Video wird geladen...

Video konnte nicht geladen werden

Zur Startseite

Exploiting llama.cpp’s RPC Server - From Null Buffer to RCE Against PIE + Full RELRO + NX | CVE-2026-34159: The vulnerability is a one-line logic bug in the RPC server’s tensor deserialization pipeline. Youtube: Blog:

NullSecurityX's profile picture

NullSecurityX

11,808 subscribers

19,539 Aufrufe • vor 1 Monat •via X (Twitter)

LIVE

Anya Rossi• Live Now

Private livecam show

0 Kommentare

Keine Kommentare verfügbar

Kommentare vom Original-Post werden hier angezeigt

Ähnliche Videos

Zero Click Unauthenticated RCE in n8n (CVE-2026-27493) The chain exploitation method is: Allow User input SSTI exploitation e.g. {{7*7}} ={{$node["NodeName"].constructor.constructor('return process.mainModule.require("child_process").execSync("id ").toString()')()}}
1:23

Zero Click Unauthenticated RCE in n8n (CVE-2026-27493) The chain exploitation method is: Allow User input SSTI exploitation e.g. {{7*7}} ={{$node["NodeName"].constructor.constructor('return process.mainModule.require("child_process").execSync("id ").toString()')()}}

NullSecurityX

36,718 Aufrufe • vor 2 Monaten

So here is new local privilege escalation zero-day I discovered, not patched yet too :). In simple terms, if you have a service like RDP that exposes an RPC server, there many system services running as SYSTEM connect to it as RPC clients. If that service is turned off (RDP is off by default), it seems that any other process in Windows can expose the same RPC server using the same endpoint. Now all the RPC calls from that SYSTEM processes will come to this fake server and If the process that deployed the server has SeImpersonatePrivilege, it can escalate to SYSTEM by impersonate the RPC client. In the white paper below, I describe five exploit paths you can abuse. However it's architecture problem and maybe there are more. It's Not A Potato
1:49

So here is new local privilege escalation zero-day I discovered, not patched yet too :). In simple terms, if you have a service like RDP that exposes an RPC server, there many system services running as SYSTEM connect to it as RPC clients. If that service is turned off (RDP is off by default), it seems that any other process in Windows can expose the same RPC server using the same endpoint. Now all the RPC calls from that SYSTEM processes will come to this fake server and If the process that deployed the server has SeImpersonatePrivilege, it can escalate to SYSTEM by impersonate the RPC client. In the white paper below, I describe five exploit paths you can abuse. However it's architecture problem and maybe there are more. It's Not A Potato

Haidar

50,555 Aufrufe • vor 1 Monat

It's the bug of the month for June 2026! CVE-2026-45657 - A CVSS 9.8 vulnerability in Kernel that allows remote, unauthenticated code execution at SYSTEM without user interaction. Yikes!
0:38

It's the bug of the month for June 2026! CVE-2026-45657 - A CVSS 9.8 vulnerability in Kernel that allows remote, unauthenticated code execution at SYSTEM without user interaction. Yikes!

TrendAI Zero Day Initiative

31,362 Aufrufe • vor 5 Tagen

Exploit PoC Telegram Web app XSS / Session Hijacking 1-click The XSS vulnerability is triggered using the event type web_app_open_link via postMessage. (CVE-2024–33905)
0:31

Exploit PoC Telegram Web app XSS / Session Hijacking 1-click The XSS vulnerability is triggered using the event type web_app_open_link via postMessage. (CVE-2024–33905)

NullSecurityX

93,653 Aufrufe • vor 2 Monaten

If you want to be able to call server functions from the client, RPC is often the move. The Bun + Better Call combo gets you a fullstack solution in very little code. Server, Client, bundling and HMR 👌 had to record a little video showing the setup
3:26

If you want to be able to call server functions from the client, RPC is often the move. The Bun + Better Call combo gets you a fullstack solution in very little code. Server, Client, bundling and HMR 👌 had to record a little video showing the setup

Wes Bos

103,552 Aufrufe • vor 7 Monaten

CVE 2020-14882: WebLogic Server Unauthenticated RCE via GET request Credit:
0:36

CVE 2020-14882: WebLogic Server Unauthenticated RCE via GET request Credit:

Dark Web Informer - Cyber Threat Intelligence

13,926 Aufrufe • vor 1 Jahr

🔥MAJOR MILESTONE: PI NETWORK ACTIVATES TESTNET RPC SERVER FOR SMART CONTRACTS Pi Network (Pi Network) has officially launched an RPC server on its Testnet, marking a major milestone toward full programmability. This infrastructure allows developers to simulate, test, and deploy smart contracts within the Pi ecosystem for the first time. This technical update signals a shift from a closed mobile community toward a functional, utility-driven Layer 1 network.
0:30

🔥MAJOR MILESTONE: PI NETWORK ACTIVATES TESTNET RPC SERVER FOR SMART CONTRACTS Pi Network (Pi Network) has officially launched an RPC server on its Testnet, marking a major milestone toward full programmability. This infrastructure allows developers to simulate, test, and deploy smart contracts within the Pi ecosystem for the first time. This technical update signals a shift from a closed mobile community toward a functional, utility-driven Layer 1 network.

BSCN

22,919 Aufrufe • vor 2 Monaten

⚠️ We’ve reproduced CVE-2025-49113 in Roundcube. This vulnerability allows authenticated users to execute arbitrary commands via PHP object deserialization. If you're running Roundcube — update immediately!
0:29

⚠️ We’ve reproduced CVE-2025-49113 in Roundcube. This vulnerability allows authenticated users to execute arbitrary commands via PHP object deserialization. If you're running Roundcube — update immediately!

PT SWARM

49,934 Aufrufe • vor 1 Jahr

CVE-2025-24071: Microsoft Windows File Explorer Spoofing Vulnerability Check out the new security vulnerability I discovered in Windows, which I believe is potentially being sold in the wild. (fixed patch tuesday) Blog post: PoC:
0:46

CVE-2025-24071: Microsoft Windows File Explorer Spoofing Vulnerability Check out the new security vulnerability I discovered in Windows, which I believe is potentially being sold in the wild. (fixed patch tuesday) Blog post: PoC:

0x6rss

45,616 Aufrufe • vor 1 Jahr

CVE-2023-23397 Exploiting CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability. Details: #infosec #CyberSecurity #Pentesting #redteam
0:56

CVE-2023-23397 Exploiting CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability. Details: #infosec #CyberSecurity #Pentesting #redteam

HackGit

39,726 Aufrufe • vor 3 Jahren

Say hello to Eternal Tux🐧, a 0-click RCE exploit against the Linux kernel from KSMBD N-Days (CVE-2023-52440 & CVE-2023-4130) Cheers to Pumpkin 🎃 for finding these CVEs + the OffensiveCon talk from gteissier & Quentin Minster Picavet for inspiration!
1:13

Say hello to Eternal Tux🐧, a 0-click RCE exploit against the Linux kernel from KSMBD N-Days (CVE-2023-52440 & CVE-2023-4130) Cheers to Pumpkin 🎃 for finding these CVEs + the OffensiveCon talk from gteissier & Quentin Minster Picavet for inspiration!

Crusaders of Rust

81,655 Aufrufe • vor 9 Monaten

CVE-2023-22518 - Improper Authorization Vulnerability In Confluence Data Center and Server Don’t use and never use this vulnerability lightly,because it is a master of data cleaning
1:13

CVE-2023-22518 - Improper Authorization Vulnerability In Confluence Data Center and Server Don’t use and never use this vulnerability lightly,because it is a master of data cleaning

ShimizuKawasaki

97,359 Aufrufe • vor 2 Jahren

‼️ CVE-2026-22812: OpenCode v1.0.216 - Unauthenticated RCE CVSS: 8.8 CVE Published: January 12th, 2026 PoC/Exploit: Advisory/PoC: Original Post:
3:47

‼️ CVE-2026-22812: OpenCode v1.0.216 - Unauthenticated RCE CVSS: 8.8 CVE Published: January 12th, 2026 PoC/Exploit: Advisory/PoC: Original Post:

Dark Web Informer

28,847 Aufrufe • vor 4 Monaten

Every 3rd website you visit runs Nginx. 18,959,833 of them can be hijacked right now. A bug from 2008 just got a working exploit. CVE-2026-42945 (CVSS 9.2) No login. No access. Just one HTTP request. → Heap overflow → Worker process → RCE Patch ASAP to Nginx 1.31.0 or 1.30.1 PoC is already out:
0:36

Every 3rd website you visit runs Nginx. 18,959,833 of them can be hijacked right now. A bug from 2008 just got a working exploit. CVE-2026-42945 (CVSS 9.2) No login. No access. Just one HTTP request. → Heap overflow → Worker process → RCE Patch ASAP to Nginx 1.31.0 or 1.30.1 PoC is already out:

Het Mehta

151,796 Aufrufe • vor 1 Monat

🚨POC RELEASED🚨PoC for SQL Injection leads to RCE in Wordpress released (CVE-2024-27956). #Clearnet #DarkWebInformer #DarkWeb #Exploit #Cyberattack #Cybercrime #Wordpress #Infosec #CTI #CVE202427956 #Vulnerability
1:06

🚨POC RELEASED🚨PoC for SQL Injection leads to RCE in Wordpress released (CVE-2024-27956). #Clearnet #DarkWebInformer #DarkWeb #Exploit #Cyberattack #Cybercrime #Wordpress #Infosec #CTI #CVE202427956 #Vulnerability

Dark Web Informer

51,367 Aufrufe • vor 2 Jahren

The first hidden-service RPC on the Anyone Network. See this complete demo of using a fully anonymous RPC with the Rabby Wallet wallet on Sepolia. Your IP, location and metadata are masked by an Anyone circuit, while the RPC host itself is undetectable. Complete freedom and censorship resistance for Ethereum transactions. Protected by Anyone.
0:34

The first hidden-service RPC on the Anyone Network. See this complete demo of using a fully anonymous RPC with the Rabby Wallet wallet on Sepolia. Your IP, location and metadata are masked by an Anyone circuit, while the RPC host itself is undetectable. Complete freedom and censorship resistance for Ethereum transactions. Protected by Anyone.

ANyONe Protocol

127,897 Aufrufe • vor 7 Monaten

Monad is fast. Monad with shMonad RPC is really fast. Now, you can experience even more speed on Monad with MetaMask. Follow our tutorial to set up shMonad RPC in your MetaMask wallet:
3:52

Monad is fast. Monad with shMonad RPC is really fast. Now, you can experience even more speed on Monad with MetaMask. Follow our tutorial to set up shMonad RPC in your MetaMask wallet:

FastLane Labs

17,041 Aufrufe • vor 11 Monaten

"A Vulnerability to Hack The World" - CVE-2023-4863 The start of a mini series digging into the recent WebP vulnerability. In this first episode, we explore huffman tables!
17:59

"A Vulnerability to Hack The World" - CVE-2023-4863 The start of a mini series digging into the recent WebP vulnerability. In this first episode, we explore huffman tables!

LiveOverflow 🔴

44,787 Aufrufe • vor 2 Jahren

Rce -> uaf 26.4 down better variant of cve-2026-20637 unpatched
0:42

Rce -> uaf 26.4 down better variant of cve-2026-20637 unpatched

zip

19,034 Aufrufe • vor 1 Monat

🚨 Security Bug Alert: Randhir Jaiswal Indian Diplomacy Found a critical business logic vulnerability in the e-Visa portal. The system relies on client-side device clock to validate the mandatory 4-day travel buffer. By simply changing a phone's system date, the restriction can be completely bypassed, allowing next-day travel applications. Please look into this
1:16

🚨 Security Bug Alert: Randhir Jaiswal Indian Diplomacy Found a critical business logic vulnerability in the e-Visa portal. The system relies on client-side device clock to validate the mandatory 4-day travel buffer. By simply changing a phone's system date, the restriction can be completely bypassed, allowing next-day travel applications. Please look into this

abhishek

114,355 Aufrufe • vor 6 Tagen