We reproduced Anthropic's Mythos findings with public models. See the results >>
Security Research

We study how systems break. Our work focuses on vulnerability discovery, real-world attack techniques and understanding how modern systems fail under pressure.

Kernel OOB read in netfilter H.323 ASN.1 decoder

Klaudia Kloc, Dawid Moczadło

decode_int() called get_uint() without bounds-checking a length value read from a CONS-encoded H.323/RAS packet, causing a 1-4 byte slab-out-of-bounds read in the kernel.

Read more

Kernel OOB read in netfilter H.323 Q.931 decoder

Klaudia Kloc, Dawid Moczadło

DecodeQ931() decremented a wire-supplied 16-bit length without checking for zero, wrapping to -1. The kernel decoder then read far past the buffer - network-reachable, no auth required.

Read more

Proxy auth key reused across sandboxes

Klaudia Kloc, Dawid Moczadło

Proxy auth keys were cached without scoping to the sandbox ID, opening a path to unauthorized access to other sandboxes.

Read more

We Reproduced Anthropic’s Mythos Findings With Public Models

Klaudia Kloc, Dawid Moczadło, Marek Lewandowski, Amadeusz Lisiecki, Jakub Sienkiewicz, Mikołaj Palkiewicz

TL;DR Anthropic presents Mythos and Project Glasswing as evidence that advanced AI vulnerability research should be restricted. But our replication suggests a different conclusion: the capabilities Anthropic points to are already available in public models, so defenders should prepare for that reality instead.

Read more

Detecting Complex Vulnerabilities in Real-World Code: An LLM Benchmark

Klaudia Kloc, Dawid Moczadło

Large Language Models (LLMs) are increasingly applied to software security tasks, yet their effectiveness in identifying complex vulnerabilities in real-world code remains poorly understood due to limitations in existing benchmark datasets. This research introduces a new benchmark specifically designed to evaluate LLMs in realistic security code reviews.

Read more

How we helped make Lovable more secure

Klaudia Kloc, Dawid Moczadło

This is an incredible story of how we chained five low severity issues into a universal account takeover in Lovable. Part of the hack was done by exploiting vulnerabilities in Google (Firebase) and part - in Lovable. It resulted in finding a way to implant the code that could take over any Lovable user account that visits an infected link. After we reported it, Lovable fixed the problem in a matter of hours, and VIDOC helped them secure their product and development cycle.

Read more

SSRF to the internal network

Klaudia Kloc, Dawid Moczadło

A flawed private-IP check ignored the 172.16.0.0/12 range, so attacker-controlled DNS could make the scraper reach internal services.

Read more