Hello World

Dedicated to vulnerability research at Ant Security Light-Year Lab, with a current focus on LLM Security and its intersection with traditional binary and system-level security.

This is my ongoing security research journey — a public log of vulnerabilities reported to and acknowledged by vendors, alongside awards, public contributions, and work in progress.

Work conducted under NDA or as internal corporate research — including during my tenure at Huawei (2022.08–2025.04) — is excluded from this chronicle, per disclosure and publication restrictions.

Year – 2021

Chromium:

  • CVE-2021-37972 : Out-of-bounds read in libjpeg-turbo

LibRaw:

  • CVE-2021-38236 : Heap-buffer-overflow in raw2image.cpp
  • CVE-2021-38235 : Heap-buffer-overflow in fp_dng.cpp

数科OFD阅读器:

  • CNNVD-202111-2224-2225 : Integer overflow leading to buffer overflow in pdfdom.dll
  • CNVD-2022-00039–00048 : Uncontrolled resource consumption in suwellofdapp.exe
  • CNVD-2022-00049 : Arbitrary address access in swd20.dll

Year – 2022

Chromium:

  • Issue 1312736, Issue 1327884 : Null-dereference in PDFium

  • Issue 1314658 : Heap-use-after-free in PDFium CPDFSDK_AppStream::Write

Year – 2025

Tianwang Cup (National AI Security Challenge):

  • 1st Place, Large Language Model Track

Year – 2026

Tianfu Cup:

  • Champion, General AI Infrastructure Framework

OpenClaw:

  • GHSA-xj9w-5r6q-x6v4 : Host RCE via scope gate bypass in device pairing
  • GHSA-gjm7-hw8f-73rq : Gateway RCE via unrestricted agent dispatch in node.event
  • GHSA-9p3r-hh9g-5cmg : Sandbox escape via TOCTOU race in FS bridge readFile
  • GHSA-g5cg-8x5w-7jpm : Sandbox escape via context inheritance in Heartbeat
  • GHSA-cwf8-44x6-32c2 : Sandbox escape via symlink traversal in OpenShell Mirror Sync
  • GHSA-rm5c-4rmf-vvhw : Sandbox escape via check-then-act bypassing fd-based TOCTOU defenses
  • CVE-2026-33579 : Privilege escalation via scope bypass in /pair approve
  • CVE-2026-33577 : Privilege escalation via callerScopes bypass in node.pair.approve
  • CVE-2026-33581 : Arbitrary file read via media parameter in message tool
  • GHSA-fv94-qvg8-xqpw : Arbitrary file write via symlink in SSH sandbox tar upload
  • CVE-2026-34504 : SSRF in fal provider image download
  • CVE-2026-34503 : Privilege persistence via stale WebSocket session after token revocation
  • GHSA-hhff-fj5f-qg48 : Resource exhaustion via audio preflight transcription in Discord

PraisonAI:

  • CVE-2026-40157 : Arbitrary file write via path traversal in recipe unpack
  • CVE-2026-40160 : SSRF via unvalidated URL in web_crawl httpx fallback

Life
#System Security #LLM Security #about me #Agent Security
Hello World
https://mundi-xu.github.io/2018/10/25/hello-world/
Author
煊宇
Posted on
October 25, 2018
Licensed under