Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 673— Search: RCE×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
XSS Vulnerability in itsourcecode POS System
github.com · 2025-09-08

### Critical Vulnerability Information - **Vulnerability Author**: Alphabug - **Affected Versions**: ALL - **Vendor**: itsourcecode - **Software**: Point of Sale System (POS) - [Download Link](https:/…

Read more
AIRI v0.7.2-beta.2 XSS and RCE Vulnerability (CVE-2025-5103) Analysis
github.com · 2025-09-13

### Critical Vulnerability Information #### Vulnerability Types - **XSS (Cross-Site Scripting)** - **RCE (Remote Code Execution)** #### Affected Versions - **AIRI 0.7.2-beta.2_macos_amd64.dmg**: v0.7.…

Read more
Google Pixel June 2025 Security Bulletin: CVE-2025-32874 RCE & DoS Fixes
source.android.com · 2025-09-11

### Key Information #### Release Date and Version - **Release Date**: June 10, 2025 - **Version**: Pixel Update Bulletin - June 2025 #### Security Patches - **List of security vulnerabilities for Pixe…

Read more
Tenda AC20 Router Buffer Overflow Vulnerability (RCE) with POC
github.com · 2025-09-10

### Key Information #### Product Information - **Vendor**: Shenzhen Tenda Technology Co., Ltd. - **Affected Product**: AC20 - **Affected Firmware Versions**: <= V16.03.08.12 (latest) - **Firmware Down…

Read more
MonAI CVE-2025-58757 Unsafe Pickle Deserialization RCE
github.com · 2025-09-10

### Critical Vulnerability Information #### Vulnerability Title - **Unsafe use of Pickle deserialization leads to RCE** #### Severity - **CVSS v3 base metrics**: 8.8 / 10 - **Attack vector**: Network …

Read more
MCP Inspector Pre-Auth XSS Leading to RCE (CVE-2025-58444)
github.com · 2025-09-10

### Critical Vulnerability Information #### Vulnerability Title - **Potential Command Execution in MCP Inspector via XSS When Connecting to an Untrusted MCP Server** #### Severity - **Severity**: High…

Read more
Reflected XSS in itsourcecode POS System
github.com · 2025-09-07

### Critical Vulnerability Information - **BUG Author**: Alphabug - **Affected Version**: ALL - **Vendor**: itsourcecode - **Software**: Point of Sale System (POS) [Download Link](https://itsourcecode…

Read more
Adobe Commerce/Magento CVE-2025-54236 Critical Input Validation Vulnerability Advisory
helpx.adobe.com · 2025-09-10

### Critical Vulnerability Information - **Announcement ID**: APSB25-69 - **Release Date**: September 9, 2025 - **Priority**: 2 #### Vulnerability Overview Adobe has released security updates for Adob…

Read more
SQL Injection in SourceCodester Food Ordering Management System v1.0 (CVE-2025-9832)
github.com · 2025-09-04

### Key Information #### Vulnerability Details - **CVE ID**: CVE-2025-9832 - **Affected Product**: SourceCodester Food Ordering Management System - **Vulnerability Type**: SQL Injection - **Affected F…

Read more
SIM /api/function/execute RCE Vulnerability with POC
github.com · 2025-09-10

### Key Information #### Vulnerability Type - RCE (Remote Code Execution) #### Vulnerability Description - In the latest version of SIM, there is an RCE vulnerability in the `/api/function/execute` in…

Read more
SourceCodester Simple Forum V1.0 admin_class.php SQL Injection Vulnerability
vuldb.com · 2025-09-10

- **Title**: SourceCodester Simple Forum/Discussion System Code Project V1.0 admin_class.php SQL Injection - **Description**: A critical SQL injection vulnerability was discovered in the "admin_class.…

Read more
Swetrix Web Analytics File Upload RCE Vulnerability (CVE-2025-59304) Analysis and Fix
www.depthfirst.com · 2025-09-28

### Key Information #### Vulnerability Overview - **Vulnerability Type**: File Upload Remote Code Execution (RCE) - CVE-2025-59304 - **Impact**: Swetrix Web Analytics #### Vulnerability Details - **Ro…

Read more
WSO2 Authenticated Arbitrary File Upload Leading to RCE (CVE-2025-1862) Advisory
security.docs.wso2.com · 2025-09-27

### Critical Vulnerability Information #### Vulnerability Overview - **Vulnerability ID**: WSO2-2025-3992/CVE-2025-1862 - **Release Date**: 2025-07-15 - **Update Date**: 2025-07-15 - **Version**: 1.0.…

Read more
Pickle Deserialization RCE in Robot Bridge Reasoning Server with PoC
github.com · 2025-09-26

### Key Information #### Vulnerability Type - **Remote Code Execution (RCE) Vulnerability** #### Affected Code - `experiments.robot.bridge.reasoning_server::run_reasoning_server` #### Vulnerability De…

Read more
H3C Magic B3 Router Buffer Overflow Vulnerability (RCE/DoS)
github.com · 2025-09-26

### Key Information #### Product Information - **Vendor**: New H3C Technologies Co., Ltd. - **Affected Product**: Magic B3 - **Affected Firmware Versions**: Magic B3 <= 100R002 - **Firmware Download L…

Read more
Datart Directory Traversal and SnakeYAML Deserialization RCE (CVE-2025-56815/56816)
github.com · 2025-09-26

### Critical Vulnerability Information #### CVE-2025-56815 - **Vulnerability Type**: Directory Traversal - **Affected Versions**: Datart 1.0.0-rc.3 - **Vulnerability Description**: In the POST /viz/im…

Read more
Horilla v1.3 Authenticated RCE via Eval Injection (CVE-2023-48988)
github.com · 2025-09-25

### Key Information #### Vulnerability Overview - **Vulnerability Type**: Authenticated Remote Code Execution (RCE) - **Affected Version**: Horilla v1.3 - **Fixed Version**: 1.3.1 - **CVE ID**: CVE-20…

Read more
SQL Injection in SourceCodester Pet Grooming Management Software v1.0 (inv-print.php)
github.com · 2025-09-24

### Key Information - **Vulnerability Title**: SourceCodester Pet Grooming Management Software inv-print.php SQL Injection Vulnerability - **Affected Version**: SourceCodester Pet Grooming Management …

Read more
Flowise CVE-2025-50528 Critical RCE via Function() Constructor
github.com · 2025-09-24

### Critical Vulnerability Information #### Vulnerability Overview - **Vulnerability Type**: RCE (Remote Code Execution) - **Severity**: Critical (CVSS v3 Base Score: 10.0/10) - **CVE ID**: CVE-2025-5…

Read more
WooCommerce Plugin Estonian Shipping Methods Sensitive Data Exposure
patchstack.com · 2025-09-24

### Key Information - **Vulnerability Description** - **Vulnerability Type**: Sensitive Data Exposure - **Affected Versions**: <= 1.7.2 - **Priority**: Low priority (patch unnecessary) - **Risk**: Thi…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.