Vulnerability Analysis
In-depth guides and analysis on vulnerability analysis from the Safeguard engineering team.
568 articles
lodash prototype pollution via zipObjectDeep (CVE-2020-8203)
CVE-2020-8203 lets attackers pollute Object.prototype via lodash's zipObjectDeep. Learn affected versions, CVSS/EPSS context, and remediation steps.
lodash defaultsDeep prototype pollution (CVE-2019-10744)
A critical prototype pollution flaw in lodash's defaultsDeep (CVE-2019-10744) lets attackers corrupt Object.prototype. Here's the impact and how to fix it.
lodash template code injection (CVE-2021-23337)
CVE-2021-23337 lets attackers inject code via lodash's template function. Here's the impact, affected versions, CVSS/EPSS context, and how to remediate it.
Alibaba fastjson deserialization RCE (CVE-2022-25845)
A critical AutoType-bypass RCE in Alibaba fastjson (CVSS 9.8, EPSS ~99th pct) hits any app parsing untrusted JSON. Here's how to detect and fix it.
Struts2 REST plugin XStream deserialization RCE (CVE-2017-9805)
CVE-2017-9805 lets attackers RCE Struts2 REST APIs via unsafe XStream XML deserialization. Learn impact, affected versions, and remediation steps.
Apache Commons Collections deserialization gadget RCE (CVE-2015-7501)
A decade-old Apache Commons Collections deserialization gadget chain still enables unauthenticated RCE across legacy Java middleware. Here's how to find and fix it.
GitLab ExifTool RCE (CVE-2021-22205)
CVE-2021-22205 let attackers RCE self-managed GitLab via a malicious ExifTool-parsed upload — no auth required. Here's the timeline and fix.
OpenSSL BN_mod_sqrt infinite loop DoS (CVE-2022-0778)
CVE-2022-0778 lets attackers hang OpenSSL with a single malformed certificate. Here's the impact, affected versions, and how to remediate fast.
Dirty COW Linux kernel privilege escalation (CVE-2016-5195)
Dirty COW (CVE-2016-5195) let local attackers hijack a kernel race condition for root. Nine years old, still found in fleets — here's how to find and fix it.
Dirty Pipe Linux kernel arbitrary write (CVE-2022-0847)
Dirty Pipe (CVE-2022-0847) lets local attackers overwrite read-only files via a pipe buffer flaw, enabling fast, reliable root escalation on Linux and Android.
Log4Shell Five Years Later: What CVE-2021-44228 Taught Us About Transitive Risk
Five years after Log4Shell, the technical details still matter, but the lasting lessons are about transitive dependencies, SBOM accuracy, and the long tail of unpatched internal tooling.
Kubernetes API server privilege escalation via aggregated API (CVE-2018-1002105)
A critical flaw in Kubernetes' aggregated API let unauthenticated users gain full admin privileges. Here's how it worked and how to fix it.