Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 673— Search: RCE×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Elasticsearch 7.14.x Security Bulletin: Multiple CVEs (RCE/LPE)
docs.suitecrm.com · 2025-08-08

From this webpage screenshot, the following key vulnerability information can be obtained: ### 7.14.x Releases #### 7.14.7 - **CVEs** - CVE-2023-25689: Privilege escalation vulnerability in Elasticsea…

Read more
Fastjson Deserialization RCE in SysGeneratorController
github.com · 2025-04-09

### Critical Vulnerability Information #### Vulnerability Location - In the `SysGeneratorController.java` class, at the `@RequestMapping("/code")` endpoint, specifically at the `JSON.parseArray(tables…

Read more
Codezips E-commerce Site 1.0 search.php SQL Injection Vulnerability
vuldb.com · 2024-11-26

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Title**: Codezips E-commerce Site Using PHP With Source Code …

Read more
Cisco RCM Debug RCE and Info Disclosure Vulnerabilities (CVE-2022-20649/20648) Advisory
sec.cloudapps.cisco.com · 2024-11-17

From this webpage screenshot, the following key information about the vulnerabilities can be obtained: 1. **Vulnerability Type**: - **CVE-2022-20649**: Cisco RCM Debug Remote Code Execution Vulnerabil…

Read more
WooCommerce Plugin Search order by product SKU <= 0.2 XSS Vulnerability
patchstack.com · 2024-11-11

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Title**: WordPress Search order by product SKU for WooCommerc…

Read more
PyTorch Distributed RPC RemoteModule Deserialization RCE Vulnerability with PoC
rumbling-slice-eb0.notion.site · 2024-11-03

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Type**: Distributed RPC Framework RemoteModule has Deserialization RCE in pytorc…

Read more
SourceCodester Purchase Order Management System v1.0 Command Execution via /admin?page=user (CVE-2024-48454)
github.com · 2024-10-26

From this webpage screenshot, the following key vulnerability information can be obtained: 1. **CVE-ID**: - CVE-2024-48454 2. **Description**: - A vulnerability in SourceCodester Purchase Order Manage…

Read more
Linux Kernel RCU CONFIG_FORCE_NR_CPUS Misconfiguration Causes System Crash
git.kernel.org · 2024-10-24

From this webpage screenshot, we can extract the following key information about the vulnerability: 1. **Vulnerability Description**: - The vulnerability describes that when the `CONFIG_FORCE_NR_CPUS`…

Read more
YITH WooCommerce Ajax Search <2.7.1 XSS Vulnerability (CVE-2024-7846)
wpscan.com · 2024-09-24

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: YITH WooCommerce Ajax Search < 2.7.1 2. **Vulnerability Type**: XSS (Cross-Site…

Read more
PHP-FPM Unix Socket Misconfiguration Leading to Info Disclosure/RCE
www.openwall.com · 2026-04-03

**Vulnerability Overview:** This vulnerability exists

Read more
Hugging Face LeRobot Async Inference gRPC Unpickle RCE (#3047)
github.com · 2026-04-24

# Vulnerability Summary: Insecure Pickle Deserialization Vulnerability in Hugging Face /lerobot Asynchronous Inference ## Overview - **Vulnerability ID**: #3047 - **Vulnerability Type**: CWE-502 - Des…

Read more
OneClick Remote Access Unauthenticated RCE via MCP Interface and Insecure CORS
github.com · 2026-04-02

**Vulnerability Overview** * **Vulnerability Name:** OneClick Remote Access: Insecure CORS & Unauthenticated MCP Interface * **Description:** This vulnerability involves insecure Cross-Origin Resource…

Read more
Cisco Security Advisory: Critical RCE and Unauthorized Access Vulnerabilities in Secure Firewall, ISE, and UCCE (CVE-202
tools.cisco.com · 2025-11-08

### Critical Vulnerability Information - **Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Execution Vulnerability** -…

Read more
Festo CECX Controller Vulnerabilities (CVE-2014-3101 to 3105): RCE, Directory Traversal, Unauthorized Access
www.cisa.gov · 2025-07-06

### Critical Vulnerability Information #### Vulnerability Overview - **CVE IDs**: CVE-2014-3101, CVE-2014-3102, CVE-2014-3103, CVE-2014-3104, CVE-2014-3105 - **CWE IDs**: CWE-287 (Improper Authenticat…

Read more
GitHub - bootstrapbool/xerteonlinetoolkits-rce: Unauthenticated Xerte Online Toolkits exploit. Requires knowing a valid
github.com · 2026-04-25

# Xerte Online Toolkits Remote Code Execution Vulnerability Summary ## Vulnerability Overview Xerte Online Toolkits contains three exploitable vulnerabilities that can be chained by unauthorized attac…

Read more
CVE-2026-33656: Authenticated RCE via Formula Path Traversal in sourceId with PoC
github.com · 2026-04-23

# Vulnerability Summary: Authenticated RCE via Formula with Path Traversal in Attachment 'sourceId' ## Overview - **Vulnerability Name**: Authenticated RCE via Formula with Path Traversal in Attachmen…

Read more
CraftCMS Commerce RCE via SQLi and PHP Deserialization (CVE-2026-52271)
github.com · 2026-04-18

# Vulnerability Summary: craftcms/commerce Remote Code Execution Vulnerability ## Overview This vulnerability exists in the TotalRevenue widget of `craftcms/commerce`. An attacker can leverage an SQL …

Read more
Wasmtime ResourceTable Vulnerability Analysis: Resource Management and Thread Safety
docs.rs · 2026-02-25

- **Vulnerability Context**: The screenshot displays the `ResourceTable` struct from the `wasmtime` crate, which manages resources within a WebAssembly runtime environment. Potential vulnerabilities o…

Read more
CVE-2026-27613 CGI Parameter Injection Leading to RCE and Source Code Disclosure
github.com · 2026-02-26

### Key Information Summary #### Vulnerability Details - **Vulnerability Name**: CGI Parameter Injection (Bypass of STRICT_CGI_PARAMS and EscapeShellParam) - **CVSS v4 Severity**: 10.0/10 (Critical) -…

Read more
CVE-2024-42845: RCE Vulnerability in Open Source Biomedical Tool via eval
www.partywave.site · 2026-02-21

### CVE-2024-42845 - **Vulnerability Type**: Remote Code Execution (RCE) - **Affected Tool**: A widely used open-source biomedical tool actively maintained and utilized for medical standard imaging in…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.