Ph.D. Researcher @ KENTECH · Post-Quantum Cryptography · AI agent Security

• Formal Verification of Cryptographic Implementation
• PQC Optimization
• Responsible Disclosure
• AI agent Security

CVE Discoveries

Cryptographic Libraries

• CVE-2026-42764 — OpenSSL NULL pointer dereference in QUIC server initial packet handling (invalid/expired token), reachable when address validation is disabled via SSL_LISTENER_FLAG_NO_VALIDATE (Moderate, CWE-476)
• CVE-2026-5264 — wolfSSL DTLS 1.3 ACK heap buffer overflow (High, CWE-122)
• CVE-2026-5295 — wolfSSL PKCS7 ORI OID stack buffer overflow (High, CWE-121)
• CVE-2026-5393 — wolfSSL dual-algorithm CertificateVerify out-of-bounds read (Medium, CWE-125, Experimental; test credit)
• CVE-2026-5448 — wolfSSL X.509 date buffer overflow in notAfter/notBefore compatibility API (Low, CWE-120)
• CVE-2026-5504 — wolfSSL PKCS7 CBC padding oracle via unvalidated interior padding bytes (Medium, CWE-354)
• CVE-2026-5507 — wolfSSL session cache arbitrary free via unvalidated deserialized pointer (Medium, CWE-761)
• CVE-2026-34610 — leancrypto X.509 CN length truncation enables certificate identity impersonation (CVSS 5.9, CWE-681)
• CVE-2026-5598 — Bouncy Castle BC-JAVA FrodoKEM non-constant time comparison enabling private key leakage (High, CWE-385)

AI / ML Frameworks

• CVE-2026-34981 — whisperX-FastAPI SSRF via unvalidated URL fetch with extension bypass (CVSS 5.8, CWE-918)
• CVE-2026-35483 — text-generation-webui path traversal in load_template() leaks .jinja/.yaml files (CVSS 5.3, CWE-22)
• CVE-2026-35484 — text-generation-webui path traversal in load_preset() leaks arbitrary .yaml files (CVSS 5.3, CWE-22)
• CVE-2026-35485 — text-generation-webui path traversal in load_grammar() leaks arbitrary files (CVSS 7.5, CWE-22)
• CVE-2026-35486 — text-generation-webui SSRF in superbooga RAG extensions enables cloud credential theft (CVSS 7.5, CWE-918)
• CVE-2026-35487 — text-generation-webui path traversal in load_prompt() leaks arbitrary .txt files (CVSS 5.3, CWE-22)
• CVE-2026-56823 — AutoGPT Platform IDOR in webhook ping endpoint allows cross-user webhook enumeration, OAuth provider type leakage, and unauthorized ping triggering due to missing ownership verification (CVSS 4.6, CWE-284/CWE-639)

Web Applications & Tooling

• CVE-2026-48819 — @hey-api/openapi-ts prototype chain substitution in buildClientParams template via crafted $query___proto__ slot key (Moderate, CWE-1321)
• CVE-2026-46556 — FlaskBB SSRF in get_image_info() via unrestricted avatar URL enabling cloud metadata access and internal port scanning (CVSS 6.5, CWE-918)

Bug Reports

• Microsoft SymCrypt #55 — ML-DSA UINT16 signing counter wrap causes nonce reuse; also reported upstream to pq-crystals/dilithium #110
• wolfSSL #10084 — LMS wc_LmsKey_Sign insufficient buffer size and missing callback validation
• wolfSSL #10087 — Negative ASN.1 integer overflow in CRL number field decoding
• wolfSSL #10088 — RSA exponent stack buffer overflow in wolfSSL_EVP_PKEY_print_public
• wolfSSL #10090 — DTLS fragment reassembly reads uninitialized heap contents
• wolfSSL #10103 — DTLS 1.3 word16 truncation on handshake send size
• wolfSSL #10131 — Missing hashLen sanity check in wc_dilithium_verify_ctx_hash
• Microsoft Z3 #9463 — sat.smt=true returns invalid models for BV comparator predicates; smt.elim_unconstrained abstracts comparators to fresh booleans and witness reconstruction satisfies each independently without joint consistency (soundness bug, regression since 4.13.0, confirmed by Z3's own model_validate)
• liboqs #2392 — MAYO mayo_sign_signature returns MAYO_OK after 256-attempt rejection sampling exhaustion, assembling signature from invalid solution buffer (all 12 MAYO variants; fix in liboqs 0.16.0, also upstream in PQCMayo/MAYO-C #10)

Patch Contributions

• OpenSSL #30611 — Uninitialized QUIC connection IDs (CWE-457)
• OpenSSL #30612 — Channel memory leak on initial secret failure (CWE-401), backported to 3.3–4.0

Test Vector Contributions

• C2SP/Wycheproof PR #255 — Added ML-DSA-87 verification vectors to C2SP/Wycheproof for a missing required modular reduction in the NTT verification path. The merged vectors distinguish conforming verifiers from affected implementations by triggering wrong acceptance of forgeries or wrong rejection of valid signatures.

Standards Contributions

• NIST FIPS 204 / ML-DSA κ counter — Reported κ counter width ambiguity to NIST pqc-comments on 2026-03-31; spec-compliant implementations independently reproduce nonce reuse due to unspecified integer width

• "When Removing Reductions Goes Wrong: Auditing Reduction Placement in Production ML-DSA Implementations", Cryptology ePrint Archive 2026/1032 [ePrint]
• "When API Keys Leak: Securing AI Services with Post-Quantum Proof-of-Possession", ICAIIC 2026 [IEEE Xplore]
• "A Maturity Model for Crypto-Agility in Substation Automation Systems", ICAIIC 2026 [IEEE Xplore]
• "Signed-Only Execution for Third-Party Pre-Trained Models in AI Platforms", IEEE BigData 2025 [IEEE Xplore]
• "Evaluating Post-Quantum Cryptography for Resource-Constrained AMI Gateways", IEEE CNS 2025 [IEEE Xplore]

• NATO CCDCOE Locked Shields — Technical Division (2022, 2023)