Skip to content
View Alardiians's full-sized avatar
2 followers · 0 following

Highlights

Block or report Alardiians

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Alardiians/README.md

Hi, I'm Alardiians

Security researcher. I find and report vulnerabilities in open source software, mostly authentication and authorization bugs in Go web backends. I also do bug bounty work.

Published CVEs

CVE Project Class Lab + writeup
CVE-2026-44166 PocketBase OAuth2 account pre-hijacking repo
CVE-2026-28699 Gitea OAuth2 scope bypass via HTTP Basic auth repo

Each repo has a writeup and a lab you can run. The lab pins the exact vulnerable and patched versions, scripts the attack, and prints a clear pass or fail so the difference between the two builds is obvious.

What I look at

  • OAuth2 and OIDC flows, and the spots where two parts of a system disagree about identity or scope
  • Authentication and authorization logic in general
  • Source review of Go backends

Start with the writeup in either repo and run the PoC from there.

Pinned Loading

  1. gitea-CVE-2026-28699 gitea-CVE-2026-28699 Public

    Lab + writeup for CVE-2026-28699: Gitea OAuth2 scope enforcement bypass via HTTP Basic auth

    Python 1

  2. pocketbase-CVE-2026-44166 pocketbase-CVE-2026-44166 Public

    Lab + writeup for CVE-2026-44166: PocketBase OAuth2 account pre-hijacking via unvalidated createData.email

    Python 1