Olivia
Online
Maher Azzouzi
@maherazz2
Joined September 2022
413 Following
1.3K Followers
161 Posts
@zippgod24 It’s no longer just report and they take care of it. now it’s report and convince 😂
Me: here is a stable OOB read/write vulnerability.
: duplicate of CVE-2026-XXXX.
Me: I reported CVE-2026-XXXX too. These are different bugs: different root causes and different vulnerability classes (UAF vs OOB r/w). I don’t think this is a duplicate.
: this ticket was closed because it was not reproducible on the latest branch used in our products.
Me: I can reliably reproduce it on the latest public iOS 26.5 beta. I also provided a video PoC.
: thank you for the additional info.
A few weeks later: we reproduced the issue and are planning to address it in Summer 2026... ¯\_(ツ)_/¯
Qualcomm mishandled my last report at first, but in the end they acknowledged the issue and paid the bounty. I reported a FastRPC UAF. Qualcomm said that they know about it but due to some internal tooling problems, the fix didn't reach all release branches for over a year.
Another AMDGPU bug I reported last year has been fixed: CVE-2025-54517 (CVSS 8.5).
One ioctl -> kernel compromise on AMD Instinct / Radeon PRO virtualization stacks.
May 2026 security bulletin:
https://t.co/tm8qf5fgC7
Who to follow
FeDEX 
@FetchDEX
{ Christian Hacker } { ceo @aisafe_io } { @WreckTheLine }
William
@kleptographic
cryptography PhD student @NYU_Courant, defund @dicegangctf, 𝘩⁺
Harrison Green
@hgarrereyn
PhD student @S3DatCMU @CyLab | Reverse Engineer @DiceGangCTF | Senior Otter @osec_io | prev. @Margin_Research, @MayhemSec, @LabDurrant
@bienpnn The same impact was done by many many vulnerabilities in the past this is nothing new
Apple fixed two vulnerabilities I reported affecting Safari/WebKit: CVE-2026-28953 and CVE-2026-28901. Sometimes mitigations can create new attack surfaces.
https://t.co/CHFAZQ3yLe
@IElmakhfi a bit busy khoya lwejdi 😄
Redis 👀
@stats_feed Memorize more of the Quran
@3zCS Thank you Abdulaziz!
Technical details for a kernel UAF vulnerability I reported earlier (analysis + PoC).
https://t.co/cxzYZapd63
@Michaelelkamika Thank you! No fuzzing involved, all auditing.
Reported ZDI-CAN-28490 (CVSS 7.5). A Linux kernel bug in the ETS qdisc within the packet scheduler subsystem.
A logic flaw + race can leave a freed qdisc on an internal list, letting an unprivileged user trigger a UAF and gain kernel-level privilege escalation.
AMD August 2025 Security Bulletins (AMD-SB-6018 and AMD-SB-5007) feature my discovery CVE-2024-36342, a heap overflow in the @AMD GPU driver, rated with the highest severity in AMD-SB-5007 and listed among the most severe vulnerabilities in AMD-SB-6018.
https://t.co/gVGxevtwkZ
@a13xp0p0v @PwnieAwards Thanks a lot for sharing, really appreciate your time, the blog, and all the effort you put into it!
@a13xp0p0v @PwnieAwards Thank you so much for clarifying! Just curious — was this always reliable for you, or did the interrupt sometimes miss the window? And when you say gradually increasing the timeout, was it in nanosecond-level steps?
@roddux Hello, yep i stumbled on the same off-by-one. Why this wasn't patched before btw? do you want to discuss it a bit?
Last Seen Users on Sotwe
Most Popular Users
Elon Musk
@elonmusk
240.4M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.3M followers
Taylor Swift
@taylorswift13
81.2M followers
Lady Gaga
@ladygaga
72.7M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.4M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.1M followers
CNN
@cnn
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.4M followers