Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

Security Intel Hub 34232+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
CVSS 4.4
Juniper Junos Null Pointer Reference DoS Vulnerability (CVE-2026-21901) Security Bulletin
github.com · 2026-07-10

### Vulnerability Overview - **Vulnerability Name**: Juniper Junos - Null pointer reference (CVE-2026-21901) - **Severity**: Medium (6.7 / 10) - **CVSS v4 Base Metrics**: - **Attack Vector**: Local - …

Read more
docuForm FSM Multiple Vulnerabilities (CVE-2025-65415-65418, CVE-2026-51923-51926): RCE, XSS, LFI, IDOR
gist.github.com · 2026-07-10

### Vulnerability Summary #### 1. CVE-2026-51923 - **Vulnerability Overview**: An insecure direct object reference (IDOR) vulnerability exists, allowing authenticated attackers to modify or retrieve s…

Read more
Mercusys MW302R Web Admin Stack Buffer Overflow DoS (CVE-2026-31267)
gist.github.com · 2026-07-10

### Vulnerability Overview - **CVE ID**: CVE-2026-31267 - **Vulnerability Type**: Denial of Service (DoS) - **Description**: A stack buffer overflow vulnerability exists in the management web interfac…

Read more
CVSS 7.1
Pimcore Studio Backend Bundle Privilege Escalation via Insufficient Permission Check on Class Definition Creation
github.com · 2026-07-10

### Vulnerability Overview **Insufficient Permission Check on Class Definition Creation Endpoint Allows Privilege Escalation** - **Vulnerability Description**: The class definition creation endpoint i…

Read more
CVSS 7.1
Pimcore Studio Class Definition API Authorization Fix
github.com · 2026-07-10

### Vulnerability Overview - **Vulnerability Title**: [Bug] [User Permissions] Update access control for class definition routes (#1886) - **Contributor**: martineiber - **Submission Time**: Last mont…

Read more
Python Liquid Denial of Service Vulnerability via Unclosed Case Tag
github.com · 2026-07-10

### Vulnerability Overview This vulnerability involves an infinite loop in the parser when parsing templates containing the `% case %` tag that are not properly closed. ### Scope of Impact - **Version…

Read more
CVSS 7.7
CVE-2026-5258: SQL Injection in Pimcore Studio Backend via DateFilter
github.com · 2026-07-10

### Vulnerability Overview **Vulnerability Name**: SQL Injection via Column Name in DateFilter allows authenticated user to extract arbitrary database data including admin password hashes **Descriptio…

Read more
CVSS 4.3
Juniper Junos OS SNMPv3 Out-of-bounds Write Memory Leak DoS (CVE-2026-33799)
supportportal.juniper.net · 2026-07-10

### Vulnerability Overview - **Vulnerability Name**: SNMPv3 requests in Junos OS and Junos OS Evolved cause memory leak and snmpd crash - **CVE ID**: CVE-2026-33799 - **Severity**: High - **CVSS Score…

Read more
CVSS 7.7
SQLi in PHP DateFilter Class: Analysis, POC, and Fix
github.com · 2026-07-10

### Vulnerability Overview This vulnerability involves a SQL injection issue in the `DateFilter` class. Specifically, when processing date filter conditions, if the user-provided `operator` parameter …

Read more
CVSS 6.5
Junos OS MX Series Micro-BFD Session Flap Crash Vulnerability (CVE-2026-33800)
supportportal.juniper.net · 2026-07-10

### Vulnerability Overview - **Vulnerability Name**: 2026-07 Security Bulletin: Junos OS: MX Series: In a VC scenario a high rate of micro-BFD session flaps will cause an FPC crash (CVE-2026-33800) - …

Read more
CVSS 6.5
CVE-2026-33801: Juniper Junos OS RPD Crash via Malformed BGP Update
supportportal.juniper.net · 2026-07-10

### Vulnerability Overview - **Vulnerability Name**: 2026-07 Security Bulletin: Junos OS and Junos OS Evolved: When a specifically malformed BGP route update is received RPD crashes (CVE-2026-33801) -…

Read more
Premium intel
CVSS 8.8
Fix for Open Redirect Vulnerability in Reset Password URL Validation (UserLoginService)
github.com · 2026-07-10

### Vulnerability Overview This vulnerability involves a lack of URL validation in password reset links, potentially allowing malicious users to bypass security restrictions and gain unauthorized acce…

Read more
CVSS 5.9
Juniper Junos OS Evolved PTX ECMP Routing Update DoS via PFE Crash (CVE-2026-33794)
supportportal.juniper.net · 2026-07-10

### Vulnerability Overview - **Vulnerability Name**: Junos OS Evolved: PTX Series: Receipt of repeated ECMP routing updates results in PFE crash (CVE-2026-33794) - **Vulnerability Description**: In Ju…

Read more
Premium intel
CVSS 8.8
Pimcore Unauthenticated Account Takeover via Password Reset URL Injection and 2FA Bypass
github.com · 2026-07-10

### Vulnerability Overview **Vulnerability Name**: Account Takeover via Password Reset URL Injection allows unauthenticated attacker to hijack any admin account with 2FA bypass **Vulnerability Descrip…

Read more
CVE-2025-45422: Proximus b-box UPnP Access Control Bypass and Persistence POC
github.com · 2026-07-10

### Vulnerability Overview - **CVE ID**: CVE-2025-45422 - **Vulnerability Name**: Proximus b-box UPnP Persistence & Access Control Bypass - **Description**: This vulnerability affects Proximus b-box r…

Read more
ez3prings Java Native Deserialization Vulnerability and POC
xz.aliyun.com · 2026-07-10

### Vulnerability Overview Exploitation of the Java native deserialization vulnerability in ez3prings, identified during the 4th Yellow River Domain Cybersecurity Competition. This vulnerability invol…

Read more
Premium intel
CVSS 8.1
IBM WebSphere WebSphere Web Server Plug-in RCE and DoS Vulnerabilities Advisory
www.ibm.com · 2026-07-10

### Vulnerability Overview Multiple vulnerabilities exist in IBM WebSphere Application Server and WebSphere Application Server Liberty when using Web Server Plug-ins, which may lead to remote code exe…

Read more
CVSS 6.4
RHSA-2026:37387: Red Hat OpenShift Data Foundation Security Update with CVEs
access.redhat.com · 2026-07-10

# RHSA-2026:37387 - Security Advisory ## Vulnerability Overview Red Hat OpenShift Data Foundation 4.22.0 security update, containing enhancements and bug fixes. ## Affected Scope - Red Hat OpenShift D…

Read more
GetKirby Clean URL Draft File Unauthorized Access Vulnerability Fix
github.com · 2026-07-10

### Vulnerability Overview This vulnerability involves improper verification of user permissions when accessing draft page files via clean URLs, allowing unauthorized users to access these files. ### …

Read more
Premium intel
CVSS 7.5
Pipcat Unauthenticated Telephony WebSocket /ws Call-Control Abuse Vulnerability
github.com · 2026-07-10

### Vulnerability Overview **Telephony WebSocket `/ws` Unauthenticated Call-Control Abuse via Attacker-Supplied Call SID** - **Vulnerability Type**: Unauthenticated call control abuse - **Affected Ver…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.