ʞʞıdɐɔoɥƆ
Security Researcher & Exploit Developer
at VulnCheck
Breaking, building, and documenting. Vulnerability research, exploit development, and offensive security.
Latest
NVIDIA GEN3C: Unauthenticated RCE via Pickle Deserialization in Inference API
A critical unauthenticated RCE vulnerability in NVIDIA's GEN3C project. Two FastAPI inference endpoints deserialize raw HTTP POST bodies with pickle.loads() without any authentication, giving instant code execution to anyone with network access.
Read more →Recent
all →FOSSBilling: One Missing throw - From Auth Bypass to Unauthenticated RCE
A missing throw keyword in FOSSBilling's API router exposes the entire admin surface to unauthenticated attackers. Combined with an unsandboxed Twig SSTI that leaks the full DI container, this leads to arbitrary SQL execution, admin takeover, and unauthenticated RCE via malicious extension installation.
CVE-2026-29514: NetBox Jinja2 Sandbox Bypass to RCE via RenderTemplateMixin environment_params
A Jinja2 sandbox bypass in NetBox allows low-privilege users to achieve remote code execution via the RenderTemplateMixin environment_params finalize parameter, affecting both ExportTemplate and ConfigTemplate.
Unauthenticated RCE in OpenCATS via Installer Config Injection
Unauthenticated remote code execution in OpenCATS through unsanitized input in the installer AJAX endpoint, allowing PHP code injection into config.php.
CVE-2026-26210: ktransformers Unauthenticated RCE via Pickle Deserialization in ZMQ Scheduler
A critical unauthenticated RCE vulnerability in ktransformers' balance_serve backend. A ZMQ ROUTER socket binds to all interfaces and proxies messages to worker threads that deserialize them with pickle.loads() - no authentication, no validation.
CVE-2026-25874: HuggingFace LeRobot Unauthenticated RCE via Pickle Deserialization in gRPC PolicyServer
A critical unauthenticated RCE vulnerability in HuggingFace's LeRobot project (21.5k stars). The gRPC PolicyServer deserializes attacker-controlled data with pickle.loads() in two RPC handlers, allowing instant code execution without authentication.
Microsoft tensorwatch: Local Code Execution via Pickle Deserialization in ZMQ Listener
A local code execution vulnerability in Microsoft's tensorwatch. Calling tw.Watcher() - the first line in every README example - silently creates a ZMQ REP socket on localhost that deserializes incoming messages with pickle.loads(). Any local user on the same machine gets code execution.
NEVER GONNA
GIVE YOU UP
You were warned.