Vulnerabilties
A listing of publicly disclosed vulnerabilities I’ve discovered.
| Vulnerability | CVE/ID | Software | Date | Links |
|---|---|---|---|---|
| Lack of Authz Checks | CVE-2025-54378 | HAX | May 2025 | GitHub Advisory, NVD |
| User Enumeration | CVE-2025-54129 | HAX | May 2025 | GitHub Advisory, NVD |
| Default Credentials | CVE-2025-54137 | HAX | May 2025 | GitHub Advisory, NVD |
| Clickjacking | CVE-2025-54139 | HAX | May 2025 | GitHub Advisory, NVD |
| Improper Session Termination | CVE-2025-53642 | HAX | May 2025 | GitHub Advisory, NVD |
| Stored Cross-Site Scripting | CVE-2025-49137 | HAX | May 2025 | GitHub Advisory, NVD |
| Iframe Phishing / Unrestricted Iframe Content | CVE-2025-49139 | HAX | May 2025 | GitHub Advisory, NVD |