Blog Archive

Other

June 2026 - When Rendering Hurts: Turning SVG into Browser DoS in OTRS (CVE-2026-48208)
June 2026 - When Escaping Lies: From SQL Modes to RCE in OTRS (CVE-2026-48188)
February 2026 - When Admin Features Become RCE: A Case Study in OTRS Package Design
September 2025 - When a Leaked Django SECRET_KEY Becomes Worse: A Case Study in Wagtail
May 2025 - Frappe Shallow Dive
March 2025 - The pdfkit vulnerability (CVE-2025-26240)

Habuon's Blog

Habuon

Habuon