Security Research
Responsible vulnerability disclosure and security research.
All vulnerabilities were responsibly disclosed to affected vendors. Organization names are anonymized.
25+
Vulnerabilities Reported
3
Critical Severity
1
CVE Assigned
24
HITCON ZeroDay
Disclosure Timeline
2025
4 disclosures
CVE-2025-13468 Medium
PHP Object Injection
Affected: Vendor Anonymized
HITCON ZeroDay
High
Unauthorized Access
Affected: Vendor Anonymized
HITCON ZeroDay
Low
Reflected XSS
Affected: Vendor Anonymized
HITCON ZeroDay
Medium
SQL Injection
Affected: Vendor Anonymized
2024
15 disclosures
HITCON ZeroDay
Low
Broken Access Control
Affected: Vendor Anonymized
HITCON ZeroDay
Medium
SQL Injection
Affected: Vendor Anonymized
HITCON ZeroDay
Low
Information Disclosure
Affected: Vendor Anonymized
HITCON ZeroDay
High
Broken Access Control
Affected: Vendor Anonymized
HITCON ZeroDay
Medium
Broken Access Control
Affected: Vendor Anonymized
HITCON ZeroDay
Critical
Remote Code Execution
Affected: Vendor Anonymized
HITCON ZeroDay
Low
Information Disclosure
Affected: Vendor Anonymized
HITCON ZeroDay
Medium
SQL Injection
Affected: Vendor Anonymized
HITCON ZeroDay
Low
Security Misconfiguration
Affected: Vendor Anonymized
HITCON ZeroDay
Low
Broken Access Control
Affected: Vendor Anonymized
HITCON ZeroDay
Critical
SQL Injection to RCE
Affected: Vendor Anonymized
HITCON ZeroDay
Critical
Remote Code Execution
Affected: Vendor Anonymized
HITCON ZeroDay
High
Security Misconfiguration
Affected: Vendor Anonymized
HITCON ZeroDay
Medium
Local File Inclusion
Affected: Vendor Anonymized
HITCON ZeroDay
Low
Information Disclosure
Affected: Vendor Anonymized
2023
4 disclosures
HITCON ZeroDay
Low
Information Disclosure
Affected: Vendor Anonymized
HITCON ZeroDay
High
SQL Injection
Affected: Vendor Anonymized
HITCON ZeroDay
High
Arbitrary File Upload
Affected: Vendor Anonymized
HITCON ZeroDay
Medium
Information Disclosure
Affected: Vendor Anonymized
2022
1 disclosures
HITCON ZeroDay
High
Arbitrary File Upload
Affected: Vendor Anonymized
2021
1 disclosures
HITCON ZeroDay
Low
Security Vulnerability
Affected: Vendor Anonymized
Responsible Disclosure
All vulnerabilities listed above were reported through official channels, including vendor security teams and Taiwan's HITCON ZeroDay vulnerability disclosure platform.
We follow responsible disclosure practices:
- Report vulnerabilities directly to affected vendors
- Allow reasonable time for patches before public disclosure
- Provide detailed technical reports with remediation guidance
- Respect vendor coordination timelines
Organization names are anonymized to protect vendors and their customers.
Need Security Assessment?
Let our experienced team identify vulnerabilities in your systems before attackers do.
Request Assessment