CVE

Jank CVEs discovered by yours truly. This list only contains writeups for the handful of CVEs which I think are unique. For a more complete list of my work, check out Vulnerability Research or my vulnerability advisories.

Thumbnail for When Hospitality Software is Too Hospitable (CVE-2026-21966, CVE-2026-21967)
Thumbnail for When Hospitality Software is Too Hospitable (CVE-2026-21966, CVE-2026-21967)

When Hospitality Software is Too Hospitable (CVE-2026-21966, CVE-2026-21967)

An XSS Filter Bypass and a Curious SSRF in Oracle Hospitality OPERA

2026‑02‑13
5 minute read
research web java
Thumbnail for Reverse Engineering a Siemens Programmable Logic Controller for Funs and Vulns (CVE-2024-54089, CVE-2024-54090 & CVE-2025-40757)
Thumbnail for Reverse Engineering a Siemens Programmable Logic Controller for Funs and Vulns (CVE-2024-54089, CVE-2024-54090 & CVE-2025-40757)

Reverse Engineering a Siemens Programmable Logic Controller for Funs and Vulns (CVE-2024-54089, CVE-2024-54090 & CVE-2025-40757)

When security by obscurity breaks...

2025‑09‑12
9 minute read
research embedded reverse