Writeups
Vulnerability research, disclosure notes, and technical deep-dives — published newest first.
When MCP Meets OAuth, Again: An Open Dynamic Client Registration Endpoint on Recorded Future
An unauthenticated OAuth 2.0 Dynamic Client Registration endpoint on Recorded Future's MCP gateway accepts attacker-controlled redirect_uris and unadvertised implicit flows — supplying every precondition for the documented MCP one-click account-takeover pattern.
The Signer That Logged Its Own Keys: Master Seed & Signing-Key Disclosure in lightspark-rs (CWE-532)
The one component whose entire job is to never let private keys leave the process wrote the BIP32 master seed to logs on startup — and the reference server shipped pinned to DEBUG, leaking the per-signature key on every operation too. A CWE-532 write-up.
The One Endpoint That Forgot to Sanitize: Guest Visibility Bypass & Admin Oracle in Mattermost Boards
A bulk user-lookup endpoint in mattermost-plugin-boards omitted the guest-visibility filter and profile sanitization both sibling endpoints apply — and stamped each returned user with admin flags, giving a System Guest a reliable is-admin oracle over arbitrary user IDs.
Three Small Bugs, One Account Takeover: OAuth Account-Link CSRF in the Mattermost Confluence Plugin
A guessable-and-reusable OAuth state, a callback that never checks the state belongs to the requester, and Mattermost forwarding cookie-authed plugin GETs without a CSRF token — combined to let an attacker bind their own Atlassian identity to a victim's Mattermost account.
The Sibling That Forgot the Check: Missing Authorization on Jira Subscription-Template Endpoints (Mattermost)
Four subscription-template endpoints in mattermost-plugin-jira were wrapped in checkAuth only — no permission, ownership, or channel check — while every sibling channel-subscription handler enforced the admin gate. Any connected user could read, overwrite, and delete every template instance-wide.
Reading /root/.ssh/id_rsa Through an AI Agent: Path Traversal in Vercel's vercel-optimize Skill (CWE-22/73)
The vercel-optimize skill verifies its own sub-agents' claims by reading the files they point at — with no path containment. An attacker who plants content in an analyzed repo can steer a sub-agent into emitting out-of-repo paths, turning the verifier's match-count result into a file-read oracle.
Enumerating an Invoice Database Without Logging In: Unauthenticated IDOR at PlanetHoster
A 'pay invoice as a guest' endpoint answered with zero credentials, keyed lookups solely on a short sequential integer ID, and returned a clean not-found for bad IDs — making the numeric ID the only gate on the customer invoice database. A study in reporting a sensitive IDOR responsibly.
No writeups match your filters.