Author: Mohammed Idrees Banyamer

Country:

Reported research: 16

Advisories

Risk	Topic & Details
High	MLX <= 0.29.3 - Heap-based Buffer Overflow in .npy Parser (CVE assigned) Remote \| 2026-02-26
High	Azure AI Language Conversations Authoring SDK < 1.0.0b4 - Remote Code Execution (CVE assigned) Remote \| 2026-02-26
Med.	FileBrowser ≤ v2.57.0 - Path-Based Access Control Bypass via Multiple Leading Slashes in URL (Authenticated Authorization Bypass) (CVE assigned) Remote \| 2026-02-23
Med.	LangGraph SQLite Checkpoint - SQL Injection via Metadata Filter Key (CVE assigned) Remote \| 2026-02-23
Low	Hyland OnBase Timer Service Unauthenticated .NET Remoting RCE (CVE assigned) Remote \| 2026-02-19
Low	Repetier-Server <= 1.4.10 - Unauthenticated Path Traversal / Local File Inclusion (CVE assigned) Remote \| 2026-02-19
Low	Roundcube Webmail DOM-based XSS Exploit via SVG href Attribute (CVE assigned) Remote \| 2026-02-15
High	deephas <= 1.0.7 - Prototype Pollution leading to Arbitrary Code Execution / DoS Remote \| 2026-02-02
High	LangChain Core - Serialization Injection to Jinja2 SSTI/RCE (CVE assigned) Remote \| 2026-01-26
High	Microsoft PowerPoint 2019 Remote Code Execution (RCE) (CVE assigned) Remote \| 2025-07-24
Low	Parrot and DJI variants Drone OSes Kernel Panic Exploit (CVE assigned) Local \| 2025-06-26
Med.	macOS LaunchDaemon iOS 17.2 Privilege Escalation (CVE assigned) Local \| 2025-06-26
High	Windows File Explorer Windows 11 (23H2) NTLM Hash Disclosure (CVE assigned) Local \| 2025-06-20
High	Microsoft Windows 11 Version 24H2 Cross Device Service Elevation of Privilege (CVE assigned) Local \| 2025-06-15
Med.	Windows Explorer - NTLM Hash Disclosure via .library-ms in ZIP Archive (CVE assigned) Local \| 2025-06-04
High	Pymatgen 2024.1 Remote Code Execution (CVE assigned) Remote \| 2025-04-28

Do you know.. we can display your:

- Twitter Link
- Website Link
- Zone-H Link
- Description of profile
- email (let us know if you want show public)

Let's us know! submit@cxsec.org

Copyright 2026, cxsecurity.com