CVE-2026-56412 — Incomplete fix bypass in libexpat, found autonomously by Vorthix

./security_research

Every advisory here was found and confirmed by Vorthix's autonomous agent — without human guidance. Full technical analysis, sanitizer output, and coordinated disclosure included.

MEDIUM

CVE-2026-56412

Incomplete fix bypass in libexpat — CDATA handler depth guard missing in doCdataSection()

A patched CVE was not a closed case. Vorthix read PR #1246 as a claim, mapped every call site of the character-data handler, and found the path where the fix’s assumption silently breaks.

libexpatCWE-416heap-use-after-freeincomplete-fix
-rw-r--r-- · Jun 20, 2026 cat 8 min
HIGH

GHSA-8f95-v3jq-cj86

Heap buffer overflow in pymonocypher argon2i_32()

An out-of-bounds write driven by an unchecked block-index calculation. AddressSanitizer confirmed the write; a patch was live on PyPI 15 hours after disclosure.

pymonocypherCWE-122heap-overflow
-rw-r--r-- · Jun 2, 2025 cat 5 min
INCOMING

CVE ASSIGNED — PENDING DISCLOSURE

FreeRDP — CVE assigned, coordinated disclosure in progress

A vulnerability in FreeRDP has been assigned a CVE. Coordinated disclosure with maintainers is underway. Full technical writeup publishes when the patch ships.

freerdppending
-rw-r--r-- · July 2026REDACTED
INCOMING

CVE ASSIGNED — PENDING DISCLOSURE

Critical open-source target — coordinated disclosure in progress

A separate finding against critical open-source infrastructure has been assigned a CVE. Target undisclosed pending coordinated release.

undisclosedpending
-rw-r--r-- · July 2026REDACTED

Stay Updated

Get notified when new findings are published.