Building Products for Vulnerability Research.

Our products empower professionals to speed up software vulnerability research and uncover bugs more effectively.

Our Advisories

Real-world results from our research products.

CVE-2024-44192

Apple Safari

WebCore - Type Confusion

CVE-2024-44192

Apple Safari

WebCore - Type Confusion

CVE-2024-54534

Apple WebKit

WebCore - Use After Free

CVE-2024-54534

Apple WebKit

WebCore - Use After Free

CVE-2024-7025

Google Chrome

Blink Layout – Integer Overflow

CVE-2024-7025

Google Chrome

Blink Layout – Integer Overflow

CVE-2024-9121

Google Chrome

V8 – Inappropriate implementation

CVE-2024-9121

Google Chrome

V8 – Inappropriate implementation

  • CVE-2024-44192

    Apple Safari

    WebCore - Type Confusion

    CVE-2024-44192

    Apple Safari

    WebCore - Type Confusion

  • CVE-2024-54534

    Apple WebKit

    WebCore - Use After Free

    CVE-2024-54534

    Apple WebKit

    WebCore - Use After Free

  • CVE-2024-7025

    Google Chrome

    Blink Layout – Integer Overflow

    CVE-2024-7025

    Google Chrome

    Blink Layout – Integer Overflow

  • CVE-2024-9121

    Google Chrome

    V8 – Inappropriate implementation

    CVE-2024-9121

    Google Chrome

    V8 – Inappropriate implementation

  • CVE-2024-7967

    Google Chrome

    Blink Fonts – Heap buffer overflow

    CVE-2024-7967

    Google Chrome

    Blink Fonts – Heap buffer overflow

From The Blog

  • CVE-2026-6307 (Part 2): Turbofan JS-to-Wasm Deopt Type Confusion

    Authored by stratan In Part 1, we went over the background details that are needed to follow along, as well as the trigger specifics of the bug. In Part 2, we'll go through the relevant code paths, analyze[...]

  • CVE-2026-6307 (Part 1): Turbofan JS-to-Wasm Deopt Type Confusion

    Authored by stratan Summary CVE-2026-6307 is a V8 compiler bug in the metadata used to recover from optimized JS-to-Wasm calls. The upstream regression describes the bug as a missing signature comparison in FrameStateFunctionInfo::operator==. A type confusion in[...]

    Fuzzing Series II: Precise Code Coverage

    Code Coverage is a technique used to obtain information about which internal code of a binary is being executed when it is running. In Fuzz Testing, we can receive this feedback from the Target on each execution, allowing us[...]

Hello! We build advanced products for vulnerability research.

Our tools are designed to help uncover unique and impactful software flaws.