Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 330— Search: GHSA×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
CVE-2020-26254: omniauth-apple Email Spoofing Vulnerability
github.com · 2025-11-11

## Vulnerability Key Information ### Vulnerability Overview - **Title**: Vulnerability allows attacker to fake their email address during authentication - **CVE ID**: CVE-2020-26254 - **GHSA ID**: GHS…

Read more
flumedb Uninitialized Memory Read Vulnerability (RUSTSEC-2021-0086/CVE-2021-45684)
raw.githubusercontent.com · 2025-11-11

### Key Information #### Vulnerability ID - **ID**: RUSTSEC-2021-0086 - **Package**: flumedb - **Date**: 2021-01-07 #### Related Links - **URL**: https://github.com/sunrise-choir/flumedb-rs/issues/10 …

Read more
CVE-2024-4196: Remote Code Execution in Elektra Web via Code Injection
github.com · 2025-11-10

# Critical Vulnerability Information ## Vulnerability Name Remote Code Execution in Universal Search ## Vulnerability Identifiers - **GHSA ID**: GHSA-6j2h-486h-487q - **CVE ID**: CVE-2024-4196 - **CVS…

Read more
TinyMCE 6.8.4 Security Fix: CVE-2024-38357/38356 XSS Vulnerabilities
www.tiny.cloud · 2025-11-10

### Critical Vulnerability Information #### Security Fixes in TinyMCE 6.8.4 - **HTML Entities in noscript Elements Caused XSS Vulnerability** - A cross-site scripting (XSS) vulnerability was discovere…

Read more
AWS RES Information Disclosure Vulnerability (CVE-2025-12815)
aws.amazon.com · 2025-11-10

### Key Information - **CVE ID**: CVE-2025-12815 - **Bulletin ID**: AWS-2025-026 - **Scope**: AWS - **Content Type**: Important (requires attention) - **Publication Date**: 2025/11/6 9:15 AM PDT #### …

Read more
Netavark DNS Resolution Vulnerability (CVE-2025-8283) Advisory
github.com · 2025-11-09

### Key Information #### Vulnerability Overview - **CVE ID**: CVE-2025-8283 - **GHSA ID**: GHSA-rpcf-rmh6-42xr - **Release Date**: July 29, 2023 - **Last Updated**: July 30, 2023 - **Vulnerability Sev…

Read more
yt-dlp CVE-2023-46121 Generic Extractor Arbitrary Proxy Injection MITM Vulnerability
github.com · 2025-11-08

### Key Information #### Vulnerability Name Generic Extractor MITM Vulnerability via Arbitrary Proxy Injection #### CVE ID CVE-2023-46121 #### CVSS V3 Base Metrics - **Severity**: Medium (5.0 / 10) - …

Read more
Woodpecker CI Environment Variable Injection Fix (CVE-2024-41122)
github.com · 2025-11-07

### Vulnerability Key Information - **Pull Request Title**: Add blocklist of environment variables who could alter execution of plugins #3934 - **Merge Status**: Merged - **Merge Date**: Jul 19, 2024 …

Read more
CVE-2021-29418: netmask npm package octal input mishandling bypasses IP access control
github.com · 2025-11-07

# Critical Vulnerability Information ## Vulnerability Overview - **CVE ID**: CVE-2021-29418 - **GHSA ID**: GHSA-pch5-whg9-qr2r - **Vulnerability Name**: netmask npm package mishandles octal input data…

Read more
Vyper CVE-2023-46232: Immutable Variable Initialization Overwrite Bug
github.com · 2025-11-07

## Key Information about the Vulnerability ### Overview - **Title**: First Immutable Variable Initialization - **Severity**: Moderate - **Published by**: hedgar2017 on Oct 25, 2023 - **GHSA ID**: GHSA…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.