Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 673— Search: RCE×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
GeoVision CVE-2018-25118 Command Injection RCE via /PictureCatch.cgi
www.vulncheck.com · 2025-10-21

### Key Information - **Vulnerability Name**: GeoVision Command Injection RCE via /PictureCatch.cgi - **Severity**: CRITICAL - **Date**: October 20, 2025 - **Affected Scope**: - GV-BX1500 firmware ver…

Read more
CVE-2025-61456: Reflected XSS in E-commerce index.php
github.com · 2025-10-21

### Key Information #### Vulnerability Overview - **CVE ID**: CVE-2025-61456 - **Disclosure Date**: October 13, 2025 - **Severity**: Medium (CVSS v3.1 Score: 6.1) - **Vulnerability Type**: Reflected C…

Read more
CVE-2025-61455: SQL Injection in E-commerce signup.inc.php
github.com · 2025-10-20

### Key Information #### Vulnerability Overview - **CVE ID**: CVE-2025-61455 - **Disclosure Date**: October 13, 2025 - **Severity**: CRITICAL (CVSS v3.1: 9.8) #### Affected Product - **Vendor**: Indep…

Read more
LogoFAIL Advisory: BIOS UEFI Image Parser RCE/DoS (CVE-2023-39538/39539/52080)
support.ieisystem.com · 2025-11-08

### Key Information - **Alert ID**: IEIT-SA-202404-001 - **Release Time**: 2024-04-26 17:48:58 - **Vulnerability Source**: Official Release - **Impact**: Denial of Service or Arbitrary Code Execution …

Read more
Node.js vm Module Sandbox Escape Leading to RCE Analysis
socket.dev · 2025-08-03

### Key Information #### Vulnerability Overview - **Vulnerability Type**: Remote Code Execution (RCE) - **Affected Component**: Node.js `eval` function - **Root Cause**: Sandbox Escape #### Technical …

Read more
OpenClinica RCE via Path Traversal and Arbitrary File Write
github.com · 2025-11-11

### Key Information #### Vulnerability Description - **Vulnerability Type**: Remote Code Execution (RCE) via path traversal and arbitrary file write - **Affected Area**: In the workflow for importing …

Read more
OpenClinica Path Traversal Leading to RCE via XML File Upload
github.com · 2025-11-11

### Critical Vulnerability Information #### Vulnerability Type - **RCE (Remote Code Execution)** - **Path Traversal** - **Arbitrary File Write** #### Affected Products and Versions - **OpenClinica Com…

Read more
SQL Injection in SourceCodester Free Hospital Management System 1.0 (CVE-2023-4440)
vuldb.com · 2025-11-11

## Critical Vulnerability Information - **CVE ID**: CVE-2023-4440 - **Vulnerability ID**: VDB-237561 - **Vendor and Product**: SourceCodester Free Hospital Management System for Small Practices 1.0 - …

Read more
Adobe Illustrator PDF Parsing Out-Of-Bounds Read RCE (CVE-2020-24410)
www.zerodayinitiative.com · 2025-11-11

Below are the key details regarding the vulnerability: - **Vulnerability Title**: - Adobe Illustrator PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability - **Identifiers**: - **ZDI…

Read more
Debian DLA-2429: WordPress Fixes 9 CVEs Including RCE, XSS, and Privilege Escalation
lists.debian.org · 2025-11-11

## Critical Vulnerability Information ### Debian LTS Advisory: DLA-2429-1 #### Package and Version - **Package**: wordpress - **Version**: 4.7.19+dfsg-1+deb9u1 #### CVE IDs - **CVE ID**: CVE-2020-2803…

Read more
SQL Injection in SourceCodester Task Reminder System 1.0 (CVE-2023-5814)
vuldb.com · 2025-11-11

### Key Information - **Vulnerability Details** - **CVE Identifier**: CVE-2023-5814 - **Product**: SourceCodester Task Reminder System 1.0 - **Vulnerability Type**: SQL Injection - **Affected File**: …

Read more
CVE-2016-1000031: Apache Commons FileUpload Deserialization RCE
issues.apache.org · 2025-11-10

## Critical Vulnerability Information - **CVE ID**: CVE-2016-1000031 - **Vulnerability Name**: Apache Commons FileUpload DiskFileItem File Manipulation Remote Code Execution - **Component**: Commons F…

Read more
Symantec Messaging Gateway CVE-2017-6327 Auth Bypass and RCE Analysis
www.exploit-db.com · 2025-11-10

### Key Information - **Vulnerability Name:** Symantec Messaging Gateway 10.6.3-2 - Root Remote Command Execution - **Vulnerability ID (EDB-ID):** 42519 - **CVE Number:** CVE-2017-6327 - **Discloser:*…

Read more
libpng CVE-2010-1205 RCE and CVE-2010-2249 DoS Vulnerability Advisory
www.debian.org · 2025-11-10

- **Package**: libpng - **Vulnerabilities**: Several - **Vulnerability Type**: Remote - **Debian-specific**: No - **CVE IDs**: CVE-2010-1205, CVE-2010-2249 - **Debian Bugs**: 533676, 572308 **CVE-2010…

Read more
Planet eStream Multiple Critical Vulnerabilities Advisory (RCE/XSS/SQLi)
sec-consult.com · 2025-11-10

## Multiple Critical Vulnerabilities in Planet Enterprises Ltd - Planet eStream - **Title**: Multiple Critical Vulnerabilities - **Product**: Planet Enterprises Ltd - Planet eStream - **Vulnerable Ver…

Read more
Jenkins Security Advisory: CSRF Bypass, XSS, and RCE Vulnerabilities (CVE-2020-2160 to 2168)
jenkins.io · 2025-11-10

### Critical Vulnerability Summary #### Vulnerability Details - **CSRF Protection Bypass (SECURITY-1774 / CVE-2020-2160)** - **Severity**: High - **Description**: An extension point in Jenkins allows …

Read more
Jenkins Security Advisory: CVE-2017-1000353 Unauthenticated RCE and CSRF Vulnerabilities
jenkins.io · 2025-11-10

## Jenkins Security Advisory 2017-04-26 ### Description **CSRF: Multiple Vulnerabilities (SECURITY-412 through SECURITY-420 / CVE-2017-1000356)** - Multiple Cross-Site Request Forgery vulnerabilities …

Read more
Firefox JS Engine Object.toSource GC Hazard Fix
bugzilla.mozilla.org · 2025-11-10

### Key Information Extraction #### Bug Summary - **Bug ID**: 351973 - **Title**: GC hazard with unrooted ids in Object.toSource - **Status**: Closed (Verified Fixed) - **Product**: Core - **Component…

Read more
Jenkins CLI Arbitrary File Read to RCE Vulnerability (CVE-2024-23897) Advisory
www.jenkins.io · 2025-11-11

```md ## Jenkins Security Advisory 2024-01-24 ### Vulnerabilities Announced: - Jenkins (core) - Git server Plugin - GitLab Branch Source Plugin - Log Command Plugin - Matrix Project Plugin - Qualys Po…

Read more
CVE-2017-7525: Jackson-databind Deserialization RCE Vulnerability Advisory
lists.apache.org · 2025-11-11

## Vulnerability Key Information - **CVE ID**: CVE-2017-7525 - **Component**: jackson-databind - **Version**: 3.11.4 and other versions (specifically: prior to 2.6.7.1, prior to 2.7.9.1, and prior to …

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.