Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 673— Search: RCE×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
ChurchCRM <=7.0.5 Unauthenticated RCE in Install Wizard with POC
github.com · 2026-04-08

### Vulnerability Key Information Summary **Vulnerability Overview** An unauthenticated remote code execution (RCE) vulnerability exists in the ChurchCRM installation wizard. During the initial instal…

Read more
ChurchCRM Path Traversal to RCE via Backup Restore
github.com · 2026-04-08

### Vulnerability Summary **Vulnerability Overview** A path traversal vulnerability exists in the backup restoration functionality of ChurchCRM. An authenticated administrator can exploit this vulnera…

Read more
Unauthenticated RCE in gpt-researcher via MCP Command Injection
github.com · 2026-04-06

# Vulnerability Summary: Unauthenticated Remote Code Execution (RCE) in gpt-researcher ## Vulnerability Overview * **Vulnerability Name**: Unauthenticated Remote Code Execution via MCP Command Injecti…

Read more
Datart v1.0.0-rc.3 SSTI to RCE via Freemarker (CVE-2025-70830) with PoC
github.com · 2026-02-21

### Vulnerability Overview - **CVE ID:** CVE-2025-70830 - **Affected Product:** Datart - **Affected Version:** v1.0.0-rc.3 - **Vulnerability Type:** Server-Side Template Injection (SSTI) - **Severity …

Read more
PickleScan <0.0.23 ZIP Flag Bypass Leading to PyTorch Model RCE (CVE-2025-1945)
www.sonatype.com · 2026-01-03

## CVE-2025-1945 ### Summary PickleScan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specific bits in th…

Read more
pdfforge PDF Architect CBZ Parsing Directory Traversal RCE (CVE-2025-14420)
www.zerodayinitiative.com · 2025-12-29

### Vulnerability Key Information #### Basic Information - **Title**: (0Day) pdfforge PDF Architect CBZ File Parsing Directory Traversal Remote Code Execution Vulnerability - **ID**: - ZDI-25-1077 - Z…

Read more
SEC Consult Vulnerability List: GiroWeb NFC, MPDV LFI, CleverControl RCE
www.sec-consult.com · 2025-11-08

## Key Information Summary - **Vulnerability Lab**: SEC Consult operates its internal security lab to ensure international excellence in network and application security. - **Responsible Disclosure Po…

Read more
StarCharge Artemis AC Charger Vulnerabilities: RCE, Stack Overflow, Hardcoded Key
github.com · 2025-10-27

From this webpage screenshot, the following key vulnerability information can be extracted: 1. **Vulnerability Description**: - First vulnerability: An issue in the Web Configuration module allows aut…

Read more
ChurchCRM <=5.18.0 Path Traversal Leading to RCE Analysis
github.com · 2025-10-19

### Key Information #### Vulnerability Overview - **Vulnerability Type**: Path traversal leading to remote code execution - **Affected Product**: ChurchCRM versions <= 5.18.0 - **Disclosure Status**: …

Read more
osCommerce 2.2 RC2a File Manager Arbitrary Code Execution (EDB-9556)
www.exploit-db.com · 2025-09-18

### Key Information - **Vulnerability Name**: osCommerce Online Merchant 2.2 RC2a - Code Execution - **EDB-ID**: 9556 - **CVE**: None - **Author**: FLYH4T - **Type**: WEBAPPS - **Platform**: PHP - **D…

Read more
PyTorch Multiple CVEs Advisory: RCE, Buffer Overflow, and Incorrect Calculation
gist.github.com · 2025-09-26

### Critical Vulnerability Information #### Vulnerability IDs - CVE-2022-46184 - CVE-2022-46185 - CVE-2022-46186 - CVE-2022-46187 - CVE-2022-46188 - CVE-2022-46189 - CVE-2022-46190 #### Affected Produ…

Read more
Elasticsearch 7.14.x Security Bulletin: Multiple CVEs (RCE/LPE)
docs.suitecrm.com · 2025-08-08

From this webpage screenshot, the following key vulnerability information can be obtained: ### 7.14.x Releases #### 7.14.7 - **CVEs** - CVE-2023-25689: Privilege escalation vulnerability in Elasticsea…

Read more
Fastjson Deserialization RCE in SysGeneratorController
github.com · 2025-04-09

### Critical Vulnerability Information #### Vulnerability Location - In the `SysGeneratorController.java` class, at the `@RequestMapping("/code")` endpoint, specifically at the `JSON.parseArray(tables…

Read more
Codezips E-commerce Site 1.0 search.php SQL Injection Vulnerability
vuldb.com · 2024-11-26

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Title**: Codezips E-commerce Site Using PHP With Source Code …

Read more
Cisco RCM Debug RCE and Info Disclosure Vulnerabilities (CVE-2022-20649/20648) Advisory
sec.cloudapps.cisco.com · 2024-11-17

From this webpage screenshot, the following key information about the vulnerabilities can be obtained: 1. **Vulnerability Type**: - **CVE-2022-20649**: Cisco RCM Debug Remote Code Execution Vulnerabil…

Read more
WooCommerce Plugin Search order by product SKU <= 0.2 XSS Vulnerability
patchstack.com · 2024-11-11

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Title**: WordPress Search order by product SKU for WooCommerc…

Read more
PyTorch Distributed RPC RemoteModule Deserialization RCE Vulnerability with PoC
rumbling-slice-eb0.notion.site · 2024-11-03

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Type**: Distributed RPC Framework RemoteModule has Deserialization RCE in pytorc…

Read more
SourceCodester Purchase Order Management System v1.0 Command Execution via /admin?page=user (CVE-2024-48454)
github.com · 2024-10-26

From this webpage screenshot, the following key vulnerability information can be obtained: 1. **CVE-ID**: - CVE-2024-48454 2. **Description**: - A vulnerability in SourceCodester Purchase Order Manage…

Read more
Linux Kernel RCU CONFIG_FORCE_NR_CPUS Misconfiguration Causes System Crash
git.kernel.org · 2024-10-24

From this webpage screenshot, we can extract the following key information about the vulnerability: 1. **Vulnerability Description**: - The vulnerability describes that when the `CONFIG_FORCE_NR_CPUS`…

Read more
YITH WooCommerce Ajax Search <2.7.1 XSS Vulnerability (CVE-2024-7846)
wpscan.com · 2024-09-24

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: YITH WooCommerce Ajax Search < 2.7.1 2. **Vulnerability Type**: XSS (Cross-Site…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.