Vulnerability research, detection engineering, and applied cryptography.
A widely-deployed open-source crypto library enforces an RFC 5280 CA path-length constraint only when a separate extension is present, so a CA forbidden from delegating can mint rogue sub-CAs the library still trusts. Includes an interactive proof you can run in the browser.
Read the writeup →Mattermost shared-channel invite endpoint enforces system-level perms but not channel-level. Same bug class as CVE-2025-11777.
Read the writeup →Iteration 3: results and what would not be a finding.
Read the writeup →Iteration 2: parser audit and candidate ranking.
Read the writeup →Recon and variant-seed inventory against sequoia-openpgp based on its historical RUSTSEC advisories.
Root-cause walk-through of CVE-2025-47934 (signature-verification bypass via msg.packets mutation) and a variant search against the v6.2.0 compression refactor.
Top-to-bottom audit log of systemd-coredumpd and systemd-resolved DNS parser. No findings; the writeup is the methodology and the dead ends.
Read the writeup →QBFT's HasBadProposal check is symmetric across the round, one prepared bad proposal halts the round for every validator.
N-day demonstration of CVE-2024-32972 against an unpatched go-ethereum fork. Single unauthenticated TCP packet causes 7.8 GB allocation, OOM-kills the node. Targeting all IBFT validators halts the entire chain.
Read the writeup →Valkey replication stealth path bypasses listpack validation.
Read the writeup →MySQL binlog ACL bypass surfaces replication credentials.
Read the writeup →aiven_gatekeeper extension bypassed via implicit-cast-driven shadow functions.
parse_ident without schema qualification inside SECDEF: variant of CVE-2025-31480 territory.