#PoC

🌍 Web Vulnerabilities Beginner Web CVE-2026-33476

SiYuan ≤ 3.6.1 Unauthenticated Arbitrary File Read via Path Traversal (CVE-2026-33476)

An unauthenticated path traversal vulnerability in SiYuan ≤ 3.6.1 allows attackers to read arbitrary files from the server via the /appearance/ endpoint, exposing sensitive configuration and system data.

Mar 27, 2026 · 6 min read · Insecure Deserialization

#exploit #web security #PoC #Path Traversal

🌍 Web Vulnerabilities Intermediate macOS CVE-2025-62608

MLX ≤ 0.29.3 Heap-Based Buffer Overflow in NumPy Parser (CVE-2025-62608)

A heap-based buffer overflow in MLX ≤ 0.29.3 allows attackers to trigger memory corruption via crafted NumPy .npy files, potentially leading to denial of service or information disclosure.

Mar 22, 2026 · 3 min read · Stack Overflow

#exploit #Security Research #Buffer Overflow #NumPy

SiYuan ≤ 3.6.1 Unauthenticated Arbitrary File Read via Path Traversal (CVE-2026-33476)

MLX ≤ 0.29.3 Heap-Based Buffer Overflow in NumPy Parser (CVE-2025-62608)

Stay updated on new research