Security Intel Hub 330— Search: `GHSA`×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Directus GHSA-cff8-x7jv-4fm8: Unauth Credential Cache via OpenID/OAuth2

github.com · 2024-09-12

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: Session is cached for OpenID and OAuth2…

external-secrets Privilege Escalation via ClusterRole Misconfiguration (GHSA-qwgc-rr35-h4x9)

github.com · 2024-09-10

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: A potential risk of external-secrets wh…

Bareos Command ACL Circumvention via Abbreviation (GHSA-jfww-q346-r2r8)

github.com · 2024-09-11

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: Negative command ACLs can be circumvent…

Sunshine GHSA-jqph-8cp5-g874 Incorrect state management during pairing

github.com · 2024-09-11

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: Incorrect state management during pairi…

CVAT GHSA-p3c9-m7jr-jxxj Missing Authorization for Webhook Endpoints

github.com · 2024-09-11

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: Missing authorization for endpoints rel…

Asterisk libunbound NULL Pointer Crash Fix in DNS Resolution (GHSA-v428-g3cw-7hv9)

github.com · 2024-09-07

From this webpage screenshot, we can extract the following key information about the vulnerability: 1. **Vulnerability Description**: - **Title**: `res_resolver_unbound: Test for NULL ub_result in unb…

FreeSWITCH libunbound NULL Pointer Dereference Fix (GHSA-v428-g3cw-7hv9)

github.com · 2024-09-07

Signature Validation Bypass in whatsapp-api-js (GHSA-mwhf-vhr5-7j23)

github.com · 2024-09-14

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Name**: Failure to validate message's signature - **Publisher…

runc Race Condition Vulnerability (GHSA-jfvp-7x6p-h2pv) Creates Empty Host Files

github.com · 2024-09-05

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: runc can be tricked into creating empty…

Metal3 Fix: Restrict Secret Fetching to Host Namespace (GHSA-pqfh-xh7w-7h3p)

github.com · 2024-09-05

From this webpage screenshot, we can extract the following key information about the vulnerability: 1. **Code Changes**: - Changes were made in the files `controllers/metal3.io/baremetalhost_controlle…

VRCX VR Overlay RCE via XSS and CefSharp Over-permission (GHSA-j98g-mgjm-wqph)

github.com · 2024-08-10

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Name**: VR Overlay RCE 2. **Severity**: Critical 3. **Publisher**: Natsumi-sama …

Asterisk Originate Manager Action Privilege Escalation Fix (GHSA-c4cg-9275-6w44)

github.com · 2024-08-10

From this webpage screenshot, we can extract the following key information about the vulnerability: 1. **Code Changes**: - File: `main/manager.c` - Lines changed: 161 - Lines added: 141 - Lines delete…

Asterisk Originate Manager Action Privilege Escalation Fix (GHSA-c4cg-9275-6w44)

github.com · 2024-08-10

AWS CDK RestApi Construct Authenticated User Access Bypass (GHSA-qj85-69xf-2vxq)

github.com · 2024-08-29

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: AWS CDK RestApi Construct: Authenticate…

Magick.NET 14.10.3 Security Update: Fixes Heap Overflow, DoS, and Policy Bypass Vulnerabilities

github.com · 2026-02-24

Thinking Process: 1. **Analyze the Request:** * **Task:** Translate a Chinese vulnerability intelligence summary to English. * **Role:** Professional translator specializing in cybersecurity. * **Cons…

Parse Server Authorization Bypass in File Download via Range Header

github.com · 2026-04-02

## Vulnerability Summary ### Vulnerability Overview **GHSA-hp98-9qx6-jwvv**: A file download bypass vulnerability exists in Parse Server, allowing attackers to perform streaming file downloads via the…

Discourse Patreon Plugin Authentication Bypass via Empty Webhook Secret (CVE-2026-26078)

github.com · 2026-02-27

### Key Information #### Vulnerability Details - **Title**: Authentication bypass vulnerability in the Patreon plugin webhook endpoint - **Identifier**: GHSA-frx4-wg35-4r68 - **Publisher**: davidtaylo…

Parse Dashboard CSRF Vulnerability in Agent Endpoint (CVE-2026-27609)

github.com · 2026-02-25

Based on the provided web page screenshot, the following key information about the vulnerability can be obtained: ### Vulnerability Basic Information - **Vulnerability ID**: GHSA-3534-xp88-25rc - **CV…

Discord CVE-2026-27484: Untrusted sender identity in tool-driven moderation flows

github.com · 2026-02-22

### Key Vulnerability Information #### Overview - **Vulnerability Name**: Discord moderation authorization used untrusted sender identity in tool-driven flows - **Severity**: Moderate - **CVE ID**: CV…

openclaw skills.status Secret Leakage Vulnerability (CVE-2026-26326)

github.com · 2026-02-21

## Vulnerability Key Information - **Vulnerability Overview** - Vulnerability Title: skills.status could leak secrets to operator.read clients - Vulnerability Identifier: GHSA-8mh7-phf8-xgfm - Severit…

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.

Goal Reached Thanks to every supporter — we hit 100%!

Security Intel Hub 330— Search: GHSA×

Security Intel Hub 330— Search: `GHSA`×