Posts

What We Found Scanning the Internet in 2026

One of our scans recently picked up an open vector database. Inside: over a hundred pages of internal documents related to uranium mining operations. …

Using their own weapons for defense - A SharePoint story

Exploring our adventure while building detection for SharePoint exploitation and vulnerability.

Vinchin Backup & Recovery: CVE-2024-22899 to CVE-2024-22903

Table of Contents:

• Default SSH Root Credentials (CVE-2024-22902)
• Hardcoded Database Credentials and Configuration Flaw (CVE-2024-22901) …

CVE-2023-20273: IOS XE root priv escalation

On the 28th of October the exploit for CVE-2023-20198 was released by SECUINFRA after being captured on one of their honeypots.

While it enables full …

CVE-2023-45498: RCE in VinChin Backup

Update 2023-11-03: The issue has been fixed in version 7.2.

Vulnerability research

At LeakIX we analyse new vulnerabilities discovered by other …