An open-source CLI that queries NVD, OSV, GitHub Advisories, WPScan, Patchstack, CISA KEV, and Exploit-DB in parallel so you can check for duplicate findings before submitting a CVE.
How I found a critical command injection vulnerability in docker-wkhtmltopdf-aas, a Dockerized HTML-to-PDF web service, and achieved remote code execution as root through …
How I found an OS command injection vulnerability in iOS-remote, a Flask-based iOS device management tool, and achieved remote code execution through an unsanitized subprocess …
How I discovered a DLL hijacking vulnerability in CactusViewer v2.3.0, built a proof of concept, and submitted it for a CVE ID.