Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 673— Search: RCE×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
SQL Injection in Train Station Ticketing System via price[1] parameter
github.com · 2025-11-19

## Critical Vulnerability Information ### Affected Product - Train Station Ticketing System Project ### Vendor Homepage - [https://www.sourcecodester.com/php/14572/train-station-ticketing-system-using…

Read more
OpenHarness Plugin Trust Boundary Bypass Leading to RCE and Remote State Tampering
github.com · 2026-04-22

# Vulnerability Summary: OpenHarness Plugin Trust Boundary Bypass ## Vulnerability Overview This vulnerability involves two security flaws in the OpenHarness plugin system, with the core issue being a…

Read more
CVE-2026-5325: SourceCoderster Simple CRM 1.0 Description Parameter XSS Vulnerability
vuldb.com · 2026-04-02

### 漏洞关键信息总结 **漏洞概述** * **CVE编号:** CVE-2026-5325 * **漏洞名称:** SourceCoderster Simple Customer Relationship Management System 1.0 Create Ticket /create-ticket.php Description Cross Site Scripting * **漏洞…

Read more
Tanium Enforce Recovery Key Portal Insecure File Permissions Vulnerability (CVE-2026-1344)
security.tanium.com · 2026-02-21

## Critical Vulnerability Information * **CVE Number**: CVE-2026-1344 * **Tanium Number**: TAN-2026-003 * **Release Date**: February 17, 2026 * **Vulnerability Description**: Tanium discovered an inse…

Read more
UTT Aggressive 520W Router Buffer Overflow in DNS Filter Config
github.com · 2025-12-07

### Key Vulnerability Information - **Vendor of the Products**: UTT - **Affected Product**: Aggressive 520W Router - **Affected Firmware Version**: <=v3v1.7.7-180627 #### Overview The UTT Aggressive 5…

Read more
CVE-2015-7313: LibTIFF Remote Denial of Service Vulnerability and Fix Details
security-tracker.debian.org · 2025-08-27

### Key Information #### Vulnerability Overview - **Name**: CVE-2015-7313 - **Description**: LibTIFF allows remote attackers to cause a denial of service (memory consumption and crash) via a crafted T…

Read more
XiaozhangBang Voluntary Like System V8.8 Incorrect Access Control Vulnerability
github.com · 2025-11-06

## Security Advisory: Incorrect Access Control in XiaozhangBang Voluntary Like System V8.8 ### Summary An Incorrect Access Control vulnerability has been identified in XiaozhangBang Voluntary Like Sys…

Read more
Weaver E-cology10 RCE Vulnerabilities in xmReport, dubboApi, and saveSignAddrslInfo Modules
h4cker.zip · 2026-04-07

# Summary of Remote Code Execution Vulnerabilities in Weaver E-cology10 ## Vulnerability Overview The Weaver E-cology10 system contains multiple Remote Code Execution (RCE) vulnerabilities, primarily …

Read more
Flowinsight CVE-2025-32311 Command Injection Leading to Docker Container Escape
github.com · 2026-04-21

# Summary of Command Injection and Docker Container Escape Vulnerabilities ## Vulnerability Overview **Title**: Command Injection and Docker container escape allows root on host machine **Published by…

Read more
Fix for Captcha Logic Flaw Allowing Admin Bypass
github.com · 2026-04-22

# Vulnerability Summary ## Overview This vulnerability involves improvements to the CAPTCHA generation and verification logic, aimed at enhancing security. Specifically: 1. **CAPTCHA Generation Logic*…

Read more
BoidCMS <=2.1.2 LFI to RCE Vulnerability and POC
github.com · 2026-04-18

# Vulnerability Summary: BoidCMS Local File Inclusion (LFI) Leading to Remote Code Execution (RCE) ## Vulnerability Overview BoidCMS versions 2.1.2 and earlier contain a critical vulnerability. An att…

Read more
glibc pvalloc/valloc Integer Overflow Vulnerability (CVE-2013-4332) Analysis
www.openwall.com · 2025-11-13

### Key Information - **CVE ID**: CVE-2013-4332 - **Vulnerability Type**: Three integer overflow issues - **Affected Components**: `glibc` memory allocation functions `pvalloc`, `valloc`, and `posix_m…

Read more
JSONPath-Plus RCE Bypass Vulnerability and Payload Analysis
github.com · 2024-10-24

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Title**: Remote Code Execution (RCE) is still possible #226 -…

Read more
Siemens LOGO! V8.3 BM Electromagnetic Fault Injection Vulnerability (CVE-2022-42784) Advisory
cert-portal.siemens.com · 2024-09-11

### Key Information #### Vulnerability Description - **Vulnerability ID**: SSA-844582 - **Affected Product**: LOGO! V8.3 BM (including SIPLUS variants) - **Vulnerability Type**: Electromagnetic Interf…

Read more
Juju Controller Resource Poisoning Vulnerability Analysis
github.com · 2026-04-04

* **漏洞概述:** 任何经过身份验证的用户、机器或控制器均可通过Jujutsu控制器修改整个控制器中应用程序的资源,攻击者仅需通过基础身份验证即可利用“UI”和“GET”方法上传或修改资源。 * **影响范围:** 任何部署的charm都可能被篡改,进而引入安全漏洞影响其他工作流;尤其高危的是OCI容器,若资源无安全控制,攻击者可篡改Docker镜像,通过获取执行代码(exec)实现恶意脚本执…

Read more
KubePlus kubeconfigGenerator Command Injection Vulnerability (CVE-2026-29955)
gist.github.com · 2026-04-18

# KubePlus KubeconfigGenerator Command Injection Vulnerability (CVE-2026-29955) ## Vulnerability Overview This vulnerability exists in the `kubeconfiggenerator` component of KubePlus. When processing …

Read more
RustFS Authorization Bypass in UploadPartCopy Enables Cross-Bucket Exfiltration
github.com · 2026-04-08

### Vulnerability Overview * **Vulnerability Name**: Authorization bypass in multipart UploadPartCopy enables cross-bucket object exfiltration (multipart UploadPartCopy 中的授权绕过导致跨桶对象泄露) * **Vulnerabili…

Read more
Loaded Commerce 6.6 CSTI Vulnerability and Client-Side Code Execution PoC
www.exploit-db.com · 2025-12-05

### Vulnerability Key Information #### Vulnerability Overview - **EDB-ID:** 52084 - **CVE:** N/A - **Author:** tmrswrr - **Type:** WEBAPPS - **Platform:** PHP - **Date:** 2025-03-19 - **Affected Appli…

Read more
OpenEXR HT2K Signed Integer Overflow in ht_undo_impl()
github.com · 2026-04-21

# HT2K Signed Integer Overflow in ht_undo_impl() ## Vulnerability Overview In the HT2K (High-Throughput JPEG 2000) decompression path of OpenEXR, the `ht_undo_impl()` function contains a signed intege…

Read more
UTT Aggressive 520W Router formPolicyRouteConf Buffer Overflow Vulnerability Analysis
github.com · 2026-02-07

### Vulnerability Key Information #### Information - **Product Vendor**: UTT - **Vendor Website**: UTT Aite - Professional Router, Switch, Firewall Brand - **Affected Product**: Aggressive 520W - **Af…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.