The Calysteon Corner

A Guide to the Cyber Galaxy

Blog

Description Post Did I Report This?
Windows NTFS integer underflow enabling kernel privilege escalation (reverse-engineering writeup) CVE-2021-31956 No
Stack exhaustion in Libc posix_spawnp() via an oversized PATH CVE-2025-43295 Yes
Stack buffer overflow in Libc setsourcefilter() via an unvalidated ss_len CVE-2025-43299 Yes
Heap buffer overflow in Libinfo clnt_sperror() CVE-2025-43353 Yes
Static path buffer overflow in rpcgen’s -Y option CVE-2025-43370 Yes
Stack buffer overflow in rpcgen’s get_prog_declaration() CVE-2025-43375 Yes
Remote pre-authentication global buffer overflow in LLDB’s debugserver CVE-2025-43504 Yes
Signed integer overflow to heap corruption in gm4’s frozen state loader CVE-2025-43505 Yes
Out-of-bounds heap read in Safari’s Web Audio resampler CVE-2026-20652 Yes
macOS TCC bypass via custom file-extension ownership CVE-2026-28845 Yes
TOCTOU race in JavaScriptCore’s TypedArray toReversed() and toSorted() CVE-2026-28857 Yes
Out-of-bounds read in otool via a crafted universal binary CVE-2026-28890 Yes
TOCTOU heap buffer overflow in JavaScriptCore’s TypedArray.prototype.with() CVE-2026-28902 Yes
XNU kernel heap information disclosure via uninitialized CMSG padding CVE-2026-43654 Yes
Out-of-bounds heap read in WebKit’s Yarr JIT via a Unicode backreference CVE-2026-43740 Yes