https://baslevering.com/tags/disclosure/ Recent content in Disclosure on Bas Levering Hugo en-us Fri, 29 May 2026 00:00:00 +0000 https://baslevering.com/posts/libvncclient-tight-oob-write/ Fri, 29 May 2026 00:00:00 +0000 https://baslevering.com/posts/libvncclient-tight-oob-write/ GHSA-v9pm-47h4-jcq8 — a malicious VNC server can crash or take over any client built on libvncclient, default build, no auth. My first CVE, and why the client trusting the server is the whole problem.