Share
## https://sploitus.com/exploit?id=4A164008-8F68-5463-89A3-1ACB231403FF
# ๐Ÿ›ก๏ธ CVE Disclosures ๐Ÿ›ก๏ธ

Welcome to my CVE disclosures repository. Here you'll find security vulnerabilities I have discovered in open source software through independent security research.

## CVEs I Have Discovered

| CVE | Product | Type | Severity |
| --- | --- | --- | --- |
| [CVE-2026-38566](./HireFlow/CVE-2026-38566/README.md) | HireFlow v1.2 | Cross-Site Request Forgery (CSRF) | High |
| [CVE-2026-38567](./HireFlow/CVE-2026-38567/README.md) | HireFlow v1.2 | SQL Injection | Critical |
| [CVE-2026-38568](./HireFlow/CVE-2026-38568/README.md) | HireFlow v1.2 | Incorrect Access Control (IDOR) | High |
| [CVE-2026-38569](./HireFlow/CVE-2026-38569/README.md) | HireFlow v1.2 | Stored Cross-Site Scripting (XSS) | High |

*This list will be updated as new vulnerabilities are discovered and disclosed.*

## About

Independent security researcher focused on finding and responsibly disclosing vulnerabilities in open source software.

All vulnerabilities listed here were reported to the vendor prior to public disclosure and patches were made available before publication.

## Responsible Disclosure

I follow a responsible disclosure process:
1. Discover vulnerability
2. Report to vendor privately
3. Allow time for patch development
4. Publish disclosure after patch is available