How do you decide what to research?

Targets where a single bug has high blast radius — shared infrastructure (Kubernetes, Apache, Linux kernel), high-deployment OSS, or critical-path WordPress plugins.

What is your disclosure timeline?

Standard 90-day coordinated disclosure. Vendor contact, fix timeline, then public CVE assignment via NVD/MITRE. Earlier disclosure if there is active exploitation.

Yes — every CVE has a corresponding PoC repo on github.com/SnailSploit, linked from the detail page. Published only after the patch is available.

Do you accept disclosure requests?

I report vulnerabilities I find. For services that include vulnerability research on your stack, see /services.

snailsploit[$]Adversarial · Research

live

cves
disclosed
2025–2026

74 published · MITRE/NVD
+ vendor-side TelSender removal
updated 2026.06

74 CVEs
Disclosed.

The full disclosure ledger. Container & cluster infrastructure, Apache foundation, cross-language OSS, and the WordPress plugin ecosystem. Sorted by blast radius — critical and high first within each group. Every entry references a coordinated disclosure with the upstream maintainers.

ghsa advisories →kernel patches →

featured

Deep-dive writeups on the highest-impact disclosures — for engineers searching the CVE itself.

Flagship Disclosures.

Each entry below has its own dedicated writeup with PoC analysis, mitigation guidance, and a quick-facts panel optimised for engineers triaging the bulletin.

CVE-2026-47393

PraisonAI — Authentication Disabled by Default

CVE-2026-47393 — the PraisonAI API code generator ships Flask servers with authentication disabled by default; the documented quickstart exposes /chat and /agents unauthenticated. Analysis and disclosure by Kai Aizen.

9.8 · crit

CVE-2026-47398

PraisonAI — Code Injection via exec_module

CVE-2026-47398 — two unguarded exec_module call sites in agents_generator.py load attacker-controlled module paths from YAML, yielding code execution before any LLM interaction. Disclosure by Kai Aizen & Avraham Shemesh.

8.1 · high

CVE-2026-46627

Twig — Sandbox Resource Exhaustion

CVE-2026-46627 — the Twig sandbox restricts code and data access but not resource consumption; untrusted templates can exhaust CPU/memory for denial of service. Analysis and disclosure by Kai Aizen.

mod · cwe-400

CVE-2026-3288

Kubernetes ingress-nginx — Configuration Injection

CVE-2026-3288 — configuration injection in Kubernetes ingress-nginx controller's rewrite-target annotation enables attacker-controlled directive rewriting. Analysis, PoC, and mitigation by Kai Aizen.

8.8 · hig

CVE-2026-30911

Apache Airflow — Missing Authentication

CVE-2026-30911 — missing authentication in Apache Airflow Core exposes a REST endpoint without auth, enabling unauthenticated reads. CVSS 8.1 High. Disclosure by Kai Aizen.

8.1 · hig

CVE-2026-32794

Apache Airflow (Databricks provider) — TLS Verification Bypass

CVE-2026-32794 — the Apache Airflow Databricks provider disables TLS verification under a misconfigured option, exposing operator-to-Databricks traffic to MITM. CVSS 4.8 Medium. By Kai Aizen.

— · pen

CVE-2026-43121

Linux kernel (io_uring zerocopy receive) — Race Condition → Double-Free → OOB Write

CVE-2026-43121 — non-atomic user_refs operations in io_uring zerocopy receive (zcrx) cause a race that escalates to double-free and out-of-bounds write. Mainline patch by Kai Aizen.

4.7 · med

CVE-2026-44840

Dgraph — DQL Injection

CVE-2026-44840 — DQL injection in Dgraph's checkUserPassword GraphQL query enables authentication bypass and arbitrary DQL execution. High severity. Disclosure by Kai Aizen.

9.1 · cri

01 · ledger · 74

Coordinated disclosure with each upstream. Embargo-respected. References are linked from each NVD record.

Full Ledger.

container & cluster infrastructure

3 cves

CVE-2026-55070Argo WorkflowsIncomplete auth fix — Lint/Create resolve templates without authzTBDmed

CVE-2026-48130Tekton PipelinesHub resolver unbounded io.ReadAll → DoS / OOMTBDmed

CVE-2026-3288Kubernetes ingress-nginxConfig injection → RCE8.8high

apache foundation

2 cves

CVE-2026-30911Apache Airflow CoreMissing authentication8.1high

CVE-2026-32794Apache Airflow (Databricks provider)TLS verification bypass4.8med

cross-language oss

27 cves

CVE-2026-43884WWBN/AVideo · PHPSSRF — HTTP redirect & DNS rebinding bypass7.7high

CVE-2026-31899CairoSVG · PythonExponential DoS — recursive amplification7.5high

CVE-2026-32809ouch-org/ouch · RustSymlink escape — arbitrary file overwrite7.4high

CVE-2026-33693activitypub-federation-rust · RustSSRF — 0.0.0.0 bypass in fediverse federation6.5med

CVE-2026-32885ddev/ddev · GoZipSlip — path traversal in archive extraction6.5med

CVE-2026-47393PraisonAIGenerated API server — auth disabled by default9.8crit

CVE-2026-47398PraisonAIUnguarded exec_module → code execution8.1high

CVE-2026-44840DgraphDQL injection → authentication bypass8.8high

CVE-2026-46627TwigSandbox resource exhaustion → DoS5.3med

CVE-2026-43121Linux Kernel io_uringzcrx race → double-free / OOB write4.7med

CVE-2026-52775YesWikiAuthenticated SQL injection in ReactionManager8.8high

CVE-2026-52778YesWikiUnsafe eval() in Bazar Formula Calculator → RCE / DoS9.8crit

CVE-2026-54236vLLMIncomplete CVE-2026-22778 fix — PIL repr leaks heap address via Anthropic router5.3med

CVE-2026-55530PraisonAIast_grep_rewrite writes arbitrary files with no approval gate6.1med

CVE-2026-55528PraisonAIAgentServer declares auth_token but never enforces it8.2high

CVE-2026-49853TornadoAuth header forwarded across cross-origin redirects7.7high

CVE-2026-45363jwt/ruby-jwt · RubyEmpty-key HMAC verification bypass7.4high

CVE-2026-44217sse-channel · JavaScriptSSE injection via unsanitized fields6.6med

CVE-2026-45619WWBN/AVideo · PHPSSRF — incomplete fix for CVE-2026-438846.5med

CVE-2026-43881WWBN/AVideo · PHPUnauthenticated user enumeration via isCompany parameter5.3med

CVE-2026-45620WWBN/AVideo · PHPSSRF — incomplete fix for CVE-2026-438815.3med

CVE-2026-8368Perl LWP / HTTP::Tiny · PerlAuth/cookie headers not stripped on cross-host redirect6.5med

CVE-2026-48022@hapi/wreck · JavaScriptCredential headers leaked on redirect (host-only origin check)6.5mod

CVE-2026-48782pydantic-ai · PythonSSRF — metadata blocklist bypass via IPv6 transition forms6.8mod

CVE-2026-46132Linux Kernel · net/rtnetlinkifla_vf_broadcast infoleak — uninitialized kernel memory via Netlink—low

CVE-2026-493539router · decoluaLocal-only access gate bypass via Host header spoofing7.5high

CVE-2026-48814Network AI · authEmpty default secret authorizes all requests—high

sahar shlichove · independent research

3 cves

CVE-2025-14847MongoDB · serverMongoBleed — uninitialized heap memory disclosure8.7high

CVE-2023-40297stakater forecastle · KubernetesDirectory traversal → service-account tokens → cluster7.5high

CVE-2023-4771CKEditor 4 · webXSS via AJAX sample — published PoC6.1med

wordpress plugin ecosystem

39 cves

CVE-2026-3596Riaxe Product CustomizerPrivilege escalation9.8crit

CVE-2026-1313MimeTypes Link IconsSSRF8.3high

CVE-2026-3599Riaxe Product CustomizerSQL injection7.5high

CVE-2025-9776CatFoldersSQL injection via CSV import6.5med

CVE-2025-12163OmniPressStored XSS6.4med

CVE-2026-2717HTTP HeadersCRLF injection5.5med

CVE-2026-0811Advanced CF7 DBCSRF5.4med

CVE-2026-13143D FlipBookMissing authentication5.3med

CVE-2026-3594Riaxe Product CustomizerInformation disclosure5.3med

CVE-2026-3595Riaxe Product CustomizerUnauthenticated user deletion5.3med

CVE-2025-11171ChartifyMissing authentication5.3med

CVE-2025-11174Document Library LiteUnauth info disclosure5.3med

CVE-2026-0814Advanced CF7 DBMissing authentication4.3med

CVE-2025-12030ACF to REST APIIDOR4.3med

CVE-2026-1208Welcart Friendly FunctionsCSRF → settings update4.3med

CVE-2025-2802LayoutBoxx · WordPressUnauthenticated arbitrary shortcode execution7.3high

CVE-2025-2805ORDER POST · WordPressUnauthenticated arbitrary shortcode execution7.3high

CVE-2025-2803So-Called Air Quotes · WordPressUnauthenticated arbitrary shortcode execution7.3high

CVE-2025-2809azurecurve Shortcodes in Comments · WordPressUnauthenticated arbitrary shortcode execution7.3high

CVE-2025-2801Smart Form builder for WordPress · WordPressUnauthenticated arbitrary shortcode execution7.3high

CVE-2025-2881Developer Toolbar · WordPressUnauthenticated information exposure5.3med

CVE-2025-2880Yame Link In Bio · WordPressUnauthenticated information exposure5.3med

CVE-2025-2840DAP to Autoresponders Email Syncing · WordPressUnauthenticated information exposure5.3med

CVE-2025-2882GreenPay by Green.Money · WordPressUnauthenticated information exposure5.3med

CVE-2025-2883Accept SagePay Payments for CF7 · WordPressUnauthenticated information exposure5.3med

CVE-2025-2841Cart66 Cloud · WordPressUnauthenticated information exposure5.3med

CVE-2025-1529AM LottiePlayer · WordPressAuthenticated stored XSS via Lottie file6.4med

CVE-2025-2580Bit Form · WordPressAuthenticated stored XSS via SVG upload4.9med

CVE-2025-2577Bitspecter Suite · WordPressAuthenticated stored XSS via SVG upload6.4med

CVE-2025-2513Smart Icons for WordPress · WordPressAuthenticated stored XSS via SVG upload6.4med

CVE-2025-2541WP Project Manager · WordPressAuthenticated stored XSS via SVG upload6.4med

CVE-2025-2576Ayyash Studio · WordPressAuthenticated stored XSS via SVG upload6.4med

CVE-2025-2542Your Simple SVG Support · WordPressAuthenticated stored XSS via SVG upload6.4med

CVE-2025-2579Lottie Player · WordPressAuthenticated stored XSS via file upload6.4med

CVE-2025-2573Amazing Service Box Addons (WPBakery) · WordPressAuthenticated stored XSS via SVG upload6.4med

CVE-2024-13379C9 Admin Dashboard · WordPressAuthenticated stored XSS via SVG upload6.4med

CVE-2025-2544AI Content Pipelines · WordPressAuthenticated stored XSS via SVG upload6.4med

CVE-2025-2575Z Companion · WordPressAuthenticated stored XSS via SVG upload6.4med

CVE-2025-2543Advanced Accordion Gutenberg Block · WordPressAuthenticated stored XSS via SVG upload6.4med

Plus: TelSender — stored XSS that resulted in vendor-side plugin removal.
Detail pages for individual CVEs are intentionally not built — the NVD record is canonical, and we don't want to become a stale mirror. For deep dives on specific findings, see the writeups in research or the upstream commit linked from NVD.

02 · how

The boring bits that matter. Coordinated disclosure, not opportunism.

Disclosure Protocol.

Coordination first

Every CVE here was reported privately to the maintainer first. Public disclosure timed to the patch — not the maintainer's convenience, but the patch.

NVD canonical

We don't maintain a parallel writeup database. The NVD record is canonical. We link to it, not around it.

No bug bounty pressure

These are reported because they need to be reported, not because someone is paying. Means the bar for what gets disclosed isn't economic.

Upstream credit

Maintainers get credit in the patch and the writeup. We don't take credit for fixes we didn't write.

74 CVEsDisclosed.

Flagship Disclosures.

Full Ledger.

Disclosure Protocol.

74 CVEs
Disclosed.