ZEROPATH WALL OF FAME
Securing the world's code,
one vulnerability at a time
Every vulnerability listed here has been discovered and responsibly disclosed by ZeroPath. This represents just a fraction of our ongoing mission to make open source software more secure.
Vulnerabilities Fixed
In Disclosure Process
CVEs Assigned
Discovered Vulnerabilities
Each finding represents hours of research and responsible disclosure to protect users worldwide
Android MediaCodec audio: Buffer overflow due to truncated sample count
In mediacodec_wrap_sw_audio_buffer(), allocating a buffer based on a truncated sample count (due to integer division) followed by a full-size memcpy results in a heap buffer overflow. Reachable via attacker-provided media through Android MediaCodec APIs.
RTMP client: Buffer overflow via unbounded AMF serialization
The RTMP client (gen_connect) allocates a fixed-size packet buffer but writes arbitrary AMF fields derived from the rt->conn string into it without checking remaining capacity, causing a heap buffer overflow.
ICY metadata: Off-by-one NUL stack corruption
In store_icy(), the code writes a NUL byte at data[len + 1] instead of data[len] for the maximum allowed metadata size, corrupting adjacent stack state and potentially enabling memory corruption or denial-of-service.
RTP RFC4175 video: Buffer overflow due to integer overflow
The calculation of 'copy_offset' in rfc4175_handle_packet() did not account for massive numerical values, causing integer wrapping that bypassed the buffer size protection check and led to a buffer overflow.
QDM2-over-RTP: Invalid memory write with negative memcpy length
The QDM2 parser reads an unvalidated 'block_size' from an RTP config packet. If 'block_size' is too small for the header, the copy length becomes negative, leading to an out-of-bounds write via memcpy.
drawtext filter: Buffer overwrite due to separator budgeting error
When using detection bounding boxes in the drawtext filter, concatenating labels and '," separators into a heap buffer doesn't account for the separator overhead, causing a buffer overwrite when labels are at maximum length.
WHIP muxer: Invalid free due to incorrect stream index
In create_rtp_muxer (libavformat/whip.c), the code incorrectly accesses rtp_ctx->streams[i] (using the loop index) when it should use rtp_ctx->streams[0], referencing an out-of-bounds pointer and calling av_freep() on it.
SCTP write: Buffer underflow leading to memory disclosure
In sctp_write(), there is no check requiring buffer size >= 2 before consuming a 2-byte header (StreamId). This can result in 'size - 2' underflowing to a massive size_t value, sending a massive amount of uninitialized memory over the socket.
Avahi Simple Protocol Server DoS
The Avahi Simple Protocol Server ignores the configured client limit and continues to accept unlimited connections, resulting in memory and file descriptor exhaustion. Unprivileged users can easily cause a denial of service that affects the entire mDNS/DNS-SD subsystem and related name resolution services.
django-allauth uses mutable provider attribute as UID
The provider handler uses preferred_username from Okta and NetIQ as the canonical UID instead of the stable sub claim. Because preferred_username is mutable and not globally unique, an attacker can change it to match another account and cause account takeover or incorrect account linking.
Tokens issued to disabled users due to missing account-state check
After resolving the user from device authorization data, the flow allows token minting without verifying required account state such as user.is_active. If an account was disabled after device authorization, tokens may still be issued unless downstream validators block it.
Notion provider marks email as verified without validation
The Notion provider extract_email_addresses handler sets verified=true and primary=true unconditionally. It does not check an email_verified flag or other evidence that Notion verified the address, enabling account linking or creation that bypasses normal email verification controls.
IDOR Security Vulnerability in SuperAGI
Broken authentication flaw enabling access to tens of thousands of customers' files including secrets, business documents, and health information via /api/resources/get/{resource_id}.
Local File Inclusion in Fonoster
A Local File Inclusion vulnerability was discovered in the Fonoster Voice Server, allowing access to system files via voice file paths due to incomplete path validation.
Unauthorized Access to Any User's Jobs in LibrePhotos
Access to other users' processing jobs due to missing authorization in job queue.
Token Refresh Vulnerability in LibrePhotos
Complete authentication bypass via improper token validation in the LibrePhotos project.
Unauthorized Conversation Deletion in RagFlow
Complete deletion of other users' chat history due to missing object-level authorization checks.
Unauthorized Canvas Deletion in RagFlow
Deletion of other users' visualization canvases due to insufficient IDOR protection on API endpoint.
Unauthorized Knowledge Base Access in RagFlow
Read access to other users' private knowledge bases due to missing tenant isolation in KB queries.
Unauthorized File Movement in RagFlow
Moving/deleting other users' uploaded files due to missing ACL checks in file operations.
Unauthorized Conversation Access in RagFlow
Reading other users' private conversations due to broken access control in chat retrieval.
Unauthorized API Key Removal in RagFlow
Removal of other users' API keys due to IDOR in key management endpoint.
Unauthorized Knowledge Base Enumeration in RagFlow
Enumeration of all private knowledge bases due to missing authentication in list endpoint.
Unauthorized Dialog Deletion in RagFlow
Mass deletion of other users' dialogs due to race condition in deletion endpoint.
Local File Inclusion in E2nest
A Local File Inclusion vulnerability was discovered in the E2nest project, allowing arbitrary file read via path traversal in model loading due to insufficient path normalization in config loading.
Remote Code Execution in Uptrain
A Remote Code Execution vulnerability via eval during project creation.
Command Injection in Clone-voice
System command execution via voice file metadata due to unescaped input in ffmpeg command.
File Upload and Path Traversal in LibrePhotos
Arbitrary file write via photo upload due to insufficient path sanitization.
Remote Code Execution in Monaco
A Remote Code Execution vulnerability was discovered in Hulu's Monaco project, allowing code execution via deserialization due to unsanitized data being passed into pickle.loads.
Unauthorized Redis Access in Monaco
Access to all Redis clusters administered by Monaco due to missing authentication in app_redis_api endpoint.
Directory Traversal in LogAI
Access to sensitive files via log paths due to broken path traversal protection in the Salesforce LogAI project.
Directory Traversal in DB-GPT
Access to database files via backup paths due to missing path normalization in the DB-GPT project.