正在加载视频...

视频加载失败

返回首页

Exploiting llama.cpp’s RPC Server - From Null Buffer to RCE Against PIE + Full RELRO + NX | CVE-2026-34159: The vulnerability is a one-line logic bug in the RPC server’s tensor deserialization pipeline. Youtube: Blog:

NullSecurityX's profile picture

NullSecurityX

11,808 subscribers

19,539 次观看 • 1 个月前 •via X (Twitter)

LIVE

Anya Rossi• Live Now

Private livecam show

0 条评论

暂无评论

原始帖子的评论将显示在这里

相关视频

Zero Click Unauthenticated RCE in n8n (CVE-2026-27493) The chain exploitation method is: Allow User input SSTI exploitation e.g. {{7*7}} ={{$node["NodeName"].constructor.constructor('return process.mainModule.require("child_process").execSync("id ").toString()')()}}
1:23

Zero Click Unauthenticated RCE in n8n (CVE-2026-27493) The chain exploitation method is: Allow User input SSTI exploitation e.g. {{7*7}} ={{$node["NodeName"].constructor.constructor('return process.mainModule.require("child_process").execSync("id ").toString()')()}}

NullSecurityX

36,718 次观看 • 2 个月前

So here is new local privilege escalation zero-day I discovered, not patched yet too :). In simple terms, if you have a service like RDP that exposes an RPC server, there many system services running as SYSTEM connect to it as RPC clients. If that service is turned off (RDP is off by default), it seems that any other process in Windows can expose the same RPC server using the same endpoint. Now all the RPC calls from that SYSTEM processes will come to this fake server and If the process that deployed the server has SeImpersonatePrivilege, it can escalate to SYSTEM by impersonate the RPC client. In the white paper below, I describe five exploit paths you can abuse. However it's architecture problem and maybe there are more. It's Not A Potato
1:49

So here is new local privilege escalation zero-day I discovered, not patched yet too :). In simple terms, if you have a service like RDP that exposes an RPC server, there many system services running as SYSTEM connect to it as RPC clients. If that service is turned off (RDP is off by default), it seems that any other process in Windows can expose the same RPC server using the same endpoint. Now all the RPC calls from that SYSTEM processes will come to this fake server and If the process that deployed the server has SeImpersonatePrivilege, it can escalate to SYSTEM by impersonate the RPC client. In the white paper below, I describe five exploit paths you can abuse. However it's architecture problem and maybe there are more. It's Not A Potato

Haidar

50,652 次观看 • 1 个月前

Exploit PoC Telegram Web app XSS / Session Hijacking 1-click The XSS vulnerability is triggered using the event type web_app_open_link via postMessage. (CVE-2024–33905)
0:31

Exploit PoC Telegram Web app XSS / Session Hijacking 1-click The XSS vulnerability is triggered using the event type web_app_open_link via postMessage. (CVE-2024–33905)

NullSecurityX

93,653 次观看 • 2 个月前

It's the bug of the month for June 2026! CVE-2026-45657 - A CVSS 9.8 vulnerability in Kernel that allows remote, unauthenticated code execution at SYSTEM without user interaction. Yikes!
0:38

It's the bug of the month for June 2026! CVE-2026-45657 - A CVSS 9.8 vulnerability in Kernel that allows remote, unauthenticated code execution at SYSTEM without user interaction. Yikes!

TrendAI Zero Day Initiative

31,835 次观看 • 11 天前

CVE-2026-42530 NGINX RCE
0:27

CVE-2026-42530 NGINX RCE

Clandestine

55,626 次观看 • 2 天前

If you want to be able to call server functions from the client, RPC is often the move. The Bun + Better Call combo gets you a fullstack solution in very little code. Server, Client, bundling and HMR 👌 had to record a little video showing the setup
3:26

If you want to be able to call server functions from the client, RPC is often the move. The Bun + Better Call combo gets you a fullstack solution in very little code. Server, Client, bundling and HMR 👌 had to record a little video showing the setup

Wes Bos

103,552 次观看 • 8 个月前

CVE 2020-14882: WebLogic Server Unauthenticated RCE via GET request Credit:
0:36

CVE 2020-14882: WebLogic Server Unauthenticated RCE via GET request Credit:

Dark Web Informer - Cyber Threat Intelligence

13,926 次观看 • 1 年前

🔥MAJOR MILESTONE: PI NETWORK ACTIVATES TESTNET RPC SERVER FOR SMART CONTRACTS Pi Network (Pi Network) has officially launched an RPC server on its Testnet, marking a major milestone toward full programmability. This infrastructure allows developers to simulate, test, and deploy smart contracts within the Pi ecosystem for the first time. This technical update signals a shift from a closed mobile community toward a functional, utility-driven Layer 1 network.
0:30

🔥MAJOR MILESTONE: PI NETWORK ACTIVATES TESTNET RPC SERVER FOR SMART CONTRACTS Pi Network (Pi Network) has officially launched an RPC server on its Testnet, marking a major milestone toward full programmability. This infrastructure allows developers to simulate, test, and deploy smart contracts within the Pi ecosystem for the first time. This technical update signals a shift from a closed mobile community toward a functional, utility-driven Layer 1 network.

BSCN

22,919 次观看 • 2 个月前

⚠️ We’ve reproduced CVE-2025-49113 in Roundcube. This vulnerability allows authenticated users to execute arbitrary commands via PHP object deserialization. If you're running Roundcube — update immediately!
0:29

⚠️ We’ve reproduced CVE-2025-49113 in Roundcube. This vulnerability allows authenticated users to execute arbitrary commands via PHP object deserialization. If you're running Roundcube — update immediately!

PT SWARM

49,934 次观看 • 1 年前

CVE-2023-23397 Exploiting CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability. Details: #infosec #CyberSecurity #Pentesting #redteam
0:56

CVE-2023-23397 Exploiting CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability. Details: #infosec #CyberSecurity #Pentesting #redteam

HackGit

39,726 次观看 • 3 年前

CVE-2025-24071: Microsoft Windows File Explorer Spoofing Vulnerability Check out the new security vulnerability I discovered in Windows, which I believe is potentially being sold in the wild. (fixed patch tuesday) Blog post: PoC:
0:46

CVE-2025-24071: Microsoft Windows File Explorer Spoofing Vulnerability Check out the new security vulnerability I discovered in Windows, which I believe is potentially being sold in the wild. (fixed patch tuesday) Blog post: PoC:

0x6rss

45,616 次观看 • 1 年前

Say hello to Eternal Tux🐧, a 0-click RCE exploit against the Linux kernel from KSMBD N-Days (CVE-2023-52440 & CVE-2023-4130) Cheers to Pumpkin 🎃 for finding these CVEs + the OffensiveCon talk from gteissier & Quentin Minster Picavet for inspiration!
1:13

Say hello to Eternal Tux🐧, a 0-click RCE exploit against the Linux kernel from KSMBD N-Days (CVE-2023-52440 & CVE-2023-4130) Cheers to Pumpkin 🎃 for finding these CVEs + the OffensiveCon talk from gteissier & Quentin Minster Picavet for inspiration!

Crusaders of Rust

81,655 次观看 • 9 个月前

CVE-2023-22518 - Improper Authorization Vulnerability In Confluence Data Center and Server Don’t use and never use this vulnerability lightly,because it is a master of data cleaning
1:13

CVE-2023-22518 - Improper Authorization Vulnerability In Confluence Data Center and Server Don’t use and never use this vulnerability lightly,because it is a master of data cleaning

ShimizuKawasaki

97,432 次观看 • 2 年前

‼️ CVE-2026-22812: OpenCode v1.0.216 - Unauthenticated RCE CVSS: 8.8 CVE Published: January 12th, 2026 PoC/Exploit: Advisory/PoC: Original Post:
3:47

‼️ CVE-2026-22812: OpenCode v1.0.216 - Unauthenticated RCE CVSS: 8.8 CVE Published: January 12th, 2026 PoC/Exploit: Advisory/PoC: Original Post:

Dark Web Informer

28,847 次观看 • 4 个月前

Every 3rd website you visit runs Nginx. 18,959,833 of them can be hijacked right now. A bug from 2008 just got a working exploit. CVE-2026-42945 (CVSS 9.2) No login. No access. Just one HTTP request. → Heap overflow → Worker process → RCE Patch ASAP to Nginx 1.31.0 or 1.30.1 PoC is already out:
0:36

Every 3rd website you visit runs Nginx. 18,959,833 of them can be hijacked right now. A bug from 2008 just got a working exploit. CVE-2026-42945 (CVSS 9.2) No login. No access. Just one HTTP request. → Heap overflow → Worker process → RCE Patch ASAP to Nginx 1.31.0 or 1.30.1 PoC is already out:

Het Mehta

151,848 次观看 • 1 个月前

🚨POC RELEASED🚨PoC for SQL Injection leads to RCE in Wordpress released (CVE-2024-27956). #Clearnet #DarkWebInformer #DarkWeb #Exploit #Cyberattack #Cybercrime #Wordpress #Infosec #CTI #CVE202427956 #Vulnerability
1:06

🚨POC RELEASED🚨PoC for SQL Injection leads to RCE in Wordpress released (CVE-2024-27956). #Clearnet #DarkWebInformer #DarkWeb #Exploit #Cyberattack #Cybercrime #Wordpress #Infosec #CTI #CVE202427956 #Vulnerability

Dark Web Informer

51,367 次观看 • 2 年前

The first hidden-service RPC on the Anyone Network. See this complete demo of using a fully anonymous RPC with the Rabby Wallet wallet on Sepolia. Your IP, location and metadata are masked by an Anyone circuit, while the RPC host itself is undetectable. Complete freedom and censorship resistance for Ethereum transactions. Protected by Anyone.
0:34

The first hidden-service RPC on the Anyone Network. See this complete demo of using a fully anonymous RPC with the Rabby Wallet wallet on Sepolia. Your IP, location and metadata are masked by an Anyone circuit, while the RPC host itself is undetectable. Complete freedom and censorship resistance for Ethereum transactions. Protected by Anyone.

ANyONe Protocol

127,912 次观看 • 7 个月前

Here goes nginx-quicburst (CVE-2026-42530), a new RCE in Nginx discovered by our security agent VEGA and demonstrated by Nebula Security. This is only the third NGINX vulnerability since 2014 to receive NGINX’s “major” severity rating. If you use Nginx 1.31 with QUIC enabled, we recommend upgrading to the latest version. This bug has been patched in the latest Nginx release. We will publish the technical writeup, including the ASLR bypass, on July 18 together with the previous nginx-poolslip writeup.
0:27

Here goes nginx-quicburst (CVE-2026-42530), a new RCE in Nginx discovered by our security agent VEGA and demonstrated by Nebula Security. This is only the third NGINX vulnerability since 2014 to receive NGINX’s “major” severity rating. If you use Nginx 1.31 with QUIC enabled, we recommend upgrading to the latest version. This bug has been patched in the latest Nginx release. We will publish the technical writeup, including the ASLR bypass, on July 18 together with the previous nginx-poolslip writeup.

Nebula Security

81,852 次观看 • 2 天前

Monad is fast. Monad with shMonad RPC is really fast. Now, you can experience even more speed on Monad with MetaMask. Follow our tutorial to set up shMonad RPC in your MetaMask wallet:
3:52

Monad is fast. Monad with shMonad RPC is really fast. Now, you can experience even more speed on Monad with MetaMask. Follow our tutorial to set up shMonad RPC in your MetaMask wallet:

FastLane Labs

17,041 次观看 • 11 个月前

Rce -> uaf 26.4 down better variant of cve-2026-20637 unpatched
0:42

Rce -> uaf 26.4 down better variant of cve-2026-20637 unpatched

zip

19,149 次观看 • 2 个月前