# CVE Research

A collection of CVE disclosures and security patches by **Stalin S**.

- **Reported** — vulnerabilities discovered and reported by Stalin S.
- **Patched** — security issues where Stalin S coordinated and applied the fix.

---

## Reported

CVEs that were discovered and reported by Stalin S.

| CVE | Description | Severity |
|-----|-------------|----------|
| [CVE-2026-29905](reported/CVE-2026-29905.md) | Kirby CMS — Persistent DoS via Malformed Image Upload | Medium |
| [CVE-2026-41037](reported/CVE-2026-41037.md) | Quantum Networks Router — Missing Rate Limiting | High |
| [CVE-2026-41039](reported/CVE-2026-41039.md) | Quantum Networks Router — Information Disclosure | High |

---

## Patched

CVEs where Stalin S fixed the security issue.

| CVE | Description | Severity |
|-----|-------------|----------|
| [CVE-2026-32138](patches/CVE-2026-32138.md) | Nexulean Website — API Key Exposure | High |
| [CVE-2026-41575](patches/CVE-2026-41575.md) | IP Reputation Checker — DOM-Based XSS | Moderate |
| [CVE-2026-41900](patches/CVE-2026-41900.md) | OpenLearnX — RCE via Sandbox Escape | High |