HTB Kobold Write-up: MCPJam RCE to Root

Overview Kobold is a Linux machine that chains an unauthenticated MCPJam Inspector RCE with a PrivateBin template traversal issue and Docker abuse through Arcane. The high-level path was: VHost ...

Jun 23, 2026 Writeups, HackTheBox

HTB WingData Write-up: Wing FTP RCE to Root

Overview WingData is a Linux machine that chains a vulnerable Wing FTP Server instance with weak credential storage and a vulnerable privileged backup restore script. The high-level attack path w...

Jun 22, 2026 Writeups, HackTheBox

Intigriti 0626: Leaking Admin Private Notes with Reflected HTML Injection and XS-Leak

Summary: I solved the Intigriti 0626 challenge by turning a CSP-limited reflected HTML injection in /search into an XS-Leak oracle. The final exploit redirected the admin bot to an attacker-control...

Jun 22, 2026 Writeups, Web Security

Intigriti 0526: Stored XSS via DOM Clobbering in the Testimonial Feed

Summary: I solved the Intigriti 0526 challenge by abusing a DOM clobbering primitive in sanitized testimonial content, turning harmless-looking anchors into a stored XSS chain. Introduction This...

May 27, 2026 Writeups, Web Security

CVE-2026-25645: Insecure Temp File Reuse in Python Requests

Vulnerability Summary: A local attacker with write access to the temporary directory could pre-create a malicious file to be reused by the requests library, leading to an integrity breach. Vulner...

Mar 25, 2026 Vulnerability Research, Python