// VULNERABILITY RESEARCH LAB

CVE Analysis &
Security Research
From the Front Lines

In-depth technical write-ups, proof-of-concept breakdowns, and regression testing for disclosed vulnerabilities. All research is conducted in isolated lab environments — for education and defence.

Publications

2024

Latest Year

RCE

Focus Area

9.8

Highest CVSS

// CVE Write-ups

Vulnerability
Research Archive

Detailed technical breakdowns of real-world vulnerabilities — how they work, how to reproduce them, and how to defend against them.

CVE-2024-6387 Critical

regreSSHion — OpenSSH Unauthenticated Remote Code Execution

A signal handler race condition in OpenSSH's sshd allows unauthenticated remote code execution as root on glibc-based Linux systems. A regression of the 2006 CVE-2006-5051 bug — back after 18 years.

OpenSSH RCE Race Condition Linux glibc

Published: 01 Jul 2024 CVSS 9.8 / 10

→ Read Write-up

CVE-2025-53770 Critical

ToolShell — SharePoint Unauthenticated Remote Code Execution

An authentication bypass chained with insecure deserialization in SharePoint's ToolPane.aspx grants unauthenticated SYSTEM-level RCE on on-premises SharePoint 2016, 2019, and Subscription Edition. Exploited as a zero-day and linked to ransomware campaigns.

SharePoint RCE Deserialization Windows Zero-Day

Published: 25 Jul 2025 CVSS 9.8 / 10

→ Read Write-up

Work with us

Found a Vulnerability
in Your Environment?

Our team can help you assess the impact, validate exploitability, and remediate before attackers find it first.

Request Assessment View All Services →

CVE Analysis & Security Research From the Front Lines

VulnerabilityResearch Archive

Found a Vulnerabilityin Your Environment?

CVE Analysis &
Security Research
From the Front Lines

Vulnerability
Research Archive

Found a Vulnerability
in Your Environment?