Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

Security Intel Hub 35666+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Premium intel
CVSS 8.8
Tenda Router BE12 Pro Buffer Overflow in /goform/SafeUrlFilter (PoC)
github.com · 2026-07-14

### Vulnerability Overview - **Vulnerability Name**: Tenda Router BE12 Pro V16.03.66.23 - Buffer Overflow in /goform/SafeUrlFilter - **Vulnerability Type**: Buffer Overflow - **Affected Product**: Ten…

Read more
Mozilla Firefox Security Advisory: Critical Invalid Pointer and Site Isolation Vulnerabilities (CVE-2026-15718/15719)
www.mozilla.org · 2026-07-14

# Mozilla Foundation Security Advisory 2026-67 ## Vulnerability Overview - **CVE-2026-15718**: Invalid pointer in the JavaScript: WebAssembly component - **CVE-2026-15719**: Site isolation in the DOM:…

Read more
CVSS 3.1
open62541 OPC UA Client Remote DoS via NamespaceArray Parsing
github.com · 2026-07-14

### Vulnerability Overview **Vulnerability ID**: #8104 **Vulnerability Type**: Client-side out-of-bounds read during `NamespaceArray` `ReadResponse` processing **Description**: A malicious OPC UA TCP …

Read more
Microsoft July 2026 Security Bulletin: 622 CVEs including RCE/EoP and Talos Snort Detection Rules
blog.talosintelligence.com · 2026-07-14

### Vulnerability Overview Microsoft released its monthly security update in July 2026, which included 622 vulnerabilities, 57 of which were marked as "Critical." These vulnerabilities affect a variet…

Read more
CVSS 4.3
Academy LMS plugin unauthenticated access vulnerability analysis and PoC
plugins.trac.wordpress.org · 2026-07-14

### Vulnerability Overview The screenshot displays a code file from a WordPress plugin directory, specifically located at `academy/tags/3.7.4/includes/classes/abstract-ajax-handler.php`. The file cont…

Read more
CVSS 4.3
WordPress Academy Plugin File Upload Vulnerability Analysis
plugins.trac.wordpress.org · 2026-07-14

### Vulnerability Overview The webpage screenshot displays a file named `lesson.php` located in the `academy/tags/3.7.4/includes/ajax/` directory. This file contains a potential security vulnerability…

Read more
CVSS 4.3
WordPress Academy Plugin File Upload Vulnerability Analysis
plugins.trac.wordpress.org · 2026-07-14

### Vulnerability Overview The provided webpage screenshot displays a file named `lesson.php`, located in the `academy/tags/3.7.4/includes/ajax/` directory. This file contains a potential security vul…

Read more
Ransomware Attack Case Study: Business Insolvency and Defense Insights
www.anquanke.com · 2026-07-14

Based on the provided web screenshot, here is a summary of the key vulnerability information: ### Vulnerability Overview - **Vulnerability Name**: Not explicitly specified. - **Vulnerability Descripti…

Read more
Microsoft July 2026 Patch Tuesday Bulletin: RCE, Privilege Escalation, and Evasion Fixes in Edge, ADFS, SharePoint, and
isc.sans.edu · 2026-07-14

### Vulnerability Overview - **Release Date**: July 14, 2026 - **Total Vulnerabilities**: 622 vulnerabilities, of which 427 are in Chromium, affecting Microsoft Edge browser. - **Severity**: 62 vulner…

Read more
Checkmk mk_sap_hana Local Privilege Escalation via Process Spoofing (CVE-2026-14852)
checkmk.com · 2026-07-14

### Vulnerability Overview **Vulnerability ID**: Werk #20104 **Vulnerability Title**: mk_sap_hana: Privilege escalation via crafted SAP process name **Component**: mk_sap_hana **Date**: Jul 7 **Severi…

Read more
DBI::SQL::Nano SQL String Comparison Operator Logic Error
github.com · 2026-07-14

### Vulnerability Overview This vulnerability involves incorrect behavior of SQL comparison operators during string comparisons. Specifically, the `=` operator is incorrectly interpreted as `le` (less…

Read more
Premium intel
CVSS 10.0
Siemens Opcenter X Authentication Bypass Vulnerability (CVE-2026-56451)
cert-portal.siemens.com · 2026-07-14

### Vulnerability Overview - **Vulnerability Name**: Token Invalidation Vulnerability in Opcenter X Before V2604 - **CVE ID**: CVE-2026-56451 - **CVSS Score**: 10.0 (V3.1 and V4.0) - **Description**: …

Read more
Premium intel
CVSS 6.7
Siemens IAM Client Unquoted Search Path Vulnerability (CVE-2025-40945) Advisory
cert-portal.siemens.com · 2026-07-14

### Vulnerability Overview - **Vulnerability Name**: Unquoted Search Path Vulnerability in IAM Client - **CVE ID**: CVE-2025-40945 - **CVSS v3.1 Base Score**: 6.7 - **CVSS v4.0 Base Score**: 8.5 - **D…

Read more
Premium intel
CVSS 9.1
Siemens Mendix Insecure Inherited Permission Vulnerability (CVE-2026-7891) Advisory
cert-portal.siemens.com · 2026-07-14

# Siemens Security Advisory: SSA-814963: Insecure Inherited Permission in Mendix ## Vulnerability Overview - **Vulnerability ID**: CVE-2026-7891 - **CVSS v3.1 Base Score**: 9.1 - **CVSS v4.0 Base Scor…

Read more
CVSS 5.3
Siemens Simcenter STAR-CCM+ License Server Information Disclosure (CVE-2022-34659)
cert-portal.siemens.com · 2026-07-14

### Vulnerability Overview - **Vulnerability Name**: SSA-555707: Information Disclosure Vulnerability in Simcenter STAR-CCM+ - **Publication Date**: 2022-08-09 - **Last Update Date**: 2026-07-14 - **C…

Read more
Ubuntu Wget Security Update (USN-8543-1): Redirect Hijacking, DoS, Integer Overflow
ubuntu.com · 2026-07-14

### Vulnerability Overview - **Vulnerability ID**: USN-8543-1 - **Publication Date**: July 14, 2026 - **Description**: - Wget incorrectly handles semicolons when processing the userinfo component of a…

Read more
Mint HTTP/2 Zero-length CONTINUATION Frame Bypass Causes Memory Exhaustion
github.com · 2026-07-14

### Vulnerability Overview **Title**: Incomplete CONTINUATION-flood fix: zero-length HTTP/2 CONTINUATION frames bypass the byte-size cap **Description**: Mint’s HTTP/2 CONTINUATION frame processor lim…

Read more
Mint.HTTP DoS fix: Improper header size limits in HTTP/1.1/2
github.com · 2026-07-14

### Vulnerability Overview This vulnerability involves improper configuration of size limits for response headers or chunked trailers in the HTTP/1.1 and HTTP/2 protocols, which may lead to Denial of …

Read more
Mint Erlang CVE-2024-36229 Unbounded Memory Exhaustion DoS Vulnerability and POC
github.com · 2026-07-14

### Vulnerability Overview **Vulnerability Name**: Unbounded HTTP/1 response-header and chunked-trailer accumulation allows memory-exhaustion DoS **Vulnerability Description**: The Mint HTTP/1 respons…

Read more
Snowflake Connector for Spark 3.2.1 Patch: Fixes SQL Injection in CREATE STAGE and Log Redaction for Sensitive Data
docs.snowflake.com · 2026-07-14

### Vulnerability Overview - **Vulnerability Name**: The specific vulnerability name is not explicitly stated, but it involves multiple fixes in Snowflake Connector for Spark. - **Affected Version**: …

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.