVE-2025-58365)
github.com · 2025-09-10

### Critical Vulnerability Information #### Vulnerability Overview - **Title**: Privilege escalation (PR) from account through blog content - **CVE ID**: CVE-2025-58365 - **GHSA ID**: GHSA-gwj6-xpfg-p…

Read more
Rust transpose library integer overflow leading to out-of-bounds write (CVE-2023-53156)
github.com · 2025-07-30

### Critical Vulnerability Information #### Vulnerability Overview - **CVE ID**: CVE-2023-53156 - **GHSA ID**: GHSA-5gmm-6m36-r7j - **Severity**: Medium (4.5/10) - **Release Date**: April 5, 2024 - **…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.