This is my simple blog, where i will be discussing vulnerabilities I have found.

Posts

• Jun 1, 2026

  When Rendering Hurts: Turning SVG into Browser DoS in OTRS (CVE-2026-48208)

• Jun 1, 2026

  When Escaping Lies: From SQL Modes to RCE in OTRS (CVE-2026-48188)

• Feb 23, 2026

  When Admin Features Become RCE: A Case Study in OTRS Package Design

• Sep 30, 2025

  When a Leaked Django SECRET_KEY Becomes Worse: A Case Study in Wagtail

• May 16, 2025

  Frappe Shallow Dive

• Mar 12, 2025

  The pdfkit vulnerability (CVE-2025-26240)

subscribe via RSS