module://writeups

Writeups

Vulnerability research, disclosure notes, and technical deep-dives — published newest first.

7
Findings
2
High
4
Medium
1
Low
2
Platforms
Medium Bugcrowd · Recorded Future

When MCP Meets OAuth, Again: An Open Dynamic Client Registration Endpoint on Recorded Future

An unauthenticated OAuth 2.0 Dynamic Client Registration endpoint on Recorded Future's MCP gateway accepts attacker-controlled redirect_uris and unadvertised implicit flows — supplying every precondition for the documented MCP one-click account-takeover pattern.

· 5 min read ·Duplicate
oauthdynamic-client-registrationmcpaccount-takeoverauthentication
High HackerOne · Lightspark

The Signer That Logged Its Own Keys: Master Seed & Signing-Key Disclosure in lightspark-rs (CWE-532)

The one component whose entire job is to never let private keys leave the process wrote the BIP32 master seed to logs on startup — and the reference server shipped pinned to DEBUG, leaking the per-signature key on every operation too. A CWE-532 write-up.

· 7 min read ·Duplicate (Independent Discovery)
cwe-532sensitive-data-exposurelightningbitcoinrustlogging
Low Bugcrowd · Mattermost

The One Endpoint That Forgot to Sanitize: Guest Visibility Bypass & Admin Oracle in Mattermost Boards

A bulk user-lookup endpoint in mattermost-plugin-boards omitted the guest-visibility filter and profile sanitization both sibling endpoints apply — and stamped each returned user with admin flags, giving a System Guest a reliable is-admin oracle over arbitrary user IDs.

· 2 min read ·Duplicate
access-controlinformation-disclosuremattermostguest-boundarysibling-path-diffing
Medium Bugcrowd · Mattermost

Three Small Bugs, One Account Takeover: OAuth Account-Link CSRF in the Mattermost Confluence Plugin

A guessable-and-reusable OAuth state, a callback that never checks the state belongs to the requester, and Mattermost forwarding cookie-authed plugin GETs without a CSRF token — combined to let an attacker bind their own Atlassian identity to a victim's Mattermost account.

· 3 min read ·Duplicate
csrfoauthaccount-linkingmattermostsession-integrity
Medium Bugcrowd · Mattermost

The Sibling That Forgot the Check: Missing Authorization on Jira Subscription-Template Endpoints (Mattermost)

Four subscription-template endpoints in mattermost-plugin-jira were wrapped in checkAuth only — no permission, ownership, or channel check — while every sibling channel-subscription handler enforced the admin gate. Any connected user could read, overwrite, and delete every template instance-wide.

· 3 min read ·Duplicate
access-controlidorauthorizationmattermostsibling-path-diffing
Medium HackerOne · Vercel Open Source

Reading /root/.ssh/id_rsa Through an AI Agent: Path Traversal in Vercel's vercel-optimize Skill (CWE-22/73)

The vercel-optimize skill verifies its own sub-agents' claims by reading the files they point at — with no path containment. An attacker who plants content in an analyzed repo can steer a sub-agent into emitting out-of-repo paths, turning the verifier's match-count result into a file-read oracle.

· 5 min read ·Duplicate (Independent Discovery)
path-traversallocal-file-readai-agent-securityprompt-injectionnode
High Bugcrowd · PlanetHoster

Enumerating an Invoice Database Without Logging In: Unauthenticated IDOR at PlanetHoster

A 'pay invoice as a guest' endpoint answered with zero credentials, keyed lookups solely on a short sequential integer ID, and returned a clean not-found for bad IDs — making the numeric ID the only gate on the customer invoice database. A study in reporting a sensitive IDOR responsibly.

· 4 min read ·Duplicate
idoraccess-controlunauthenticatedfinancial-dataresponsible-disclosure