Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 673— Search: RCE×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
WordPress Plugin Directory 1.2 SQLi/XSS/RCE Vulnerability Analysis
plugins.trac.wordpress.org · 2025-08-07

From this webpage screenshot, the following key vulnerability information can be obtained: - **CVE ID**: CVE-2023-1642 - **Plugin Name**: WordPress Plugin Directory - **Plugin Version**: 1.2 - **Vulne…

Read more
Vvweb 1.0.5 Unauthenticated RCE via Plugin Editor
hkohi.ca · 2025-08-07

### Key Information #### Details - **Software Type**: Web App - **Software Name**: Vvweb - **Affected Version**: 1.0.5 - **Software Vendor**: Vvweb - **Software Link**: [https://github.com/givanz/Vvwe…

Read more
CVE-2025-55300: Komari Cross-site WebSocket Hijacking Leading to RCE
github.com · 2025-08-20

### Key Information #### Vulnerability Overview - **Vulnerability Name**: Cross-site WebSocket Hijacking - **CVE ID**: CVE-2025-55300 - **Severity**: High (8.6/10) - **Affected Versions**: ` and ``. 3…

Read more
Tenda AC20 Unauthenticated RCE via Stack Buffer Overflow (CVE-2025-9087)
github.com · 2025-08-18

### Key Information #### Vulnerability Overview - **Vulnerability Type**: Stack-based Buffer Overflow (CVE-2025-9087) - **Affected Product**: Tenda AC20 Router - **Firmware Version**: V16.03.08.12 - *…

Read more
WooCommerce Order Tip Plugin XSS and CSRF Vulnerability Analysis
plugins.trac.wordpress.org · 2025-08-16

### Key Information - **File Path**: order-tip-woo/trunk/assets/build/front.bundle.js - **Last Modified**: By railmedia 7 weeks ago, revision number 3318615. - **File Size**: 3.1 KB - **Code Content**…

Read more
Tenda AC7 Firmware Buffer Overflow Vulnerability (RCE/DoS) Analysis
github.com · 2025-08-16

### Key Information #### Vulnerability Overview - **Vendor**: Shenzhen Jixiang Tengda Technology Co., Ltd. - **Product**: AC7 - **Vulnerability Type**: Buffer Overflow - **Affected Version**: Firmware…

Read more
Authentication Bypass in Java Blog BaseInterceptor via Path Traversal
gitee.com · 2025-08-24

### Critical Vulnerability Information #### Vulnerability Description There is an authentication bypass vulnerability that allows attackers to access the `/admin/` API without using any token. #### Vu…

Read more
SourceCodester HRIS v1 Unrestricted File Upload Vulnerability Analysis
github.com · 2025-08-27

### Key Information Summary #### Vulnerability Name SourceCodester Human Resource Information System /Superadmin_Dashboard/process/editemployee_process.php Unrestricted Upload Vulnerability #5 #### Af…

Read more
Vweb CMS 1.0.7.2 Arbitrary File Upload to RCE via Rename
github.com · 2025-08-26

### Key Information #### Vulnerability Overview - **Vendor**: Vweb - **Product**: Vweb CMS - **Version**: 1.0.7.2 - **Download Link**: https://github.com/givons/Vweb #### Vulnerability Details - **Vul…

Read more
CVE-2025-55743: RCE via Arbitrary File Upload in User Creation
github.com · 2025-08-23

### Critical Vulnerability Information #### Vulnerability Title RCE through Arbitrary File Upload #### Severity Critical #### Affected Versions 0.2.0 and below #### Fixed Version 0.2.1 #### CVE ID CVE…

Read more
SourceCodester HRIS v1.0 Unauthenticated Unrestricted File Upload Vulnerability
github.com · 2025-08-27

### Key Information Summary #### Vulnerability Overview - **Vulnerability Name**: SourceCodester Human Resource Information System /Admin_Dashboard/process/editemployee_process.php Unrestricted Upload…

Read more
Vweb CMS 1.0.7.2 Arbitrary File Upload Leading to RCE
github.com · 2025-08-26

## Critical Vulnerability Information ### Vulnerability Overview - **Vendor**: Vweb - **Product**: Vweb CMS - **Version**: 1.0.7.2 - **Download Link**: https://github.com/givons/Vweb ### Vulnerability…

Read more
wmallchat TokenInterceptor Authentication Bypass via Path Traversal
github.com · 2025-08-24

### Key Information #### Vulnerability Type - **Incorrect Access Control vulnerability** #### Affected Versions - **latest** #### Issue Description - There is an authentication bypass vulnerability. A…

Read more
Django CVE-2025-57833: Unauthenticated RCE and SQL Injection via Default Config
medium.com · 2025-09-10

### Key Information - **Vulnerability ID**: CVE-2025-57833 - **Vulnerability Type**: Django Unauthenticated, 0-click, RCE, and SQL Injection using default configuration. - **Impact**: - RCE on Windows…

Read more
CVE-2025-6085: Make Connector Authenticated Arbitrary File Upload RCE
ryankozak.com · 2025-09-05

### Key Information - **Vulnerability Name**: Make Connector shello.php ".shell_exec($_GET["cmd"]).""; } ?> EOF curl -k -X POST https://lab1.hacker/wp-json/wp/v2/media \ -H "JWT-API-KEY: YOURFRIENDLYK…

Read more
D-Link DI-8400 jhttpd Stack Buffer Overflow RCE Vulnerability Analysis
github.com · 2025-09-05

### Key Information #### Vulnerability Overview - **Vulnerability Type**: jhttpd Server Buffer Overflow Vulnerability - **Affected Device**: D-Link DI-8400 (Firmware 16.07.26A1) - **CVE ID**: Pending …

Read more
Dive v0.9.3 RCE Vulnerability Analysis (CVE-2022-58176)
github.com · 2025-09-04

### Key Information #### Vulnerability Overview - **Vulnerability Type**: Remote Code Execution (RCE) - **Affected Versions**: >= v0.9.0, <= v0.9.3 - **Fixed Version**: v0.9.4 - **CVE ID**: CVE-2022-5…

Read more
Samsung Galaxy 2023-04 Security Patch: Exynos Modem RCE and SmartThings Vulnerabilities Fixed
security.samsungmobile.com · 2025-09-04

### Critical Vulnerability Information #### Vulnerability Overview - **Release Date**: April 2023 - **Affected Devices**: Samsung Galaxy series devices, including Galaxy S23 Ultra, S23+, S23, etc. - *…

Read more
FreeScout Unserialization Vulnerability Leading to RCE
github.com · 2025-09-04

### Key Information #### Vulnerability Overview - **Vulnerability Type**: Remote Code Execution (RCE) due to deserialization of untrusted data - **CVE ID**: CWE-502: Deserialization of Untrusted Data …

Read more
Insecure File Upload RCE in tianti-module-admin 2.5.0 with POC
github.com · 2025-09-03

### Key Information #### Vulnerability Type - Insecure File Upload Vulnerability #### Affected Versions - tianti-module-admin version 2.5.0 #### Vulnerability Description - Due to the lack of proper f…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.