Blog

“The sky above the port was the color of television, tuned to a dead channel.”

Shaking the Mesh: Four Memory Corruption Bugs in VTK’s GLTF Loader

2026-03-1011 min read

How fuzzing F3D’s 3D file parser with a dictionary-based libFuzzer harness found four memory corruption vulnerabilities in VTK’s GLTF document loader - two use-after-frees, a heap buffer overflow, and a buffer overread.

[Read More]

HTB: Previous

2025-08-26MediumLinux3 min read

#htb #linux #web #cve #privilege-escalation

Next.js middleware authentication bypass (CVE-2025-29927), LFI for credential extraction, and Terraform provider override for root.

[Read More]

The Binary Switcheroo: Turning a KDE File Manager Into a Local Privilege Escalation

2025-05-1511 min read

#research #race-condition #privilege-escalation #kde #toctou

How a TOCTOU race condition in KDE’s kio-admin plugin verification lets local attackers escalate privileges through Dolphin’s administrator mode - with a ~4% hit rate per attempt.

[Read More]

The Rate Limit That Wasn’t: Bruteforcing django-allauth’s Email Verification Code

2025-01-154 min read

#research #web-security #authentication-bypass #django #bruteforce

How a 6-character verification code with a disabled rate limit turned django-allauth’s email verification into a bruteforce target - the only High finding in a Radically Open Security code audit.

[Read More]