Skip to content
View kuranikaran's full-sized avatar
🌴
On vacation
🌴
On vacation

Block or report kuranikaran

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
kuranikaran/README.md

Karan Kurani

Security Researcher · Offensive Security · Vulnerability Disclosure

Portfolio LinkedIn

Typing SVG

CVEs Published          7x CVE's ( CVE-2026-28970, CVE-2026-28898, CVE-2026-44304, CVE-2026-44305, CVE-2026-35627, CVE-2026-32230 & more )
Organizations           14 (Apple · Meta · NASA · OpenAI · JPMC · Infosys …)
Certs                   CRTA · ISC² CC · NCPT · OCI Architect
TryHackMe               Top 1% | Seven Time League Winner #1
NCL                     Top 7% National · #1 at Pace
PortSwigger             100+ Labs

CVEs & Credited Findings

🔴 Critical · 🟠 High · 🟡 Medium · 🟢 Low · 🤝 Credited · 🏆 Hall of Fame

Target Severity Finding ID
React / Next.js Critical RCE via exposed RSC endpoints on The Economic Times Admin Portal CVE-2025-55182
Netflix/Lemur High LDAP filter injection → post-auth privilege escalation to admin CVE-2026-44304
Netflix/Lemur Medium LDAP TLS verification globally disabled → credential interception (MITM) CVE-2026-44305
Apple/swift-nio Medium CRLF injection in outbound request URI / method / reason-phrase → smuggling & response splitting CVE-2026-28970
Uptime Kuma Medium Missing authorization on monitor pings CVE-2026-32230
Apple/swift-nio-http2 Low HTTP/2 → HTTP/1 request smuggling via unvalidated :path pseudo-header CVE-2026-28898
Openclaw High Nostr inbound DMs trigger crypto/dispatch work before sender-policy enforcement CVE-2026-35627
Microsoft/UFO Medium Unowned-session squatting via COMMAND_RESULTS → persistent authenticated DoS GHSA
Pretix Medium Log injection via request_id_header PR #5920
Pretix OIDC Medium PKCE values logged to stdout Responsible Disclosure
Metabase Medium Sharing bypass exposing datasets GHSA
Ghidra/NSA Low Zip Slip path traversal (CWE-22) in Javadoc extraction; fix merged 9ce5c59, shipped 12.1.3 Issue #9272
Google/fscrypt Low Symlink-following in recovery-file write → root fchown of attacker target under sudo PR #448
Directus Credited Enumeration oracle via RBAC filter bypass GHSA
JPMorgan Chase Hall of Fame Internal hostnames in prod JS Synack RD #690

Additional disclosures to NASA · OpenAI · Microsoft · Mercedes-Benz · Infosys (CERT-In acknowledged)


Tech

Python Bash C C++ JS PowerShell SQL

Burp Metasploit Nmap Wireshark Ghidra IDA Semgrep ASan

Kali Docker AWS Wazuh Splunk MITRE ATT&CK


Now

🔬 Fuzzing Fang engine's for memory corruption bugs
🔍 Source code auditing high-star open-source projects
⚡  Manual + Multi-LLM workflow 
🏆 OSCP | BSCP Prep 
🏴󠁡󠁦󠁷󠁡󠁲󠁿 Hands'on Offsec | THM | HTB | Portswigger

CRTA ISC² CC NCPT OCI


Pinned Loading

  1. CVSSv3 CVSSv3 Public

    Jupyter Notebook

  2. Leetcode Leetcode Public

    Python

  3. JWT-Attacks JWT-Attacks Public

  4. Offensive-Security-Wireless-Pentester Offensive-Security-Wireless-Pentester Public

    Wireless Security