Found a vulnerability and got a CVE assigned (CVE-2026-48747)
The flaw is a Signature Algorithm Downgrade in the mailomat-mailer component, allowing an attacker to achieve complete Signature Forgery.
https://t.co/NfV1wHdO9w
#CVE#Symfony#AppSec#BugBounty
pwn3d docker for the 3rd time (:
ZDI-CAN-29539 is a host remote code execution i found in docker containers back in february... now its awaiting vendor's disclosure.
i wrote a blog about the art of xs-leak attacks, i did a deep dive into chromium source code for an xs-leak oracle, have fun ๐
https://t.co/hID6fse7re