trace37

I'm pleased to share that CVE-2026-41238 has been assigned to a Prototype Pollution >> XSS vulnerability I identified in DOMPurify, affecting versions 3.0.1 through 3.3.3. If your web application renders user-supplied HTML, there's a very good chance it relies on DOMPurify. With 24m downloads per week, it's the de facto HTML sanitiser for the JavaScript ecosystem — used across React, Vue, Angular and Node.js applications. Only 10 prior CVEs across 7 years speaks to the quality of the library and the rigour of its maintainers at Cure53. The issue was patched in version 3.4.0. Coordinated disclosure handled through Cure53 — thanks to the team for a smooth process. Full technical writeup and GHSA below. Write-up https://lnkd.in/eKBCxrW8 GHSA https://lnkd.in/e8EMZPqt

Forthcoming: Research Papers & Tooling on Trust Transitions Modern web security stacks are built from components that trust each other's output. Component A processes input and hands it to Component B. Both assume the other enforced the security contract. Neither checks. The vulnerability lives in the gap. This isn't a single bug — it's a vulnerability class. Every new browser API, every framework integration, every sanitizer-to-renderer pipeline creates a new trust transition. There's a systematic methodology to find them. I've been building it. Further papers and open-source tooling will be released in the days and weeks ahead https://lnkd.in/eHfwMFaA Stay tuned.

The Script Tag That Isn't : Speculation Rules Injection (SRI) Injected <script type="speculationrules"> forces Chrome to prerender attacker-chosen pages in a hidden tab, executing JavaScript with the victim's full session cookies. No XSS needed for the injection. https://lnkd.in/eu4U2TSt I've not seen any research or write-ups of this attack vector before - if any of my connections are aware of any prior research, I'd love to see it. Blog post includes a link to a demo lab that illustrates the vulnerability. https://lnkd.in/efbEFWzb

Stored XSS to Account Takeover via Mermaid in API Documentation "DOMPurify runs after Mermaid completes rendering. It sanitises the final SVG output, stripping dangerous attributes. But by this point, the onerror handler has already fired and the external script is loaded" https://lnkd.in/eSSPpkg5

Development of mastermind-ai started in late-2024. The platform evolves with every hunt - in a self-enhancing, self-healing feedback loop. Each engagement exposes a new class of coordination challenge, and each problem drives the next engineering cycle. 187 commits in 8 weeks is the cadence. https://lnkd.in/eY_FRDXn

CVE-2026-33939 has been published based on trace37 research and findings. Denial of Service in Handlebars.js (4.0.0 through 4.7.8), patched in 4.7.9. Handlebars has over 2 million weekly downloads on npm. I discovered that referencing an unregistered decorator in a Handlebars template (e.g. {{*n}}) crashes the Node.js process with an unhandled TypeError. A single malicious request to any endpoint compiling user-supplied templates takes down the server. The root cause: the compiled code calls the result of a property lookup as a function without checking if it exists — something Handlebars already handles correctly for missing helpers, but not for decorators. The maintainer patched it promptly. Full writeup: https://lnkd.in/eBSFyRfS Advisory: https://lnkd.in/eRpWrz39 If you use Handlebars in production, upgrade to 4.7.9. #CVE #security #vulnerability #nodejs #opensource

https://lnkd.in/eeRjjv6b

In addition to the program-focused vulnerability hunting of bug bounty, I've also built a security research platform that hunts for zero-day vulnerabilities in widely-deployed open source HTML sanitisation libraries — the kind of code that protects millions of web applications from cross-site scripting attacks. The project (code-named Fermat) uses evolutionary fuzzing with a differential oracle architecture: mutations are bred across tens of thousands of generations using MAP-Elites and other algorithms, tested against multiple parsing engines simultaneously, and scored by V8 code coverage and behavioural divergence. It's the kind of work where a single novel bypass can have outsized impact across every application that depends on the library. Payloads that survive sanitisation when they shouldn't — where the server-side parser considers them safe but the browser would execute them — score highest and breed forward into the next generation, driving the fuzzer toward the exact boundary where bypasses live. Beyond the tooling, it's reshaped how I think about vulnerability research — less brute force, more strategic exploration of the gap between what a parser expects and what a browser actually does.

A selection of real vulnerabilities discovered and reported to Bug Bounty platforms .. so far... this week - using the mastermind-ai platform. 1. Cross-Site WebSocket Hijacking on Crypto Platform API — Missing Origin Validation Enables Real-Time Transaction Surveillance. Medium (CVSS 5.4) 2. Unauthenticated SSO Customer Domain Enumeration on video technology platform. Medium (CVSS 5.3). 3. Key Scope Bypass: Read-Only API Key Performs All Write Operations on DeFi platform. High (CVSS 7.2) 4. Blind SSRF via Video URL Ingest with Unsanitized Webhook Payload (XSS) Delivery on video technology platform. Medium (CVSS 6.3). All reported under responsible disclosure rules. It is VERY rare to hunt on a private program and not find reportable vulnerabilities on Day 1. Once a year penetration testing is better than no testing at all... but each time you ship new code, you may be shipping new vulnerabilities too.

🤖 trace37 shared recently how they use Caido as a core part of their autonomous hunting platform. Paul Reed, founder of trace37, says it best: > I wanted the proxy to think. Not in a vague “AI-powered” marketing sense, but concretely: a proxy that watches traffic in real-time and generates passive detection rules tailored to the target [...]. A proxy that refines its own detection rules based on which findings turn out to be true positives and which are noise. A proxy that bridges the gap between “I see interesting traffic” and “an AI specialist is already investigating it.” https://lnkd.in/e8S6vd58