We study how systems break. Our work focuses on vulnerability discovery, real-world attack techniques and understanding how modern systems fail under pressure.
Kernel OOB read in netfilter H.323 ASN.1 decoder
Klaudia Kloc, Dawid Moczadłodecode_int() called get_uint() without bounds-checking a length value read from a CONS-encoded H.323/RAS packet, causing a 1-4 byte slab-out-of-bounds read in the kernel.
Kernel OOB read in netfilter H.323 Q.931 decoder
Klaudia Kloc, Dawid MoczadłoDecodeQ931() decremented a wire-supplied 16-bit length without checking for zero, wrapping to -1. The kernel decoder then read far past the buffer - network-reachable, no auth required.
Proxy auth key reused across sandboxes
Klaudia Kloc, Dawid MoczadłoProxy auth keys were cached without scoping to the sandbox ID, opening a path to unauthorized access to other sandboxes.
We Reproduced Anthropic’s Mythos Findings With Public Models
Klaudia Kloc, Dawid Moczadło, Marek Lewandowski, Amadeusz Lisiecki, Jakub Sienkiewicz, Mikołaj PalkiewiczTL;DR Anthropic presents Mythos and Project Glasswing as evidence that advanced AI vulnerability research should be restricted. But our replication suggests a different conclusion: the capabilities Anthropic points to are already available in public models, so defenders should prepare for that reality instead.
Detecting Complex Vulnerabilities in Real-World Code: An LLM Benchmark
Klaudia Kloc, Dawid MoczadłoLarge Language Models (LLMs) are increasingly applied to software security tasks, yet their effectiveness in identifying complex vulnerabilities in real-world code remains poorly understood due to limitations in existing benchmark datasets. This research introduces a new benchmark specifically designed to evaluate LLMs in realistic security code reviews.
How we helped make Lovable more secure
Klaudia Kloc, Dawid MoczadłoThis is an incredible story of how we chained five low severity issues into a universal account takeover in Lovable. Part of the hack was done by exploiting vulnerabilities in Google (Firebase) and part - in Lovable. It resulted in finding a way to implant the code that could take over any Lovable user account that visits an infected link. After we reported it, Lovable fixed the problem in a matter of hours, and VIDOC helped them secure their product and development cycle.
SSRF to the internal network
Klaudia Kloc, Dawid MoczadłoA flawed private-IP check ignored the 172.16.0.0/12 range, so attacker-controlled DNS could make the scraper reach internal services.