Security researcher, Kenya. Authentication, authorization, and access-control vulnerabilities in web frameworks, databases, proxies, and AI/ML tooling, with additional work in WebRTC and protocol parsing.
| ID | Target | Severity | Date |
|---|---|---|---|
| CVE-2026-31607 | Linux kernel (USB/IP): usbip_recv_iso() integer overflow → heap out-of-bounds write |
Critical 9.8 | 2026-04-24 |
| CVE-2026-48772 | ProxySQL: PROXY-protocol UNKNOWN source-IP spoofing → client_addr ACL bypass |
Critical 9.1 | 2026-06-19 |
| CVE-2026-22752 | Spring Security Authorization Server: insufficient DCR client-metadata validation | Critical 9.0 | 2026-04-21 |
| GHSA-5qfp-32cf-69jh | SurrealDB: unauthenticated session hijack via HTTP /rpc sessions |
High 8.8 | 2026-05-27 |
| GHSA-4vgr-h27g-cf9p | SurrealDB: HTTP RPC session TOCTOU race → privilege escalation | High 8.1 | 2026-05-27 |
| CVE-2026-47155 | vLLM: revision-pin decay loads unpinned code/weights (supply-chain integrity) | Moderate 6.5 | 2026-06-22 |
| GHSA-4m82-p8cx-f94j | SurrealDB: LIVE query subscriptions survive session change → access-control bypass (co-reported) | Moderate 4.3 | 2026-05-27 |
| keycloak#47915 | Keycloak: FreeMarker ?new() built-in enabled by default in theme templates |
Hardening | 2026-04-09 |
Further disclosures to several vendors remain under embargo and will be listed here as the advisories publish.
- Listed in the LiveKit Security Hall of Fame
- Bastsec/kifaru: autonomous multi-agent security research platform
- nuclei-mcp: Model Context Protocol server for the Nuclei scanner



