About Me
Hey, I'm Arun Krishnan (21), aka winters0x64 / w0x.
I do security research in my free time—which happens to be most of the time. I write about application security and occasionally the strange overlap between AI and security.
This site is a collection of write-ups, experiments, and things I probably broke while trying to understand how they work.
Scroll for more
CVEs
CVE-2024-8143
MediumUnauthorized Access to Chat History in chuanhuchatgpt
In gaizhenbiao/chuanhuchatgpt (version 20240628), the /file endpoint allows authenticated users to access other users' chat histories. By manipulating the endpoint, an authenticated user can enumerate and access files in other users' directories, leading to unauthorized access to private chat histories.
CVE-2024-8550
HighLocal File Inclusion (LFI) in modelscope/agentscope
A Local File Inclusion vulnerability exists in the /load-workflow endpoint of modelscope/agentscope v0.0.4. This allows attackers to read arbitrary files from the server, including sensitive files such as API keys, by manipulating the filename parameter. The issue arises due to improper sanitization of user input passed to os.path.join.
CVE-2024-10649
MediumUnauthenticated File Upload/Download in wandb/openui
wandb/openui contains unauthenticated endpoints that allow file uploads and downloads from an AWS S3 bucket. This can lead to denial of service, stored XSS, and information disclosure. The affected endpoints '/v1/share/{id:str}' allow any user to upload and overwrite files, potentially causing the S3 bucket to run out of space, injecting malicious scripts, and accessing sensitive information.
CVE-2025-5302
HighDenial of Service in run-llama/llama_index JSONReader
A denial of service vulnerability exists in the JSONReader component of run-llama/llama_index v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth limit. This results in high resource consumption and potential crashes of the Python process. Fixed in version 0.12.38.
CVE-2024-8143
MediumUnauthorized Access to Chat History in chuanhuchatgpt
In gaizhenbiao/chuanhuchatgpt (version 20240628), the /file endpoint allows authenticated users to access other users' chat histories. By manipulating the endpoint, an authenticated user can enumerate and access files in other users' directories, leading to unauthorized access to private chat histories.
CVE-2024-8550
HighLocal File Inclusion (LFI) in modelscope/agentscope
A Local File Inclusion vulnerability exists in the /load-workflow endpoint of modelscope/agentscope v0.0.4. This allows attackers to read arbitrary files from the server, including sensitive files such as API keys, by manipulating the filename parameter. The issue arises due to improper sanitization of user input passed to os.path.join.
CVE-2024-10649
MediumUnauthenticated File Upload/Download in wandb/openui
wandb/openui contains unauthenticated endpoints that allow file uploads and downloads from an AWS S3 bucket. This can lead to denial of service, stored XSS, and information disclosure. The affected endpoints '/v1/share/{id:str}' allow any user to upload and overwrite files, potentially causing the S3 bucket to run out of space, injecting malicious scripts, and accessing sensitive information.
CVE-2025-5302
HighDenial of Service in run-llama/llama_index JSONReader
A denial of service vulnerability exists in the JSONReader component of run-llama/llama_index v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth limit. This results in high resource consumption and potential crashes of the Python process. Fixed in version 0.12.38.
Talks
ORM Leaks
ISRA Kochihow insecure ORM usage can lead to data leaks, injection attacks, and performance issues
ORM Leaks
bi0s Meetuphow insecure ORM usage can lead to data leaks, injection attacks, and performance issues
ORM Leaks
ISRA Kochihow insecure ORM usage can lead to data leaks, injection attacks, and performance issues
ORM Leaks
bi0s Meetuphow insecure ORM usage can lead to data leaks, injection attacks, and performance issues
Research
Ruby class pollution research - Rotate Chains
BlogExploring class pollution in Ruby and discovering a new method of exploiting it called Rotate Chains
Ruby class pollution research - Rotate Chains
BlogExploring class pollution in Ruby and discovering a new method of exploiting it called Rotate Chains