bug-bounty622
facebook479
xss316
google174
microsoft120
rce102
apple72
csrf60
web355
account-takeover53
writeup51
exploit43
sqli41
dos36
ssrf34
cve33
cloudflare32
privilege-escalation29
defi28
malware27
node26
smart-contract-vulnerability25
idor25
subdomain-takeover24
clickjacking23
smart-contract23
ethereum23
access-control21
react21
vulnerability-disclosure21
reverse-engineering20
auth-bypass19
aws19
remote-code-execution18
lfi18
cloud17
docker17
cors17
oauth17
supply-chain17
race-condition17
info-disclosure16
browser14
authentication-bypass14
solidity14
phishing14
denial-of-service11
sql-injection11
delegatecall11
wordpress10
0
bug-bounty
A Jenkins instance was found vulnerable to RCE due to improper access control, allowing unauthenticated users to gain admin access via GitHub OAuth and execute arbitrary Groovy scripts. The vulnerability was discovered during subdomain enumeration and responsibly disclosed to the organization's CTO.
rce
remote-code-execution
jenkins
misconfiguration
authentication-bypass
groovy-injection
privilege-escalation
bug-bounty
github-oauth
access-control
script-execution
Jenkins
GitHub
DoSomething.org
MuhammadKhizerJaved
nahamsec
Matt
HackerOne
Bugcrowd
0
8/10
research
Researchers automated Java deserialization gadget chain discovery using LLM-driven analysis combined with static call graph analysis, discovering novel chains against WildFly and other application servers. The methodology uses WALA-based call graph construction, dynamic bytecode analysis for type confusion, and Claude Code to iteratively explore and validate gadget chains through a REST API query interface.
java-deserialization
gadget-chain
vulnerability-discovery
llm-automation
static-analysis
code-execution
ysoserial
wildfly
weblogic
jboss
websphere
jenkins
opennms
call-graph-analysis
bytecode-analysis
serializable
type-confusion
research
ysoserial
GadgetInspector
Claude Code
IBM Watson Libraries for Analysis (WALA)
CFR
Java ASM
FastAPI
SQLite
WildFly
WebLogic
WebSphere
JBoss
Jenkins
OpenNMS
Foxglove Security