// RESEARCH Security Advisories
Responsible disclosure & vulnerability research.
Security research is a core part of our identity. All vulnerabilities are handled through responsible disclosure processes designed to protect users and vendors while promoting a safer digital ecosystem.
CVE / Recent Public Disclosures
// 5 advisories
CVE-2025-26241
A bypass of the original fix for CVE-2021-45811 in osTicket 1.15.x allows authenticated attackers to exploit the same SQL injection vulnerability.
CVE-2024-51322
Cross-site scripting in Zucchetti Ad Hoc Infinity 2.4 allows authenticated attackers to achieve remote code execution through multiple vulnerable components.
CVE-2024-51321
Improper validation of the m_cURL parameter in Zucchetti Ad Hoc Infinity 2.4 allows attackers to redirect victims to attacker-controlled websites after authentication.
CVE-2024-51320
Cross-site scripting in Zucchetti Ad Hoc Infinity 2.4 enables authenticated attackers to achieve remote code execution.
CVE-2024-51319
Local file include in Zucchetti Ad Hoc Infinity 2.4 allows authenticated attackers to achieve remote code execution through malicious JSP uploads.
Vulnerability Research
We continuously analyze emerging technologies, applications and platforms to identify security flaws before malicious actors can exploit them.
VR/01
Vulnerability Research Ethical research with real-world impact
We continuously analyze emerging technologies, applications and platforms to identify security flaws before malicious actors can exploit them.
Research areas
- Zero-day vulnerability research
- Web & enterprise application analysis
- Exploit development
- Threat intelligence research
- Secure disclosure coordination
- Public advisories & CVEs
Community contribution
- Coordinated public disclosures
- Open-source contributions
- Conference talks & publications
- Community knowledge sharing