1SEAL-2026-011
Linux Bluetooth SMP legacy pairing can satisfy BT_SECURITY_HIGH without MITM — CVSS 7.1, CWE-287.
212 public security records across 98 projects
security research in software and hardware trust infrastructure
all research follows coordinated vulnerability disclosure (cvd). public statements reference only published advisories and released fixes.
70
CVEs published
17
GHSAs published
27
researcher-authored security PRs
14
credited upstream fixes
4
authored hardening/testing contributions
80
reported fixes landed publicly
top infrastructure brands in the current portfolio by public footprint include:
Linux
Google
AWS
Microsoft
Meta
OpenSSL
Telegram
Ledger
Docker
GitHub
Hugging Face
PurpleLlama
Signal
Proton
Let's Encrypt
Caddy
Mozilla
Trezor
Decred
Prometheus
OpenTelemetry
HashiCorp
OpenClaw
Sigstore
how findings are found
found via ai-augmented detection pipeline. deterministic proof, human-verified — every finding has reproducible artifacts that maintainers can rerun independently.
no llm in the decision path. detection generates hypotheses; local harness confirms or rejects with canonical/control logs and witness files.
research focus
- trust infrastructure — certificate validation, transparency, signing, update security, attestation, and policy enforcement
- focus — boundary failures in systems that decide what is authentic, authorized, and safe to run across software, cloud, and hardware-backed environments
advisories
detailed technical write-ups for selected findings.
1SEAL-2026-010
two critical out-of-bounds writes in the imported Tiano decompressor — CRITICAL, CWE-787.
critical1SEAL-2026-009
OpenSSL 3.6 stapled OCSP verification can accept unauthorized responders from the peer chain — HIGH, CWE-295.
high1SEAL-2026-008
Telegram iOS Web App bridge exposed to third-party iframes via all-frame injection and missing main-frame validation — CWE-863, CWE-346.
medium1SEAL-2026-007
heap buffer over-read in TL deserialization from operator precedence bug — CVSS 5.3, CWE-125.
medium1SEAL-2026-003
path traversal in git resolver — tenant to cluster-wide secret access. CVSS 9.6, CWE-22.
critical1SEAL-2026-006
ContainerID path traversal in gateway frontend can escape runc executor root — CVSS 8.4, CWE-22.
high1SEAL-2026-001
remote out-of-bounds write in streaming decoder — CVSS 8.1, CWE-787. fixed in v0.6.0.
high1SEAL-2026-002
Name Constraints bypass via CommonName fallback — CVSS 7.4, CWE-295. wildcard + Unicode CN gaps.
high1SEAL-2026-005
signing-path integrity gate bypass via merkle preimage binding break — CWE-825. fixed in commit 0586ab2.
highCVEs
F-SIG-036-001
cvss 5.5 · patched in cosign v2.6.2, v3.0.4
patchedF-SIG-038-001
cvss 5.3 · patched in rekor 1.5.0
patchedF-REKOR-SSRF-001
cvss 5.3 · patched in rekor 1.5.0
patchedF-COSIGN-001-003
cvss 3.7 · patched in cosign 3.0.5
patchedF-SIGSTORE-005
cvss 5.8 · patched in sigstore 1.10.4
patchedF-TUF-003
cvss 5.9 · patched in go-tuf/v2 2.3.1
patchedF-TUF-001
cvss 5.9 · patched in go-tuf/v2 2.3.1
patchedF-TUF-008
cvss 8.1 · patched in go-tuf/v2 2.4.1
patchedF-MALCONTENT-003
cvss 6.5 · patched in malcontent 1.20.3
patchedF-MALCONTENT-001
cvss 5.5 · patched in malcontent 1.20.3
patchedF-APKO-001
cvss 7.5 · patched in apko (commit d8b7887)
patchedF-APKO-007
cvss 7.5 · patched in apko (commit 2be3903)
patchedF-APKO-003
cvss 5.5 · patched in apko v1.1.0 · unbounded resource consumption in expandapk.Split · credit: reporter: @1seal
patchedF-MELANGE-001
cvss 7.9 · patched in melange (commit e51ca30c)
patchedF-MELANGE-005
cvss 8.2 · patched in melange (commit 6e243d0d)
patchedF-MELANGE-007
cvss 7.8 · patched in melange (commit bd132535)
patchedF-MELANGE-006
cvss 5.5 · patched in melange (commit 2f95c9f)
patchedF-CERTMGR-DNS-001
cvss 5.9 · patched in cert-manager v1.18.5, v1.19.3
patchedF-TRIVY-ACTION-001
cvss 5.9 · patched in trivy-action >= 0.34.0
patchedF-CADDY-ADMIN-LOAD-001
patched in caddy v2.11.0
patchedF-SEALED-SECRETS-ROTATE-SCOPE-001
cvss 4.9 · patched in sealed-secrets v0.36.0
patchedF-TRAEFIK-003
cvss 7.5 · unpatched
unpatchedF-TRAEFIK-004
cvss 7.5 · unpatched
unpatchedF-TRAEFIK-006
cvss 8.7 · patched in v3.6.10
patchedF-NIMIQ-HISTORYINDEX-PANIC-001
cvss 5.3 · patched in nimiq-blockchain v1.3.0 · GHSA-xr78-2jhh-9wf9 · credit: finder: @1seal
patched1SEAL-2026-006
cvss 8.4 · patched in v0.28.1+
patchedF-PYCA-CRYPTOGRAPHY-NAMECONSTRAINTS-WILDCARD-001
patched in >= 46.0.6 · inferred mapping · credit: Reporter: 1seal
patchedF-OPENCLAW-001
cvss 7.1 · patched in openclaw >= 2026.2.14
patchedF-ZOT-AUTHZ-001
cvss 7.7 · unpatched
unpatchedF-ISTIO-JWKS-002
cvss 8.7 · patched in 1.29.1, 1.28.5, 1.27.8 · credit: reported by 1seal (ISTIO-SECURITY-2026-001)
patchedF-ISTIO-XDSDEBUG-002
cvss 6.9 · patched in 1.29.1, 1.28.5, 1.27.8 · credit: reported by 1seal (ISTIO-SECURITY-2026-001)
patchedF-MALCONTENT-010
patched in malcontent v1.21.0
patched1SEAL-2026-003
cvss 9.6 · patched in v1.0.1, v1.3.3, v1.6.1, v1.9.2, v1.10.2
patchedF-WOLFSSL-ALPN-001
cvss 7.5 · patched in wolfSSL 5.9.0 · credit: thanks to Oleh Konko (1seal) for the report (wolfSSL v5.9.0-stable release note)
patchedF-WOLFSSL-ECH-001
cvss 8.3 · patched in wolfSSL 5.9.0 · credit: thanks to Oleh Konko (1seal) for testing (wolfSSL v5.9.0-stable release note)
patchedF-WOLFSSL-NC-URI-001
cvss 7.0 · patched in wolfSSL 5.9.1 · GHSA-9xmr-c663-3rpr · fixed in PR 10048 · credit: finder: Oleh Konko @1seal (wolfSSL CNA / v5.9.1-stable release note)
patchedF-TEKTON-PANIC-001
cvss 6.5 · unpatched · credit: reporter: @1seal
unpatchedF-TEKTON-REGEX-001
cvss 6.5 · unpatched · credit: reporter: @1seal
unpatchedF-NIMIQ-TENDERMINT-001
cvss 7.1 · patched in nimiq-blockchain v1.2.2
patchedF-NIMIQ-INTERLINK-001
cvss 4.9 · patched in nimiq-blockchain v1.3.0 · credit: finder: @1seal
patchedF-NIMIQ-ROGUEKEY-001
cvss 6.8 · patched in v1.3.0 · credit: finder: @1seal
patchedF-NIMIQ-HISTORYPROOF-PANIC-001
cvss 3.1 · patched in v1.3.0 · credit: finder: @1seal
patchedF-NIMIQ-HISTORYSYNC-PANIC-001
cvss 5.3 · patched in v1.3.0 · credit: finder: @1seal
patchedF-NIMIQ-VALIDATORSKEY-PANIC-001
cvss 7.5 · patched in v1.3.0 · credit: finder: @1seal
patchedF-NIMIQ-VESTING-MINCAP-UNDERFLOW-001
cvss 5.3 · patched in v1.3.0 · credit: finder: @1seal
patchedF-NIMIQ-SKIPBLOCK-QUORUMBYPASS-001
cvss 9.6 · patched in v1.3.0 · credit: finder: @1seal
patchedF-CHAINGUARD-FORKS-KANIKO-AG5-001
cvss 8.2 · unpatched
unpatchedF-MELANGE-003
cvss 4.3 · unpatched
unpatchedF-MELANGE-008
cvss 6.1 · patched in melange v0.43.4 · GHSA-98f2-w9h9-7fp9 · external pipeline resolver path traversal · credit: reporter: @1seal
patchedF-MELANGE-004
cvss 4.4 · patched in melange v0.43.4 · GHSA-q2pw-xx38-p64j · --persist-lint-results path traversal · credit: reporter: @1seal
patchedF-VSCODE-MCP-001
patched in VS Code 1.109.1 · GHSA-6xq8-9qf3-p6qv · metadata correction requested
patchedCVE-2026-26287
cvss 7.1 · patched in external-secrets v1.3.2 · GHSA-q7hv-xx6h-q2x8 · metadata correction requested · credit: reporter: @1seal
patchedF-QEMU-001-001
patched in upstream commit 4f28b87fdd24 · public Red Hat CVE record; upstream fix commit 4f28b87fdd24df2049626106b7c24d0180952115 · credit: Reported-by: Oleh Konko <https://github.com/1seal>
patchedF-MOBY-001-001
cvss 8.8 · unpatched · GHSA-x744-4wpc-v9h2 · credit: 1seal / Oleh Konko (@1seal)
unpatchedF-DIST-PROXY-SSRF-001
cvss 7.5 · unpatched · GHSA-3p65-76g6-3w7r
unpatchedF-DIST-REDIS-REVIVAL-001
cvss 7.5 · unpatched · GHSA-f2g3-hh2r-cwgc
unpatchedF-OTELGO-001
cvss 7.5 · unpatched · GHSA-mh2q-q3fh-2475
unpatchedF-OTELGO-002
cvss 6.5 · unpatched · GHSA-w8rr-5gcm-pp58
unpatchedF-OTELGO-002
cvss 5.3 · patched in 1.15.2 · GHSA-q834-8qmm-v933 · surfaced during investigation of GHSA-w8rr-5gcm-pp58 · credit: reporter: @1seal
patchedF-GO-X509-WILDCARD-CASE-001
cvss 8.1 · patched in go1.26.2 · GHSA-fv83-x2xw-2j55 · credit: public credit to @1seal in golang/go#78332
patchedF-HELM-UNTAR-ROOT-COLLAPSE-001
cvss 4.8 · patched in 3.20.2, 4.1.4 · GHSA-hr2v-4r36-88hr · credit: Oleh Konko (@1seal)
patchedF-SMALLSTEP-AK-EKU-001
cvss 3.7 · patched in v0.30.0 · GHSA-9qq8-cgcv-qmc9 · credit: Oleh Konko (@1seal)
patchedF-NIMIQ-PROPOSAL-001
cvss 7.5 · patched in v1.3.0 · GHSA-g99c-h7j7-rfhv · credit: finder: @1seal
patchedF-NIMIQ-MACROCHAIN-001
cvss 5.3 · patched in v1.3.0 · GHSA-48m6-486p-9j8p · credit: finder: @1seal
patchedF-KYVERNO-APICALL-001
cvss 8.1 · patched in 1.16.4 · GHSA-q93q-v844-jrqp · credit: reporter: @1seal
patchedF-VAULT-AUTHZ-BEARER-TOKEN-LEAK-001
cvss 7.5 · patched in 2.0.0, 1.21.5, 1.20.10, 1.19.16 · Vault token leaked to auth plugin backends via Authorization: Bearer passthrough header · credit: identified and reported by Oleh Konko of 1seal (HCSEC-2026-07)
patchedF-KEYCLOAK-SAML-001
patched in 26.2.14, 26.4.10, 26.5.5 · cvss tbd · GHSA-wmxr-6j5f-838p · metadata correction requested
patchedF-AWS-ENCRYPTION-SDK-PYTHON-001
cvss 6.8 · patched in 3.3.1, 4.0.5 · GHSA-v638-38fc-rhfv · AWS-2026-017 · credit: acknowledgement: 1seal.org
patchedF-AWS-TOUGH-001
cvss 5.3 · patched in tough 0.22.0, tuftool 0.15.0 · GHSA-8m7c-8m39-rv4x · signature threshold bypass in delegated roles · credit: reporter: @1seal; acknowledgement: Oleh Konko of 1seal
patchedF-AWS-TOUGH-002 / F-AWS-TOUGH-003 / F-AWS-TOUGH-004 / F-AWS-TOUGH-005
cvss 5.9 · patched in tough 0.22.0, tuftool 0.15.0 · GHSA-4v58-8p28-2rq3 · missing expiration, hash, and length enforcement in delegated metadata validation; includes the local metadata cache poisoning variant tracked as F-AWS-TOUGH-005 · credit: reporter: @1seal; acknowledgement: Oleh Konko of 1seal
patchedF-AWS-TOUGH-007 / F-AWS-TOUGH-008 / F-AWS-TOUGH-009
cvss 5.9 · patched in tough 0.22.0, tuftool 0.15.0 · GHSA-v57p-gppj-p9vg · multiple path traversal variants in tough write paths · credit: reporter: @1seal; acknowledgement: Oleh Konko of 1seal
patchedGHSAs published
published security advisories without a known cve id.
F-APKO-SYMLINK-001
cvss 7.5 · patched in apko v1.2.5 · symlink-following path traversal in apko dirFS · credit: reporter: @1seal
patchedF-APKO-002
cvss 6.5 · patched in apko v1.2.7 · panic on non-RSA JWKS key in apko DiscoverKeys · credit: reporter: @1seal
patchedF-APKO-CHECKSUM-001
cvss 7.5 · patched in apko v1.2.7 · downloaded APK packages are not verified against APKINDEX checksum · credit: reporter: @1seal
patched1SEAL-2026-002
patched
patched1SEAL-2026-002
patched
patchedF-AUTHZED-SPICEDB-001
patched in spicedb v1.49.1
patchedF-RUSTLS-WEBPKI-001
cvss 4.4 · patched in 0.104.0-alpha.5, 0.103.10
patchedF-RUSTLS-WEBPKI-NAMECONSTRAINTS-URI-001
cvss 2.2 · patched in >= 0.103.12, >= 0.104.0-alpha.6 · Name constraints for URI names were incorrectly accepted · credit: reporter: @1seal
patchedF-RUSTLS-WEBPKI-NAMECONSTRAINTS-WILDCARD-001
cvss 2.2 · patched in >= 0.103.12, >= 0.104.0-alpha.6 · Name constraints were accepted for certificates asserting a wildcard name · credit: reporter: @1seal
patchedF-NIMIQ-REQRES-INBOUNDLEAK-001
cvss 0.0 · patched in nimiq-network-libp2p v1.3.0 · credit: finder: @1seal
patchedF-NIMIQ-DISCOVERY-TIMESTAMP-POISON-001
patched in v1.3.0 · credit: finder: @1seal
patchedF-ISTIO-JWKS-001
cvss 5.0 · patched in 1.29.2, 1.28.6 · SSRF via RequestAuthentication jwksUri · credit: reporter: @1seal
patchedF-MALCONTENT-006
cvss 5.3 · patched in malcontent v1.21.0 · primary mapping; advisory text matches the late-defer/resource-leak fix train
patchedF-HEADSCALE-001-001
cvss 7.5 · patched in commit 4d427cfe2af6
patchedF-ARGOPROJ-001
cvss 7.5 · unpatched · GHSA-3qj8-j43p-8q82 · metadata correction requested · fix status unconfirmed
unpatchedF-UEFI-FIRMWARE-TIANO-READCLEN-OOBW-003
cvss 9.8 · patched in 1.13 · PR #145 · fix commit bf3dfaa8a05675bae6ea0cbfa082ddcebfcde23e · credit: reporter: @1seal
patchedF-UEFI-FIRMWARE-TIANO-MAKETABLE-OOBW-002
cvss 9.8 · patched in 1.13 · PR #145 · fix commit bf3dfaa8a05675bae6ea0cbfa082ddcebfcde23e · credit: reporter: @1seal
patchedresearcher-authored security PRs
public security PRs opened and authored by the researcher: vulnerability fixes and security hardening.
caddyserver/website #529
security hardening — docs: clarify file_server hide case-sensitivity · why: documents that hide comparisons are case-sensitive; on case-insensitive filesystems, differently-cased request paths may still resolve to the same on-disk path, so hide should not be treated as a security boundary for sensitive paths. · submitted 2026-03-04
mergedgoogle/certificate-transparency-go #1754
security hardening — Cap request body size in submission proxy · why: caps request body size in the submission proxy to reduce resource exhaustion / DoS risk. · submitted 2026-01-26
mergedgoharbor/website #706
security hardening — docs: clarify proxy cache trust boundary for upstream token-service discovery · why: clarifies the proxy cache trust boundary to reduce the risk of misconfiguration around token-service discovery. · submitted 2026-01-31
mergedcaddyserver/caddy #7469
security hardening — acmeserver: warn when policy rules unset · why: mitigates policy misconfiguration risk by warning when policy rules are unset. · submitted 2026-02-11
mergedcaddyserver/certmagic #378
security fix (no cve assigned) — More validation of delegated OCSP responders · why: rejects forged Good OCSP responses signed by same-issuer responder certificates that lack delegated OCSPSigning authorization under RFC 6960 section 4.2.2.2. · submitted 2026-04-20
opengoogle/certificate-transparency-go #1755
security hardening — set explicit http server timeouts · why: prevents hangs via slow-client / slowloris-style connections. · patched in v1.3.3 · submitted 2026-01-31
mergedsigstore/cosign #4652
security fix (no cve assigned) — remote crash in rekor response handling via unsafe e.body.(string) type assertion · why: prevents remote crash via malformed rekor responses. · submitted 2026-01-20
mergedsigstore/cosign #4651
security fix (no cve assigned) — remote crash in policy evaluation via unsafe attestation payload type assertion · why: prevents remote crash via malformed attestation payloads. · submitted 2026-01-20
mergedsigstore/sigstore-go #567
security fix (no cve assigned) — bundle parsing dos via unbounded tlogentries · why: mitigates resource exhaustion via unbounded tlogentries. · submitted 2026-01-17
mergedsigstore/sigstore-go #566
security fix (no cve assigned) — nil pointer dereference in publickey() via malformed pem · why: prevents crash on malformed pem input. · submitted 2026-01-17
mergedsigstore/cosign #4649
security fix (no cve assigned) — remote crash in online tlog verification via nil pointer dereference in verifytlogentryoffline · why: prevents remote crash in online tlog verification. · submitted 2026-01-17
mergedsigstore/timestamp-authority #1277
security fix (no cve assigned) — timestamp response verification accepts revoked tsa certificate (no crl/ocsp checking) · why: prevents accepting revoked tsa certificates (crl/ocsp). · submitted 2026-01-10
mergedsigstore/timestamp-authority #1276
security hardening — ntp drift does not gate timestamp issuance · why: mitigates time manipulation risk via excessive ntp drift. · submitted 2026-01-10
mergedsigstore/sigstore-go #562
security fix (no cve assigned) — tlog entry validation fail-open (rekor v2 protojson parsing) · why: prevents fail-open behavior on malformed tlog entries. · submitted 2026-01-10
mergedsigstore/sigstore-go #558
security fix (no cve assigned) — certificate identity regex not auto-anchored enables identity policy bypass · why: prevents identity policy bypass via unanchored regex matching. · submitted 2026-01-10
mergedsigstore/policy-controller #1923
security fix (no cve assigned) — tlog verification disabled by empty ctlog URL · why: prevents disabling tlog verification via empty ctlog URL. · submitted 2026-01-10
mergedsigstore/cosign #4642
security fix (no cve assigned) — rfc3161 timestamp verification accepts revoked tsa certificate (no crl/ocsp checking) · why: prevents accepting revoked tsa certificates (crl/ocsp). · submitted 2026-01-10
mergedprometheus/prometheus #17969
security hardening — security hardening: relabel perf/dos guard · why: reduces resource-exhaustion surface in relabel processing.
mergedtheupdateframework/python-tuf #2903
security hardening — feat(ngclient): require explicit bootstrap argument · why: prevents accidental insecure bootstrap behavior by requiring explicit bootstrap intent. · submitted 2026-01-25
mergedopenssl/openssl #30319
security fix (no cve assigned) — fix OSSL_parse_url userinfo scan to respect authority boundary · why: prevents URI authority confusion when certificate verification reuses parsed hosts for nameConstraints decisions. · submitted 2026-03-09
applied upstreamopenssl/openssl #30323
security fix (no cve assigned) — x509: reject unauthorized stapled OCSP response signers · why: prevents accepting stapled OCSP responses signed by unauthorized responder certificates. · submitted 2026-03-09
applied upstreamopenssl/openssl #30329
security fix (no cve assigned) — Forbid GEN_OTHERNAME SMTP UTF8 email name constraints. · why: rejects SMTPUTF8 mailbox name constraints encoded as GEN_OTHERNAME to avoid ambiguous email name-constraint handling. · submitted 2026-03-09
opengetsops/sops #2155
security fix (no cve assigned) — sops exec-file: improve error handling, reject non-local paths in `--filename` · why: rejects non-local exec-file output paths so decrypted plaintext cannot escape the temp dir and persist outside the cleanup boundary. · submitted 2026-02-04
openhashicorp/vault #31828
opened PR — pki/acme: reject unsafe validation targets during challenge verification · why: hardens ACME validation so HTTP-01 and TLS-ALPN-01 challenge dials reject loopback, link-local, unspecified, multicast, and similar unsafe targets before outbound connections. public PR #31828 was opened from the reporter branch, approved by the Vault maintainer, and copied into vault-enterprise #12959, which merged on 2026-03-12. · submitted 2026-01-31
enterprise mergedwolfSSL/wolfssl #10239
security fix (no cve assigned) — reject crls with unrecognized critical extensions · why: rejects CRLs with unrecognized critical extensions per RFC 5280 section 5.2 instead of silently accepting a revocation scope-bypass condition. · submitted 2026-04-15
openaws/aws-nitro-enclaves-sdk-c #167
security fix (no cve assigned) — cms: Reject AES-256-CBC IV with invalid length · why: rejects malformed CMS AES-256-CBC IV lengths before decryption so short IV buffers cannot reach EVP_DecryptInit_ex unchecked. · submitted 2026-03-30
mergedcilium/cilium #44772
security hardening — Add a warning when TLS isn't enabled for Hubble Relay · why: warns that Hubble Relay without TLS exposes sensitive observability data to any reachable in-cluster client outside the intended trust boundary. · credit: Reported by @1seal · submitted 2026-03-13
opencredited upstream fixes
public upstream fixes where the maintainer-side record explicitly credits the report.
open-policy-agent/gatekeeper #4351
fix: enforce timeout on external data provider requests · credit: thanks @1seal for raising the issue
mergedopenssl/openssl #30001
srtpkdf input bounds checking · credit: reported by https://github.com/1seal (merged from #30001)
applied upstreamsigstore/sigstore-go #590
hardening: minimum threshold for withintegratedtimestamps · credit: thanks @1seal for reporting this improvement
mergedletsencrypt/boulder #8641
Don't modify http.DefaultTransport · credit: thanks to Oleh Konko (@1seal) for reporting this issue (comment by @aarongable).
mergedtheopolis/uefi-firmware-parser #145
Apply hardening fixes from upstream Tiano implementation · credit: PR body: "Thank you @1seal for mentioning this!" · note: GHSA-hm2w-vr2p-hq7w published for ReadCLen heap out-of-bounds write.
mergedsigstore/rekor #2755
Type assert the entry bundle when verifying inclusion proof · credit: PR body: "Thanks to @1seal for reporting this."
mergedspiffe/spire
http_challenge SSRF fixed in v1.14.2 and v1.13.4 · credit: Thank you, Oleh Konko (@1seal) for reporting this issue. also credited in v1.13.4 and CHANGELOG.md.
releasedcontainerd/containerd #13189
[release/2.1] update to Go 1.25.9, 1.26.2 · credit: PR body includes @1seal in the upstream Go security credit text for Go 1.25.9 / 1.26.2. · note: merged into release/2.1 on 2026-04-08; merge commit e4244c720f20.
mergedcontainerd/containerd #13190
[release/2.2] update to Go 1.25.9, 1.26.2 · credit: PR body includes @1seal in the upstream Go security credit text for Go 1.25.9 / 1.26.2. · note: merged into release/2.2 on 2026-04-09; merge commit 17847ac84599.
mergedhelm/helm
Helm Chart extraction output directory collapse via Chart.yaml name dot-segment · credit: v4.1.4 release note thanks @1seal among the reporters. · note: GHSA-hr2v-4r36-88hr / CVE-2026-35206 published; fixed in Helm v4.1.4. changelog lists commit 4e7994d44671 for the chart dot-name path bug.
releasedtestcontainers/testcontainers-go #3647
chore: update to Go 1.25.9, 1.26.9 · credit: PR body includes @1seal in the upstream Go security credit text for Go 1.25.9 / 1.26.2. · note: merged into main on 2026-04-09; merge commit 580abf68d440. PR title says 1.26.9, body references Go 1.26.2.
mergedgoogle/go-containerregistry #2255
update to Go 1.26.2 · credit: PR body includes @1seal in the upstream Go security credit text for Go 1.26.2. · note: merged into main on 2026-04-11; merge commit f8be1d442e6f.
mergedrustls/webpki #469
Rewrite constraint matching to avoid permissive catch-all branch · credit: PR description says it addresses an issue privately reported by @1seal. · note: merged into main on 2026-04-13; merge commit 9e1f4822932b. GHSA-pwjx-qhcg-rvj4 already published for the same finding.
mergedwolfSSL/wolfssl #9991
Disallow wildcard partial domains when using MatchDomainName. · credit: PR body says: Thanks to Oleh Konko for the report. · note: merged into master on 2026-03-19; merge commit 679366a5a49f. v5.9.1-stable release note also credits @1seal for the report.
mergedauthored hardening/testing contributions
researcher-authored upstream hardening, testing, and fuzzing contributions outside the main security PR bucket.
chainguard-dev/malcontent #1354
fix: register defers immediately in scan.go
mergedchainguard-dev/malcontent #1355
fix treewide: register more defers immediately
mergedchainguard-dev/malcontent #1356
fix: abstract out cpio operations to helper function
mergedopenssl/fuzz-corpora #32
asn1parse: add small ber/der edge-case seeds · note: closed without github-merge; maintainer applied with tweaked commit message.
applied upstreamreported fixes landed publicly
reported via security contacts or public trackers; fixes landed upstream.
TelegramMessenger/Telegram-iOS
JSON injection in Mini App custom method response enables arbitrary JavaScript execution in WebAppWebView · accepted as LOW, bounty declined. public fix commit 687cefb2914539e2a42d3a10e91fe4ce1c7fbf7f on 2026-02-25 serializes the custom method result through JSONSerialization before sendEvent.
fixed publiclyTelegramMessenger/Telegram-iOS
Non-Constant-Time Message Key Comparison in Secret Chat Decryption Violates Security Guidelines · accepted as LOW, bounty declined. public fix commit 9d33962c013e68dcecd8c26bb23ca232bc52c2a2 on 2026-02-13 replaces direct message-key comparison with constTimeIsEqual.
fixed publiclyTelegramMessenger/Telegram-iOS
WKWebView payment bridge accepts payment_form_submit from untrusted subframes without frame validation · accepted as LOW, bounty declined. public fix commit a8a308d7a6843cb41e4e0e76908e552a4aeb1ee9 on 2026-02-13 switches the payment bridge script to forMainFrameOnly: true.
fixed publiclyTelegramMessenger/Telegram-iOS
Telegram iOS Web App bridge exposed to third-party iframes · public fix commit c5a0ad267cbd2a61a0d4548490f6af5521fa55df in release-12.4. see 1SEAL-2026-008.
fixed publiclyTelegramMessenger/Telegram-iOS
heap buffer over-read in TL deserialization from operator precedence bug · public fix commit 8e9cd79855683efb9a3cbf14a1ecd637cfbf7b54 in release-12.4. see 1SEAL-2026-007.
fixed publiclytorvalds/linux
Bluetooth: hci_event: move wake reason storage into validated event handlers · accepted into bluetooth-next: 3e7e7f4bdbe5. short HCI event frames could reach bacpy() before per-event minimum-length validation.
mergedtorvalds/linux
tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG · accepted upstream in netdev/net: 48a5fe38772b. duplicate or stale GRP_ACK_MSG packets could underflow bc_ackers, wrap to 65535, and leave later group broadcasts congestion-blocked until the group was recreated. stable backports are queued for 5.10-stable, 5.15-stable, 6.1-stable, and 6.6-stable.
mergedtorvalds/linux
Bluetooth: SMP: force responder MITM requirements before building the pairing response · public mainline commits d05111bfe37b and 20756fec2f01 in torvalds/linux. the fix bundle aligns responder pairing policy and legacy STK authentication with actual MITM state. author is publicly listed as Oleh Konko <[email protected]> with Signed-off-by.
mergedmozilla/gecko-dev
WebGPU presentation sizing hardening after integer-overflow report · bug 2018451. public fix 2f8a8fdd43a4 / autoland 67153f39ea54. public case is a hardening fix after report, not a confirmed exploitable security bug.
fixed publiclymozilla/gecko-dev
Push IPC observer path removed after bug 2022681 report · bug 2022681 remains UNCONFIRMED, but the related fix bug 1862090 was resolved FIXED on 2026-03-13 with status-firefox150 = fixed. the patch removed RecvNotifyPushObservers* and the affected push IPC path. Firefox 150 shipped on 2026-04-21, so this surface is already gone in release.
fixed publiclyargoproj/argo-workflows #15466
docs: be explicit about artifact security
mergedtheupdateframework/go-tuf #721
Do not allow empty hashes for the Target role
mergedtraefik/traefik #12642
Validate healthcheck path configuration · merged into v2.11 on 2026-02-10.
mergedtraefik/traefik #12653
Reject absolute URL in healthcheck path configuration · merged into v3.6 on 2026-02-11.
mergedistio/istio #59054
XDS debug endpoints to require authentication · severity: HIGH. emailed 2026-02-02; replied. merged 2026-02-17.
mergedistio/istio #59970
fix cross-namespace access in statusgen xds debug endpoints · follow-up to CVE-2026-31838 / GHSA-974c-2wxh-g4ww; merged 2026-04-23 with release note credit.
mergedaws/s2n-tls #5804
fix: reject certs with literal-IP CN and no SAN · separate public s2n-tls fix for the literal-IP CN and no SAN case. this is not the same public fix chain as F-AWS-LC-NAMECONSTRAINTS-001.
mergedaws/aws-lc
Fix CN fallback handling in name constraints checking · public fix in aws/aws-lc on 2026-03-19 via main commit 2aa522465f69 (#3107) and fips branch commit 35bfa4362e45 (#3108).
fixed publiclyqemu/qemu
hyperv/syndbg: check length returned by cpu_physical_memory_map() · public upstream commit 4f28b87fdd24. appears to address the earlier private report by adding a returned-length check before writing mapped guest memory. Red Hat CVE record published: CVE-2026-3842.
mergedaws/rolesanywhere-credential-helper
pin github actions versions · fixed in the release/signing path on 2026-03-10. public PR merge commit b4207adb8856 via #172, with payload commit 2e5072bf6e88.
fixed publiclyaws/aws-xray-daemon
Fix SHA pinning: use correct SHAs matching original action versions · initial fix landed on 2026-03-12 via 135c99db10b5 (#268), then corrected/finalized on 2026-03-17 via 4abe89b868ba (#269).
fixed publiclyaws/aws-xray-daemon
Pin GitHub Action references to commit SHAs · same public fix chain as F-AWS-XRAY-DAEMON-GHA-002 via 135c99db10b5 and 4abe89b868ba, plus broader hardening on 2026-03-18 via 946763a48ab5 (#270).
fixed publiclyaws/eks-pod-identity-agent
chore: Updating action dependencies to pin to commit sha · fixed in the release workflow on 2026-02-05 via cdb0dd49a89f (#117).
fixed publiclyaws/eks-pod-identity-agent
chore: Pinning aws-actions/configure-aws-credentials to commit sha · follow-up fix for the remaining configure-aws-credentials reference on 2026-02-20 via dcae60b05e53 (#133).
fixed publiclyaws/amazon-cloudwatch-agent
Pin GitHub Actions to commit SHAs · fixed by #2071, merged 2026-04-01, merge commit e360ba430b55.
fixed publiclyaws/karpenter-provider-aws
ci: remove latest from toolchain · fixed by #9038, merged 2026-03-27, merge commit efb5ea52a479.
fixed publiclyawslabs/soci-snapshotter
Fast-fail on incorrect MaxSpanID · fixed by #1916, merged 2026-04-01, merge commit 0a1984bb2ffb.
fixed publiclysmithy-lang/smithy-rs #4584
Update standard FS impl to write files with `0o600` permissions · public fix PR #4584 merged on 2026-03-27. updates unix cache-file writes to owner-only `0o600` permissions; AWS advised no separate advisory will be published.
fixed publiclymeta-llama/PurpleLlama
Fix RCE for canary exploit · public fix commit 48fa920b7ace on 2026-03-11 changes CybersecurityBenchmarks/datasets/canary_exploit/verify_response.py from eval() to ast.literal_eval(). maintainer status confirmation and public credit are still pending.
fixed publiclydenoland/deno #33203
fix(permissions): check deny rules against resolved IPs to prevent numeric hostname bypass · accepted on 2026-03-05. public fix PR #33203 merged on 2026-04-09, and the fix shipped in Deno v2.7.12 on 2026-04-09. internal advisory metadata credits @1seal as reporter, but public credit is not yet confirmed. GHSA id provided in the disclosure thread: GHSA-j65g-6x8f-87c5; the public advisory URL is not currently reachable.
fixed publiclysignalapp/Signal-Desktop
Ignore expireTimerVersion=0 messages · the public fix chain landed in two steps. partial closure began on 2026-03-10 via c4ee32e9ee32, which switched expiration-timer serialization to nullish semantics and stopped dropping zero values. full fix landed on 2026-03-20 via c863dfa66bdf, which added explicit reject logic for version === 0. current mainline v8.10.0-alpha.1 (272465e1b21f, 2026-04-15) contains both changes.
fixed publiclyLedgerHQ/app-ethereum
Fix 'use-after-free' or 'double-free' issues · public fix commit 601c828 landed on 2026-04-01. the first public release confirmed to contain the fix is app-ethereum 1.22.0, released on 2026-04-15.
fixed publiclyLedgerHQ/app-ethereum
Fixed dead condition in EIP-712 calldata filtering code · public fix commit d61639c landed on 2026-03-24. the fix shipped in app-ethereum 1.22.0, released on 2026-04-15.
fixed publiclytelegramdesktop/tdesktop
Fixed path traversal in bulk file download via filename sanitization. · public commit 82f9aa1a2a09 on 2026-03-31 sanitizes document filenames through FileNameFromUserString(...) in the affected bulk-download path.
fixed publiclyDrKLO/Telegram
update to 12.6.2 (6655) · public android commit fb98f157afb3 on 2026-04-05 (12.6.2) adds validateSize(...) checks in the affected Vector.java path and appears to close the reported secret-chat vector-size issue.
fixed publiclytelegramdesktop/tdesktop
More strict checks in ffmpeg decodiing. · public commit eeafe9761409 on 2026-04-07 adds stricter negative-linesize handling in the affected ffmpeg render path.
fixed publiclygoogle/go-attestation
attest: fix uint32 underflow in parseEfiSignatureList · public issue #485, PR #486, merged on 2026-03-06. upstream added the lower-bound validation for malformed EFI_SIGNATURE_LIST parsing in parseEfiSignatureList.
fixed publiclyprotocolbuffers/protobuf
upb: add bounds check to LocalizeRadix() · public fix commit 880f66e17234 on 2026-03-23. commit message states: closes a memory corruption vulnerability. release v34.1 from 2026-03-19 still predates the fix.
fixed publiclynginx/nginx
bare LF accepted in chunked transfer encoding · public fix commit f405ef11fde6 on 2025-12-06, first released in nginx 1.29.4 on 2025-12-09. stable 1.28.x appears unpatched as of 1.28.3 (2026-03-24).
fixed publiclyapache/apisix
feat: make scheme configurable with default set to https · public fix commit f609ea332af7 appears to address the reported issue.
fixed publiclyapache/apisix
chore: set default value of ssl_verify to true · public fix commit dd42b19feb15 appears to address the reported issue.
fixed publiclyaquasecurity/trivy
fix(flag): validate template file extension · public remediation commit 20458b836b71 appears to address the earlier repo-local template/config issue.
fixed publiclysmallstep/certificates
Validate tcg-kp-AIKCertificate EKU · TPM attestation EKU panic. public fix PR #2569, first released in v0.30.0. GHSA-9qq8-cgcv-qmc9 / CVE-2026-40097 published.
fixed publiclysmallstep/certificates
Validate webhooks · request-influenced webhook destination rendering. public fix PR #2570, first released in v0.30.0.
fixed publiclysignalapp/libsignal
jni: Avoid forming &mut when destroying a bridged handle · public fix commit 895b07944839 on 2026-03-13, first released in v0.89.0 on 2026-03-17.
fixed publiclygnupg/gnupg
tool:gpgtar: Check the output directory with --directory. · public commit 7a2692fe5e58 on 2026-03-24 appears to address the reported issue. no public release tag observed.
fixed publiclymoby/moby
pkg/authz: Reject requests exceeding body size limit · public fix commit 7a767b27fd12 appears to address the reported issue. GHSA-x744-4wpc-v9h2 / CVE-2026-34040 published with credit to 1seal / Oleh Konko.
fixed publiclydecred/dcrd
rpcserver: Ensure limited user is always limited · public master fix commit 2d6b77049f1c on 2026-03-10. backported to release-v2.1 in 771100562a83 on 2026-04-06 and released in v1.10.6 on 2026-04-07. changes the old auth check so limited-only access is no longer bypassed when admin auth is unset.
fixed publiclydecred/dcrwallet
jsonrpc: Fix bugs in authenticate RPC. · public fix PR #2617 merged on 2026-04-06. closes fail-open handling in the authenticate RPC path where ParseParams and the cmd type assertion could incorrectly treat bad credentials as not invalid.
fixed publiclyProtonMail/WebClients
sanitize iframe bodyClasses and bodyStyles in getIframeHtml · public fix merge c65861cab0a3 on 2026-03-31. first released in [email protected] on 2026-04-02; live mail.proton.me was observed on [email protected] as of 2026-04-23, and that tag contains the fix. fixes raw interpolation in getIframeHtml by html-encoding bodyClasses/bodyStyles before attribute insertion.
fixed publiclyhuggingface/datasets
Don't extract bad files · public fix commit 1bd0a5c087b7 appears to address the reported issue.
fixed publiclygoogle/boringssl
crypto/x509: Fix interaction of DNS exclude constraints with wildcard DNS names. · excluded dNSName wildcard SAN bypass. accepted via Google OSS VRP; public fix commit 5774eca6004e on 2026-03-04 updates nc_dns wildcard handling. no reward panel opened.
fixed publiclytrezor/trezor-firmware
chore(core): improve handling of large messages · public fix commit 15975901acf6 on 2026-03-20 adds the missing `if buffer is None: return False` guard in the THP reassembly path, so oversized payload_length no longer passes as in the vulnerable pin 5ba0333910c1.
fixed publiclytrezor/trezor-suite
feat(suite-desktop-core): add check for path traversal · public fix commit cb76104f1068 on 2026-02-26 canonicalizes paths inside userData through resolvePathInUserDataDir and blocks traversal from the affected metadata IPC path.
fixed publiclytrezor/trezor-firmware
fix(core): use verifiers for translations syscalls · public fix commit 1811d3bb9629 on 2026-02-27. routes translation syscalls through verified wrappers instead of raw implementations.
mergedtrezor/trezor-firmware
fix(core): use verifiers for translations syscalls · public fix commit 1811d3bb9629 on 2026-02-27, plus follow-up a4be04fe6fa0 on 2026-02-27. fixes syscall_dispatch bypass of translations_*__verified wrappers and the translations_read offset issue.
mergedtrezor/trezor-firmware
fix(core): fix jpegdec syscall verifier · public fix commit fb4aa180cf6f on 2026-02-27. adds the missing jpegdec verifier-side input pointer validation.
mergedtrezor/trezor-firmware
fix(crypto): add missing memzero to `ed25519.c` · public fix commit 48db49fa67eb on 2026-02-26. clears extsk on the invalid-nonce early return path in ed25519_cosi_sign.
mergedtrezor/trezor-firmware
fix(crypto): add missing memzero to `cardano.c` · public fix commit 40d4f9027d3b on 2026-02-25. clears extended private key material on hdnode_private_ckd_cardano failure paths.
mergedtrezor/trezor-firmware
fix(crypto): add missing memzero to `ecdsa.c` · public fix commit bddd38b47d92 on 2026-02-26. clears tc_ecdsa_sign_digest secret material on error returns.
mergedtrezor/trezor-firmware
fix(crypto): add missing memzero to `ecdsa.c` · public fix commit bddd38b47d92 on 2026-02-26. closes invalid-key early-return memzero gaps in ecdsa private-key handling.
mergedtrezor/trezor-firmware
fix(crypto): add missing memzero to `bip32.c` · public fix commit 09e55d8c9cb2 on 2026-02-26. clears the NEM AES context key schedule after use.
mergedtrezor/trezor-firmware
fix(rust/trezor-thp): check `payload_len` is not less than `CHECKSUM_LEN` · public fix commit d63fe0e88377 on 2026-02-25. prevents the small-payload underflow in THP fragment reassembly.
mergedtrezor/trezor-firmware
fix(core): fix dma2d syscall verifiers · public fix commit e5c51d5ee4b3 on 2026-02-27. fixes signed-overflow handling in the dma2d syscall verifier macros.
mergedtrezor/trezor-firmware
fix(core): fix syscall set filter verifier · public fix commit f60f535403e6 on 2026-02-27. moves syslog filter validation ahead of strlen-driven access.
mergedtrezor/trezor-firmware
refactor: stellar confirmations · public fix commit 663569c40b60 on 2026-02-24. tightens Stellar payment request confirmation flow so extra operations cannot ride past the displayed confirmation set.
mergedtrezor/trezor-firmware
fix(core): fix bug in multisig verification. · public fix commit ab9b4feaff30 on 2026-01-16. closes an ECDSA multisig verification loop flaw that could permit signature-acceptance bypass.
mergedtrezor/trezor-firmware
fix(core): confirm Ethereum data during its hashing · public fix commit 70c9b0c07748 on 2026-02-14, with follow-up hardening in 73eaef8ccc32 on 2026-03-24 and 0d1d8d12922a on 2026-03-02. brings user-visible calldata confirmation in line with the full hashed stream.
mergedtrezor/trezor-firmware
fix(crypto): Avoid caching uncacheable nodes in bip32.c · public fix commit 26914ff49628 on 2026-02-20. prevents the Stellar derivation path from overflowing the bounded BIP32 cache depth on Trezor One.
mergedtrezor/trezor-firmware
fix(crypto): clean up stack in hdnode_deserialize() · public fix commit 477cbb365a29 on 2026-02-16. clears stack-resident key material in hdnode_deserialize(); the fix is present in public release tags including core/v2.11.0 and legacy/v1.14.1.
mergedtrezor/trezor-suite
feat(connect-webextension): now uses externally_connectable api · public fix commit c84e94b607f3 on 2026-03-12. replaces wildcard postMessage response delivery in the connect popup flow with origin-scoped handling; the change is contained in public trezor-suite tags v26.4.1 and v26.4.2.
mergedtrezor/trezor-suite
feat: enhance OAuth handling with zod validation and update response structure · public fix commit f02a8d4ceca5 on 2026-03-20. enforces state binding in the OAuth request/response flow and is contained in public trezor-suite tags v26.4.1 and v26.4.2.
mergedtrezor/blockbook
enhancement: reject oversized websocket messages · public fix commit f8349fcebcdf on 2026-03-11. adds a websocket read limit to stop unbounded message-driven memory growth.
mergedtrezor/blockbook
enhancement: limit /api/sendtx body size · public fix commit 33b99cc7d440 on 2026-03-11. replaces unbounded request-body handling in /api/sendtx with a size limit.
mergedtrezor/blockbook
fix: add validation for negative ranges · public fix commit 496f8e0f3272 on 2026-02-25. rejects negative From/To ranges before they can reach a recoverable panic path.
mergedtrezor/blockbook
enhancement: avoid template.JSStr · public fix commit e4fdb5ee25a5 on 2026-03-16. removes the template.JSStr path in token detail rendering and adds regression coverage for XSS-safe escaping.
mergedaws/amazon-ecs-agent
Use env variable to read user input when mounting FSx volumes · PR #4934 merged 2026-04-21, merge commit 09f274e0157d. replaces direct argv passing to powershell.exe with env-variable reads in agent/taskresource/fsxwindowsfileserver/fsxwindowsfileserver_windows.go.
mergedaws/amazon-eks-pod-identity-webhook
pinning github action dependencies to commit sha · PR #303 merged 2026-04-13, merge commit 75a29dfa4349. pins .github/workflows/build.yaml third-party actions to immutable commit shas.
mergedawslabs/tough
containment-check for targets_base_url in fetch_target · public code in tough 0.22.0 appears to close this read-side variant even though no separate advisory line was published for it. inferred from public diff 0ba39c5, which adds a containment-check for targets_base_url in fetch_target.
awslabs/tough
compound delegation chain decomposed across CVE-2026-6966 and CVE-2026-6967 · upstream fixed and publicly released on 2026-04-24 in tough 0.22.0 / tuftool 0.15.0. the reported compound chain is publicly decomposed across GHSA-8m7c-8m39-rv4x / CVE-2026-6966 and GHSA-4v58-8p28-2rq3 / CVE-2026-6967 rather than published as a single bundled advisory.
fixed publiclyhistorical public fixes predating report
historical closure notes for cases where public upstream code already contained the fix before the report was sent. excluded from counts.
LedgerHQ/app-plugin-yearn
Updated to use the latest plugin SDK · public repo history shows the issue was already closed before the 2026-02-18 report. commit 1ba98ff, landed on 2023-10-17, already contains the Recipient screen in public code.
fixed before reportLedgerHQ/ledger-live
Farewell 'Device Bridge' in LLD (#2635) · this appears closed in the current public product as a removal/sunset rather than a direct security fix. public ledger-live commit 28fd570 removed websocketBridge.js on 2023-03-14, and dd642a4 followed on 2023-03-16 to fully sunset internal commands. caveat: the original finding referenced the older LedgerHQ/ledger-live-desktop path.
feature removed publiclytdlib/td
public tdlib commit predating submitted bundle · public tdlib commit 9722906f9a0b on 2026-03-02 appears to address the same vector-length check in the reported callsite. because the public change predates the 2026-03-03 bundle email by one day, this is tracked as a historical pre-existing fix rather than a report-driven public remediation.
fixed before reportdisclosure policy
1seal follows coordinated vulnerability disclosure (cvd). findings are reported to maintainers first, with reasonable time for patches before public disclosure.
no testing on production systems with real user data. no trading on non-public vulnerability knowledge. no pressure tactics or threats of disclosure.