OK! 38 posts in total. Keep on posting.

1-Click RCE in Flowise (CVE-2026-40933): When Is stdio MCP Actually a Vulnerability?

05-28

When MCP Meets OAuth: Common Pitfalls Leading to One-Click Account Takeover

01-29

CVE-2025-34291: Critical Account Takeover and RCE Vulnerability in the Langflow AI Agent & Workflow Platform

12-05

From DNS Takeover to Org Admin: Secondary Attacks on Atlassian Cloud

07-31

Behind the Shield: Cracking the Limits of Okta FastPass

05-05

Demystifying Okta AiTM

03-20

聊聊 Synology NAS Audio Station 套件未授权 RCE 调试及 EXP 构造

06-10

Netgear Nighthawk R8300 upnpd PreAuth RCE 分析与复现

08-24

Android 8.0-9.0 Bluetooth Zero-Click RCE – BlueFrag 漏洞分析及利用（CVE-2020-0022）

04-28

Girl CTF Course Project 1 Write-up

10-29