#Open Source Security
2 posts
Unfixed Gogs flaw can turn pull requests into server-side RCE
Unfixed Gogs flaw can turn pull requests into server-side RCE A newly disclosed Gogs bug matters because it blurs the line between "authenticated" and "practica...
June 2, 2026
5 min read
Lucas Oliveira
Research
Critical protobuf.js flaw turns untrusted schemas into JavaScript code execution
Critical protobuf.js flaw turns untrusted schemas into JavaScript code execution A newly disclosed protobuf.js issue deserves attention well beyond the JavaScri...
April 19, 2026
5 min read
Lucas Oliveira
Research