# CVE Research

A collection of CVE disclosures and security patches by **Stalin S**.

- **Reported** — vulnerabilities discovered and reported by Stalin S.
- **Patched** — security issues where Stalin S coordinated and applied the fix.

---

## Reported

CVEs that were discovered and reported by Stalin S.

| CVE | Description | Severity |
|-----|-------------|----------|
| [CVE-2026-29905](reported/CVE-2026-29905.md) | Kirby CMS Persistent DoS via Malformed Image Upload | Medium |
| [CVE-2026-41037](reported/CVE-2026-41037.md) | Missing Rate Limiting (Quantum Networks Router) | High (8.7) |
| [CVE-2026-41039](reported/CVE-2026-41039.md) | Information Disclosure (Quantum Networks Router) | High (8.7) |
| [CVE-2026-99888](reported/CVE-2026-99888.md) | Information Disclosure (Quantum Networks Router) | High (8.7) |

---

## Patched

CVEs where Stalin S fixed the security issue.

| CVE | Description | Severity |
|-----|-------------|----------|
| [CVE-2026-32138](patches/CVE-2026-32138.md) | API Key Exposure (Nexulean Website) | High |
| [CVE-2026-41575](patches/CVE-2026-41575.md) | DOM-Based XSS (IP Reputation Checker) | Moderate |
| [CVE-2026-41900](patches/CVE-2026-41900.md) | RCE via Sandbox Escape (OpenLearnX) | High |