Advisory: CVE-2025-68613 Advisory: CVE-2026-25049 I’m a bit late to the party with this one, but I wanted to combine the two vulnerabilities I discovered into a single post (actually, they c...

TL;DR but not really Advisory: CVE-2026-25053 One day, while hunting for vulnerabilities on n8n, the Git Node caught my attention, and I started investigating what I could do with it. Naturally, ...

It’s been a while since I shared a post, I think I’ve forgotten how to start these things. Let’s cut to the chase. One day, out of boredom, I was auditing the urllib3 codebase. At the time, I was ...

Software: NPM - Ip Package Vulnerability: Missing IP Address Control CVE: CVE-2023-42282 Discoverer: Fatih Çelik & Emre Durmaz Description of the product: IP address utilities for node....

Software: [https://github.com/pytorchlightning/pytorch-lightning) Vulnerability: Insecure Yaml Deserialization CVE: CVE-2021-4118 Description of the product: Lightning disentangles PyTorch c...

Software: https://sourceforge.net/projects/group-office/ Version: 6.4.196 Vulnerability: Cross Site Scripting CVE: CVE-2020-35418 && CVE-2020-35419 Description of the product: Group...

Software: https://sourceforge.net/projects/group-office/ Version: 6.4.196 Vulnerability: SSRF CVE: CVE-2021-28060 Description of the product: Group Office is an open source groupware applic...

Software: https://sourceforge.net/projects/sentrifugo/ Version: 3.2 Vulnerability: Unrestricted File Upload CVE: CVE-2020-26805 Sentrifugo is a FREE and powerful Human Resource Management Sy...

Software: https://sourceforge.net/projects/sentrifugo/ Version: 3.2 Vulnerability: Unrestricted File Upload CVE: CVE-2020-26803 Exploit-DB: https://www.exploit-db.com/exploits/48997 Sentrif...

Software: https://sourceforge.net/projects/sentrifugo/ Version: 3.2 Vulnerability: Unrestricted File Upload CVE: CVE-2020-26804 Exploit-DB: https://www.exploit-db.com/exploits/48998 Sentrif...