All writeups, including latest and upcoming ones.
-
🔒 CVSS 7.7 Search Algorithm Manipulation on LinkedIn
1000 rvfet
How I discovered and responsibly reported an on-site and off-site search poisoning vulnerability that leads to indistinguishable user deception attacks on LinkedIn.
-
🔒 CVSS 5.8 Google Infrastructure Exhaustion Vulnerability
1000 rvfet
How I discovered a Severity 2 Zero Attribution Risk vulnerability in Google Image Proxy that could be exploited to exhaust Google's Infrastructure.
-
🔒 CVSS 9.6 Account Takeover in Azerbaijan's Most Visited Platforms
1000 rvfet
How an OAuth token leakage through Open Redirect enabled complete account takeover on tap.az and turbo.az. A case study on critical vulnerabilities and exemplary vendor response by Digital Classifieds MMC.
-
CVSS 8.1 Permanent State Corruption in Linear.app
1000 rvfet
Discovering a logic vulnerability that allowed any authenticated user to permanently brick workspaces in Linear. Used by OpenAI, Scale, and Perplexity.
Publicly disclosed writeups on various security topics and vulnerabilities.
-
CVSS 8.1 Permanent State Corruption in Linear.app
1000 rvfet Discovering a logic vulnerability that allowed any authenticated user to permanently brick workspaces in Linear. Used by OpenAI, Scale, and Perplexity.
Due to responsible disclosure ethics, these blogs will be published after full remediation.
-
🔒 CVSS 7.7 Search Algorithm Manipulation on LinkedIn
1000 rvfet How I discovered and responsibly reported an on-site and off-site search poisoning vulnerability that leads to indistinguishable user deception attacks on LinkedIn.
-
🔒 CVSS 5.8 Google Infrastructure Exhaustion Vulnerability
1000 rvfet How I discovered a Severity 2 Zero Attribution Risk vulnerability in Google Image Proxy that could be exploited to exhaust Google's Infrastructure.
-
🔒 CVSS 9.6 Account Takeover in Azerbaijan's Most Visited Platforms
1000 rvfet How an OAuth token leakage through Open Redirect enabled complete account takeover on tap.az and turbo.az. A case study on critical vulnerabilities and exemplary vendor response by Digital Classifieds MMC.