https://miscreants.github.io/blog.trailofbits.com/categories/vulnerability-disclosure/Recent content in vulnerability-disclosure on The Trail of Bits BlogHugoen-usTue, 18 Nov 2025 00:00:00 -0500https://miscreants.github.io/blog.trailofbits.com/2025/11/18/we-found-cryptography-bugs-in-the-elliptic-library-using-wycheproof/Tue, 18 Nov 2025 07:00:00 -0500https://miscreants.github.io/blog.trailofbits.com/2025/11/18/we-found-cryptography-bugs-in-the-elliptic-library-using-wycheproof/Trail of Bits discovered and disclosed two vulnerabilities in the widely used elliptic JavaScript library that could allow signature forgery or prevent valid signature verification, with one vulnerability still unfixed after the 90-day disclosure window.https://miscreants.github.io/blog.trailofbits.com/2025/10/30/vulnerabilities-in-luks2-disk-encryption-for-confidential-vms/Thu, 30 Oct 2025 07:00:00 -0400https://miscreants.github.io/blog.trailofbits.com/2025/10/30/vulnerabilities-in-luks2-disk-encryption-for-confidential-vms/Trail of Bits is disclosing vulnerabilities in confidential computing systems that use LUKS2 for disk encryption. These vulnerabilities allow attackers with access to storage disks to extract confidential data and modify contents.https://miscreants.github.io/blog.trailofbits.com/2025/09/03/subverting-code-integrity-checks-to-locally-backdoor-signal-1password-slack-and-more/Thu, 04 Sep 2025 00:00:00 -0400https://miscreants.github.io/blog.trailofbits.com/2025/09/03/subverting-code-integrity-checks-to-locally-backdoor-signal-1password-slack-and-more/A vulnerability in Electron applications allows attackers to bypass code integrity checks by tampering with V8 heap snapshot files, enabling local backdoors in applications like Signal, 1Password, and Slack.https://miscreants.github.io/blog.trailofbits.com/2025/08/04/uncovering-memory-corruption-in-nvidia-triton-as-a-new-hire/Tue, 05 Aug 2025 07:00:00 -0400https://miscreants.github.io/blog.trailofbits.com/2025/08/04/uncovering-memory-corruption-in-nvidia-triton-as-a-new-hire/In my first month at Trail of Bits as an AI/ML security engineer, I found two remotely accessible memory corruption bugs in NVIDIA’s Triton Inference Server during a routine onboarding practice.https://miscreants.github.io/blog.trailofbits.com/2025/07/25/exploiting-zero-days-in-abandoned-hardware/Fri, 25 Jul 2025 07:00:00 -0400https://miscreants.github.io/blog.trailofbits.com/2025/07/25/exploiting-zero-days-in-abandoned-hardware/We successfully exploited two discontinued network devices at DistrictCon’s inaugural Junkyard competition in February, winning runner-up for Most Innovative Exploitation Technique. Our exploit chains demonstrate why end-of-life hardware poses persistent security risks.https://miscreants.github.io/blog.trailofbits.com/2025/02/21/dont-recurse-on-untrusted-input/Fri, 21 Feb 2025 00:00:00 -0500https://miscreants.github.io/blog.trailofbits.com/2025/02/21/dont-recurse-on-untrusted-input/We developed a simple CodeQL query to find denial-of-service (DoS) vulnerabilities in several high-profile Java projects.https://miscreants.github.io/blog.trailofbits.com/2024/11/13/killing-filecoin-nodes/Wed, 13 Nov 2024 06:00:12 -0500https://miscreants.github.io/blog.trailofbits.com/2024/11/13/killing-filecoin-nodes/In January, we identified and reported a vulnerability in the Lotus and Venus clients of the Filecoin network that allowed an attacker to remotely crash a node and trigger a denial of service. This issue is caused by an incorrect validation of an index, resulting in an index out-of-range panic. The vulnerability […]https://miscreants.github.io/blog.trailofbits.com/2024/04/15/5-reasons-to-strive-for-better-disclosure-processes/Mon, 15 Apr 2024 09:00:53 -0400https://miscreants.github.io/blog.trailofbits.com/2024/04/15/5-reasons-to-strive-for-better-disclosure-processes/This blog showcases five examples of real-world vulnerabilities that we’ve disclosed in the past year (but have not publicly disclosed before). We also share the frustrations we faced in disclosing them to illustrate the need for effective disclosure processes. Here are the five bugs: Undefined behavior in the borsh-rs Rust library Denial-of-service […]https://miscreants.github.io/blog.trailofbits.com/2024/03/08/out-of-the-kernel-into-the-tokens/Fri, 08 Mar 2024 09:00:48 -0500https://miscreants.github.io/blog.trailofbits.com/2024/03/08/out-of-the-kernel-into-the-tokens/We’re digging up the archives of vulnerabilities that Trail of Bits has reported over the years. This post shares the story of two such issues: a denial-of-service (DoS) vulnerability hidden in JSON Web Tokens (JWTs), and an oversight in the Linux kernel that could enable circumvention of critical kernel […]https://miscreants.github.io/blog.trailofbits.com/2024/02/20/breaking-the-shared-key-in-threshold-signature-schemes/Tue, 20 Feb 2024 09:30:37 -0500https://miscreants.github.io/blog.trailofbits.com/2024/02/20/breaking-the-shared-key-in-threshold-signature-schemes/Today we are disclosing a denial-of-service vulnerability that affects the Pedersen distributed key generation (DKG) phase of a number of threshold signature scheme implementations based on the Frost, DMZ21, GG20, and GG18 protocols. The vulnerability allows a single malicious participant to surreptitiously raise the threshold required to reconstruct the shared key, which […]https://miscreants.github.io/blog.trailofbits.com/2024/01/16/leftoverlocals-listening-to-llm-responses-through-leaked-gpu-local-memory/Tue, 16 Jan 2024 12:00:39 -0500https://miscreants.github.io/blog.trailofbits.com/2024/01/16/leftoverlocals-listening-to-llm-responses-through-leaked-gpu-local-memory/We are disclosing LeftoverLocals: a vulnerability that allows recovery of data from GPU local memory created by another process on Apple, Qualcomm, AMD, and Imagination GPUs. LeftoverLocals impacts the security posture of GPU applications as a whole, with particular significance to LLMs and ML models run on impacted GPU […]https://miscreants.github.io/blog.trailofbits.com/2023/12/29/billion-times-emptiness/Fri, 29 Dec 2023 09:00:51 -0500https://miscreants.github.io/blog.trailofbits.com/2023/12/29/billion-times-emptiness/Behind Ethereum’s powerful blockchain technology lies a lesser-known challenge that blockchain developers face: the intricacies of writing robust Ethereum ABI (Application Binary Interface) parsers. Ethereum’s ABI is critical to the blockchain’s infrastructure, enabling seamless interactions between smart contracts and external applications. The complexity of data types and the need for precise encoding […]https://miscreants.github.io/blog.trailofbits.com/2023/10/30/the-issue-with-ats-in-apples-macos-and-ios/Mon, 30 Oct 2023 08:00:57 -0400https://miscreants.github.io/blog.trailofbits.com/2023/10/30/the-issue-with-ats-in-apples-macos-and-ios/Trail of Bits is publicly disclosing a vulnerability (CVE-2023-38596) that affects iOS, iPadOS, and tvOS before version 17, macOS before version 14, and watchOS before version 10. The flaw resides in Apple’s App Transport Security (ATS) protocol handling. We discovered that Apple’s ATS fails to require the encryption of connections to IP […]https://miscreants.github.io/blog.trailofbits.com/2023/10/23/numbers-turned-weapons-dos-in-osmosis-math-library/Mon, 23 Oct 2023 14:27:31 -0400https://miscreants.github.io/blog.trailofbits.com/2023/10/23/numbers-turned-weapons-dos-in-osmosis-math-library/Trail of Bits is publicly disclosing a vulnerability in the Osmosis chain that allows an attacker to craft a transaction that takes up a disproportionate amount of compute time on Osmosis nodes compared to the amount of gas it consumes. Using the vulnerability, an attacker can halt the Osmosis chain by spamming […]https://miscreants.github.io/blog.trailofbits.com/2023/09/18/security-flaws-in-an-sso-plugin-for-caddy/Mon, 18 Sep 2023 08:00:42 -0400https://miscreants.github.io/blog.trailofbits.com/2023/09/18/security-flaws-in-an-sso-plugin-for-caddy/We identified 10 security vulnerabilities within the caddy-security plugin for the Caddy web server that could enable a variety of high-severity attacks in web applications, including client-side code execution, OAuth replay attacks, and unauthorized access to resources. During our evaluation, Caddy was deployed as a reverse proxy […]https://miscreants.github.io/blog.trailofbits.com/2023/08/23/the-engineers-guide-to-blockchain-finality/Wed, 23 Aug 2023 07:00:53 -0400https://miscreants.github.io/blog.trailofbits.com/2023/08/23/the-engineers-guide-to-blockchain-finality/Many security-critical off-chain applications use a simple block delay to determine finality: the point at which a transaction becomes immutable in a blockchain’s ledger (and is impossible to “undo” without extreme economic cost). But this is inadequate for most networks, and can become a single point of failure for the centralized exchanges, […]https://miscreants.github.io/blog.trailofbits.com/2023/02/23/escaping-well-configured-vscode-extensions-for-profit/Thu, 23 Feb 2023 08:00:42 -0500https://miscreants.github.io/blog.trailofbits.com/2023/02/23/escaping-well-configured-vscode-extensions-for-profit/In part one of this two-part series, we escaped Webviews in real-world misconfigured VSCode extensions. But can we still escape extensions if they are well-configured? In this post, we’ll demonstrate how I bypassed a Webview’s localResourceRoots by exploiting small URL parsing differences between the browser—i.e., the Electron-created Chromium instance where VSCode and […]https://miscreants.github.io/blog.trailofbits.com/2023/02/21/vscode-extension-escape-vulnerability/Tue, 21 Feb 2023 08:00:50 -0500https://miscreants.github.io/blog.trailofbits.com/2023/02/21/vscode-extension-escape-vulnerability/TL;DR: This two-part blog series will cover how I found and disclosed three vulnerabilities in VSCode extensions and one vulnerability in VSCode itself (a security mitigation bypass assigned CVE-2022-41042 and awarded a $7,500 bounty). We will identify the underlying cause of each vulnerability and create fully working exploits to demonstrate how an […]https://miscreants.github.io/blog.trailofbits.com/2023/01/12/wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh/Thu, 12 Jan 2023 08:00:17 -0500https://miscreants.github.io/blog.trailofbits.com/2023/01/12/wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh/Trail of Bits is publicly disclosing four vulnerabilities that affect wolfSSL: CVE-2022-38152, CVE-2022-38153, CVE-2022-39173, and CVE-2022-42905. The four issues, which have CVSS scores ranging from medium to critical, can all result in a denial of service (DoS). These vulnerabilities have been discovered automatically using the novel protocol fuzzer tlspuffin. This blog post […]https://miscreants.github.io/blog.trailofbits.com/2022/11/29/specialized-zero-knowledge-proof-failures/Tue, 29 Nov 2022 07:30:56 -0500https://miscreants.github.io/blog.trailofbits.com/2022/11/29/specialized-zero-knowledge-proof-failures/Zero-knowledge (ZK) proofs are useful cryptographic tools that have seen an explosion of interest in recent years, largely due to their applications to cryptocurrency. The fundamental idea of a ZK proof is that a person with a secret piece of information (a cryptographic key, for instance) can prove something about the secret […]https://miscreants.github.io/blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/Tue, 25 Oct 2022 07:30:10 -0400https://miscreants.github.io/blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/Trail of Bits is publicly disclosing CVE-2022-35737, which affects applications that use the SQLite library API. CVE-2022-35737 was introduced in SQLite version 1.0.12 (released on October 17, 2000) and fixed in release 3.39.2 (released on July 21, 2022). CVE-2022-35737 is exploitable on 64-bit systems, and exploitability depends on how the program is […]https://miscreants.github.io/blog.trailofbits.com/2022/04/13/part-1-coordinated-disclosure-of-vulnerabilities-affecting-girault-bulletproofs-and-plonk/Wed, 13 Apr 2022 07:00:00 -0400https://miscreants.github.io/blog.trailofbits.com/2022/04/13/part-1-coordinated-disclosure-of-vulnerabilities-affecting-girault-bulletproofs-and-plonk/Trail of Bits is publicly disclosing critical vulnerabilities that break the soundness of multiple implementations of zero-knowledge proof systems, including PlonK and Bulletproofs. These vulnerabilities are caused by insecure implementations of the Fiat-Shamir transformation that allow malicious users to forge proofs for random statements. We’ve dubbed this class of vulnerabilities Frozen Heart. […]https://miscreants.github.io/blog.trailofbits.com/2021/12/21/disclosing-shamirs-secret-sharing-vulnerabilities-and-announcing-zkdocs/Tue, 21 Dec 2021 07:00:04 -0500https://miscreants.github.io/blog.trailofbits.com/2021/12/21/disclosing-shamirs-secret-sharing-vulnerabilities-and-announcing-zkdocs/Trail of Bits is publicly disclosing two bugs that affect Shamir’s Secret Sharing implementation of Binance’s threshold signature scheme library (tss-lib) and most of its active forks. Here is the full list of affected repositories: Binance’s tss-lib Clover Network’s threshold-crypto Keep Network’s keep-ecdsa Swingby’s tss-lib THORchain’s tss-lib ZenGo X’s […]https://miscreants.github.io/blog.trailofbits.com/2020/12/16/breaking-aave-upgradeability/Wed, 16 Dec 2020 11:01:55 -0500https://miscreants.github.io/blog.trailofbits.com/2020/12/16/breaking-aave-upgradeability/On December 3rd, Aave deployed version 2 of their codebase. While we were not hired to look at the code, we briefly reviewed it the following day. We quickly discovered a vulnerability that affected versions 1 and 2 of the live contracts and reported the issue. Within an hour of sending our analysis to Aave, […]https://miscreants.github.io/blog.trailofbits.com/2020/08/05/accidentally-stepping-on-a-defi-lego/Wed, 05 Aug 2020 07:00:03 -0400https://miscreants.github.io/blog.trailofbits.com/2020/08/05/accidentally-stepping-on-a-defi-lego/The initial release of yVault contained logic for computing the price of yUSDC that could be manipulated by an attacker to drain most (if not all) of the pool’s assets. Fortunately, Andre, the developer, reacted incredibly quickly and disabled the faulty code, securing the approximately 400,000 USD held at the time. However, this bug still […]https://miscreants.github.io/blog.trailofbits.com/2020/05/15/bug-hunting-with-crytic/Fri, 15 May 2020 07:50:31 -0400https://miscreants.github.io/blog.trailofbits.com/2020/05/15/bug-hunting-with-crytic/Crytic, our Github app for discovering smart contract flaws, is kind of a big deal: It detects security issues without human intervention, providing continuous assurance while you work and securing your codebase before deployment. Crytic finds many bugs no other tools can detect, including some that are not widely known. Right now, Crytic has 90+ […]https://miscreants.github.io/blog.trailofbits.com/2018/03/15/amd-flaws-technical-summary/Thu, 15 Mar 2018 13:58:03 -0400https://miscreants.github.io/blog.trailofbits.com/2018/03/15/amd-flaws-technical-summary/Two weeks ago, we were engaged by CTS Labs as independent consultants at our standard consulting rates to review and confirm the technical accuracy of their preliminary findings. We participated neither in their research nor in their subsequent disclosure process. Our recommendation to CTS was to disclose the vulnerabilities through a CERT. Our review of […]