Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 330— Search: GHSA×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Lettermint Email Property Leak via Client Instance Reuse (GHSA-49pc-8936-wvfp)
github.com · 2026-02-22

## Vulnerability Information ### Vulnerability Title Email properties leak to unintended recipients when client instance is reused ### Vulnerability ID - GHSA-49pc-8936-wvfp ### Vulnerability Descript…

Read more
Craft CMS SSRF Fix via IPv6 Prefix Filtering (GHSA-v2gc-rm6g-wrw9)
github.com · 2026-02-24

Thinking Process: 1. **Analyze the Request:** * **Task:** Translate a Chinese vulnerability intelligence summary into English. * **Role:** Professional translator specializing in cybersecurity. * **Co…

Read more
Command Injection in Git Repository Status (GHSA-q6hm-vf4f-47jf)
github.com · 2026-02-21

## Command Injection Vulnerability in Git Repository Status (GHSA-q6hm-vf4f-47jf) ### Severity - Moderate - CVSS v3 base score: 6.3/10 ### Impact Arbitrary command injection can lead to remote code ex…

Read more
Strimzi Kafka Connect/MM2 CA Chain Trust Bypass Vulnerability (GHSA-6x85-j2f7-4xc5)
github.com · 2026-02-21

### Critical Vulnerability Information #### Vulnerability Title All CAs from CA chain will be trusted in Kafka Connect and Kafka MirrorMaker 2 target clusters #### Vulnerability ID GHSA-6x85-j2f7-4xc5…

Read more
OpenClaw Unrestricted gatewayUrl Override Vulnerability (GHSA-g6q9-8fvw-f7rf)
github.com · 2026-02-21

### Key Information #### Vulnerability Overview - **Vulnerability Title**: Gateway tool allowed unrestricted gatewayUrl override - **Publisher**: orlyjamie - **Vulnerability ID**: GHSA-g6q9-8fvw-f7rf …

Read more
OpenClaw GHSA-6hf3-mhgc-cm65: Session Visibility Privilege Escalation & Telegram Webhook Config Flaw
github.com · 2026-02-21

## Key Information - **Vulnerability ID**: GHSA-6hf3-mhgc-cm65 - **CVE ID**: CVE-2026-27004 - **Severity**: High ### Vulnerability Details - **Affected Versions**: =2026.2.15 - **Description**: In cer…

Read more
AutoGPT Platform GHSA-4crw-9p35-9x54 Fix for Disabled Block Bypass
github.com · 2026-02-21

### Critical Vulnerability Information #### Summary - **Vulnerability Type**: When directly invoked via API, blocks marked as `disabled=True` (such as `BlockInstallationBlock`) were not checked during…

Read more
Spree Authenticated IDOR Fix (GHSA-g268-72p7-9j6j)
github.com · 2026-02-07

### Critical Vulnerability Information - **Vulnerability Type**: Authenticated Insecure Direct Object Reference (IDOR) - **Fix Submission**: GHSA-g268-72p7-9j6j - **Fix Submitter**: damianlegawiec - *…

Read more
Spree Commerce GHSA-3310 Address Handling Vulnerability Fix
github.com · 2026-02-07

- **Commits** - Commit `ff7cfcf` was made to address a vulnerability GHSA-3310 related to address data handling in the Spree Commerce platform. - Fix included additional application or third-party app…

Read more
OpenFGA Improper Policy Enforcement Vulnerability (GHSA-jq9f-gm9w-rwm9/CVE-2026-24851)
github.com · 2026-02-07

## Critical Vulnerability Information ### Vulnerability Summary - **Name**: OpenFGA Improper Policy Enforcement - **ID**: GHSA-jq9f-gm9w-rwm9 - **Severity**: Medium ### Affected Versions - **GitHub Pa…

Read more
Rabbit/Shopify Address Management Bypass Vulnerability Fix (GHSA-address-fix)
github.com · 2026-02-07

### Key Information #### Vulnerability Fix Overview - **Vulnerability ID**: GHSA-address-fix (specific details not provided, but can be further researched via the ID) - **Fix Description**: Resolved a…

Read more
Fix OOB in CIccXform3DLut::Apply() - CVE/GHSA-pmqx-q624-jg6w
github.com · 2026-02-05

- **Project and Branch**: - Project: InternationalColorConsortium / iccDEV - Pull Request: #563 - Branch: master - **Vulnerability Information**: - **Title**: Fix: OOB in CIccXform3DLut::Apply() - **L…

Read more
tar Path Traversal Vulnerability Fix (GHSA-qxx2-7h4c-83f4)
github.com · 2026-02-05

### Vulnerability Key Information #### Vulnerability Type - **Path Traversal**: The vulnerability stems from insufficient validation of tar entry paths, allowing attackers to exploit maliciously craft…

Read more
Shell Injection Fix (GHSA-vqqr-rmpc-hhg2): Escaping Implementation and Test Cases
github.com · 2026-02-05

## Vulnerability Key Information ### Vulnerability Type - **Shell Injection** via variable substitution - **CVE Identifier:** GHSA-vqqr-rmpc-hhg2 ### Vulnerability Details - **Work Directory Injection…

Read more
cert-manager GHSA-gx3x-vq4p-mhhv Fix DNS Resolution Panic in v1.19.3
github.com · 2026-02-05

- Key Information about the Vulnerability: - **Addressed Vulnerability ID:** GHSA-gx3x-vq4p-mhhv - **Vulnerability Type:** Security issue (specific details not provided in the screenshot) - **Resolved…

Read more
GHSA-237r-x578-h5mv: API Key Privilege Escalation via Update Endpoint (CVE-2026-23896)
github.com · 2026-01-30

### Vulnerability Key Information #### Vulnerability Name API Key Privilege Escalation #### Vulnerability ID GHSA-237r-x578-h5mv #### Vulnerability Type CVE-2026-23896 #### Vulnerability Severity High…

Read more
Decidim 0.30.4 Security Update: GHSA-3cx6-j9j4-54mp Vulnerability Fix
github.com · 2026-02-04

### Critical Vulnerability Information - **Vulnerability ID:** GHSA-3cx6-j9j4-54mp (pending CVE) - **Release Date:** 2025-11-20 - **Disclosure Date:** 2026-01-20 (two months later) - **Security Policy…

Read more
Wasmtime GHSA-vc8c-j3xm-xj73: x86-64 f64.copysign Segfault DoS Vulnerability
github.com · 2026-01-28

### Vulnerability Key Information #### Vulnerability Title Wasmtime segfault or unused out-of-sandbox load with `f64.copysign` operator on x86-64 #### Vulnerability ID GHSA-vc8c-j3xm-xj73 #### Affecte…

Read more
SSRF Private Network Bypass via Numeric Address (GHSA-hgr9-frvw-5r76)
github.com · 2026-01-30

From the provided web screenshot, we can extract the following key information about the vulnerability: ### Vulnerability Summary - **Vulnerability Name**: SSRF (Server-Side Request Forgery) and priva…

Read more
iccDEV Library CIccTagXmlFloatNum Parse Vulnerability (GHSA-398v-jvcg-p8f3/CVE-2026-24409)
github.com · 2026-01-27

### Key Information #### Vulnerability Overview - **Vulnerability Name**: NPD & UB in CIccTagXmlFloatNum::ParseXml() - **Vulnerability ID**: GHSA-398v-jvcg-p8f3 - **Publisher**: xsscx - **Release Date…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.