Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 673— Search: RCE×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
WooCommerce Plugin CSRF Vulnerability: Missing Nonce Verification in Ajax.php
plugins.trac.wordpress.org · 2025-11-10

Key information is as follows: 1. **File Path**: - File path: `flexible-refund-and-return-order-for-woocommerce/trunk/vendor_prefixed/wpdesk/flexible-refunds-core/src/Integration/Ajax.php` 2. **File V…

Read more
WooCommerce Plugin Advanced Local Pickup 1.6.0 Security Fix Analysis
plugins.trac.wordpress.org · 2025-11-09

### Key Information Summary #### 1. Plugin Update - **Plugin Name**: Advanced Local Pickup for WooCommerce - **Version Update**: - 1.5.5 → 1.6.0 - Update Commit ID: [2983681] → [2986002] #### 2. Modif…

Read more
Advantech WebAccess/SCADA Path Traversal Leading to RCE (CVE-2020-25161)
us-cert.cisa.gov · 2025-11-09

## Vulnerability Key Information ### 1. Vulnerability Summary - **CVSSv3 Score:** 8.8 - **Exploitability:** Remote exploitation / Low skill level required - **Vendor:** Advantech - **Affected Equipmen…

Read more
RHSA-2015:2517: Red Hat Fuse Service Works fixes Commons Collections deserialization RCE (CVE-2015-7501)
rhn.redhat.com · 2025-11-09

- **Title**: RHSA-2015:2517 – Security Advisory - **Summary**: Critical: Red Hat Fuse Service Works 6.0.0 commons-collections Security Update - **Type/Severity**: Security Advisory: Critical - **Subje…

Read more
CentOS-WebPanel Vulnerabilities: Pre-Auth RCE, Account Takeover, and Command Injection
github.com · 2025-11-09

### Vulnerability Overview - **Project Name**: CentOS-WebPanel - **Description**: Proof-of-Concept (PoC) script demonstrating vulnerabilities in CentOS Web Panel. ### Vulnerability Types - **Pre-Auth …

Read more
CVE-2016-15007: SOQL Injection in Centralized-Salesforce-Dev-Framework SOQL Handler
vuldb.com · 2025-11-09

### Vulnerability Key Information - **CVE Identifier**: CVE-2016-15007 - **CVSS Meta Temp Score**: 6.9 - **Current Exploit Price**: $0-$5k - **CTI Interest Score**: 0.14 #### Summary - **Vulnerability…

Read more
iOS 15/iPadOS 15 Security Update: Accessory Manager RCE and other CVE fixes
support.apple.com · 2025-11-08

### Vulnerability Key Information #### iOS 15 and iPadOS 15 Security Content Overview - **Release Date**: September 20, 2021 - **Affected Components**: Accessory Manager, AppleMobileFileIntegrity, App…

Read more
HP AutoPass License Server Unauthenticated File Upload RCE (CVE-2013-6221)
github.com · 2025-11-08

Based on the information in the webpage screenshot, the following key details about the vulnerability can be obtained: - **Vulnerability Name**: HP AutoPass License Server File Upload - **Vulnerabilit…

Read more
IceScrum ≤7.5.4 JDBC Connection String RCE via testDbConnection (CVE-2025-60785)
zdaylabs.com · 2025-11-04

### Key Information #### CVE Information - **CVE ID:** CVE-2025-60785 - **Severity:** High - **CVSS v3.1:** 8.8 - **Affected Vendor:** IceScrum - **Affected Product:** IceScrum - **Vulnerability Type:…

Read more
SourceCodester Online Clearance System 1.0 Session Forgery Vulnerability Analysis
github.com · 2025-10-11

### Critical Vulnerability Information - **Vulnerability Type**: Incorrect Access Control - **Affected Product**: SourceCodester Online Clearance System 1.0 - **Attack Type**: Remote #### Description …

Read more
Airsonic Advanced Unrestricted File Upload to RCE via Path Traversal (CVE-2021-39867)
github.com · 2025-09-20

### Key Information #### Vulnerability Overview - **Vulnerability Name**: Unrestricted File Upload and Path Traversal to Remote Code Execution in Airsonic Advanced - **Severity**: Medium - **CVE ID**:…

Read more
Accela Automation Platform CVE-2025-57644 RCE and SSRF Vulnerability Analysis
medium.com · 2025-09-21

### Key Information #### Vulnerability Overview - **CVE ID**: CVE-2025-57644 - **Vulnerability Type**: Remote Code Execution (RCE) and Server-Side Request Forgery (SSRF) - **Affected Product**: Accela…

Read more
Dahua Device SOAP Arbitrary File Upload and RCE via bitmap Interface
github.com · 2025-08-29

From this webpage screenshot, the following key information about the vulnerability can be obtained: - **Vulnerability Name**: dahua_bitmap_fileupload - **Source**: https://mp.weixin.qq.com/s/OkZk0F9-…

Read more
SourceCodester HRIS Unrestricted File Upload Vulnerability in editemployee_process.php with POC
github.com · 2025-08-27

### Key Information Summary #### Vulnerability Name SourceCodester Human Resource Information System /Superadmin_Dashboard/process/editemployee_process.php Unrestricted Upload Vulnerability #5 #### Af…

Read more
NVIDIA Triton Inference Server August 2025 Security Bulletin: RCE and Info Disclosure CVEs
nvidia.custhelp.com · 2025-08-07

### Critical Vulnerability Information #### Vulnerability Overview - **Announcement Title**: NVIDIA Triton Inference Server - August 2025 - **Update Date**: August 1, 2025, 4:30 PM #### Vulnerability …

Read more
HuggingFace Transformers Sandbox Escape RCE (CVE-2022-42809)
huntr.com · 2025-07-30

## Critical Vulnerability Information ### Vulnerability Title Python sandbox escape leading to Remote Code Execution (RCE) in huggingface/transformers ### Vulnerability Type Remote Code Execution (RCE…

Read more
Apex Central SSRF and wagent RCE Vulnerabilities (CVE-2025-30678/47865)
success.trendmicro.com · 2025-07-06

### Critical Vulnerability Information #### Vulnerability Details - **CVE-2025-30678**: modTMSM Server-Side Request Forgery Information Disclosure Vulnerability - CVSS v3.1: 4.3 (AV:N/AC:L/PR:N/UI:N/S…

Read more
SourceCodester Student Study Center Desk Management System 1.0 XSS in username parameter
vuldb.com · 2025-06-11

## Critical Vulnerability Information - **Title**: SourceCodester Student Study Center Desk Management System 1.0 Cross Site Scripting in "username" parameter - **Description**: - Related code file: `…

Read more
Shenzhen Jixiang Tengda FH451 Router webExceptipmenFilter Stack Overflow RCE Analysis
github.com · 2025-05-24

### Key Information Summary #### Vulnerability Overview - **Vulnerability Type**: Remote Code Execution (RCE) - **Affected Device**: Shenzhen Jixiang Tengda Technology Co., Ltd. FH451 Router - **Vulne…

Read more
CSRF Vulnerability in SourceCodester Online Student Clearance System V1.0
github.com · 2025-05-20

### Critical Vulnerability Information #### Vulnerability Title - SourceCodester Online Student Clearance System V1.0 /admin/add-admin.php - Cross-Site Request Forgery (CSRF) #### Vulnerability Type -…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.