Assetnote

We've released a high fidelity detection technique for CVE-2026-41940 (cPanel/WHM auth bypass). You can find the research post here: slcyber.io/research-cente… and the tool here: github.com/assetnote/cpan… All other scanners and detection mechanisms so far will lead to false negatives.

Our team reverse engineered the Magento PolyShell pre-auth RCE - actively exploited in the wild. No auth needed to land a PHP webshell. RCE depends on server config, but the file persists regardless. Props to @sansecio for the heads up. slcyber.io/research-cente… @SLCyberSec

Reverse engineering large enterprise apps means wading through hundreds of vendor dependencies. We got tired of it, so we built Hyoketsu to fix it - open source, with a pre-calculated 13GB NuGet + Maven hash database. GitHub: github.com/assetnote/hyok…: slcyber.io/research-cente…

Our security research team created a high fidelity check for the Next.js/RSC RCE (CVE-2025-55182 & CVE-2025-66478). Read more on our blog here: slcyber.io/research-cente…

Our Security Research team discovered a critical vulnerability in Oracle Identity Manager, that leads to RCE without authentication. A patch was released 30 days ago by Oracle (CVE-2025-61757), and we highly recommend applying it. Our research post here: slcyber.io/research-cente…

Our Security Researcher @softpoison_ published his first research post, reverse engineering CVE-2025-54236 (SessionReaper) - a critical unauthenticated RCE in Magento. From understanding @Blaklis_'s original discovery, we wrote up our analysis here: slcyber.io/assetnote-secu…

Our Security Research team presented on Finding Critical Vulnerabilities in Adobe Experience Manager at @BSidesCbr late last month. We’ve published our research detailing the internals of AEM and how we discovered seven CVEs ranging in criticality here: slcyber.io/assetnote-secu….

Earlier this year, our Security Research team discovered a high-risk secondary context path traversal issue in Omnissa Workspace One UEM (CVE-2025-25231). We also developed a chain to RCE on instances in the wild. You can read our detailed research here: slcyber.io/assetnote-secu…

The final research blog from @SLCyberSec's Christmas in July concerns three more critical vulnerabilities that our security researchers have uncovered in Adobe Experience Manager Forms: two paths to RCE and a pre-authentication XXE slcyber.io/assetnote-secu…

Our Security Research team at @SLCyberSec found four vulnerabilities in the quality management platform ETQ Reliance, including a critical Remote Command Execution: slcyber.io/assetnote-secu…

Sometimes, SQL injection is still possible, even when prepared statements are being used. Our researcher @hash_kitten has written up a blog post about a novel technique for SQL Injection in PDO’s prepared statements: slcyber.io/assetnote-secu…

Our Security Research team at @SLCyberSec discovered a pre-authentication RCE vulnerability in Sawtooth Lighthouse Studio (CVE-2025-34300). It affects all versions up to 9.16.14. Read more here: slcyber.io/assetnote-secu…

Continuing @SLCyber’s Christmas in July posts, our Security Research team discovered a pre-authentication NTLM hash disclosure vulnerability in DNN (formerly DotNetNuke), assigned CVE-2025-52488. Read more on our blog here: slcyber.io/assetnote-secu…

For our first Christmas in July research post: How we managed to get persistent XSS on every Adobe Experience Manager Cloud instance three times! slcyber.io/assetnote-secu…

We’re trying to buck the trend of critical vulnerabilities all landing at the end of the year, much to the despair of security professionals! This July, we’ll be publishing a series of vulnerabilities across the month. Stay tuned: slcyber.io/assetnote-secu…

Our team recently used a novel technique to increase the impact of what seemed to be only a blind SSRF. This novel technique involving HTTP redirect loops and incremental status codes led to full HTTP response leakage. Read more on @SLCyberSec blog here: slcyber.io/assetnote-secu…

Our security research team discovered a critical pre-authentication SQL injection vulnerability in Halo ITSM, a popular IT support software, often externally exposed and sensitive: Read more here: slcyber.io/assetnote-secu…

Our security research team recently analyzed the authentication bypass vulnerability in Next.js (CVE-2025-29927). Our blog post details how to detect this vulnerability with more reliability. Read more here: slcyber.io/assetnote-secu…

Our security research team discovered a pre-auth RCE (CVE-2025-27218) in Sitecore XP 10.4. You can read our research here: slcyber.io/blog/sitecore-…

Our security research team discovered an authentication bypass in Palo Alto's PAN-OS management interface. Our discoveries come shortly after exploit chains were released at the end of 2024 after a deeper investigation. You can read our research here: slcyber.io/blog/nginx-apa…