EXODUS BLOG

General Research

Adobe Acrobat Reader Escript.api Use-After-Free Remote Code Execution

JUNE 1, 2026

By Michele Campa Overview In this blog post we take a look at a use-after-free vulnerability found in Adobe Acrobat Reader’s Escript.api module in February 2025. This issue was patched on April 2026 and...

Microsoft Windows Cloud Files Minifilter TOCTOU Privilege Escalation

OCTOBER 20, 2025

By Michele Campa Overview In this blog post we take a look at a race condition we found in Microsoft Windows Cloud Minifilter (i.e. cldflt.sys) in March 2024. This vulnerability was patched in October...

Oops Safari, I think You Spilled Something!

AUGUST 4, 2025

Overview In February 2023, researchers at Exodus Intelligence discovered a bug in the Data Flow Graph (DFG) compiler of WebKit, the browser engine used by Safari. This bug, CVE-2024-44308, was patched by Apple in...

Windows Sockets: From Registered I/O to SYSTEM Privileges

DECEMBER 2, 2024

By Luca Ginex Overview This post discusses CVE-2024-38193, a use-after-free vulnerability in the afd.sys Windows driver. Specifically, the vulnerability is in the Registered I/O extension for Windows sockets. The vulnerability was patched in the...

Mind the Patch Gap: Exploiting an io_uring Vulnerability in Ubuntu

MARCH 27, 2024

By Oriol Castejón Overview This post discusses a use-after-free vulnerability, CVE-2024-0582, in io_uring in the Linux kernel. Despite the vulnerability being patched in the stable kernel in December 2023, it wasn’t ported to Ubuntu kernels for over...

Google Chrome V8 CVE-2024-0517 Out-of-Bounds Write Code Execution

JANUARY 19, 2024

By Javier Jimenez and Vignesh Rao Overview In this blog post we take a look at a vulnerability that we found in Google Chrome’s V8 JavaScript engine a few months ago. This vulnerability was patched...

Safari, Hold Still for NaN Minutes!

DECEMBER 11, 2023

By Vignesh Rao and Javier Jimenez Introduction In October 2023 Vignesh and Javier presented the discovery of a few bugs affecting JavaScriptCore, the JavaScript engine of Safari. The presentation revolved around the idea that browser research is...

Shifting boundaries: Exploiting an Integer Overflow in Apple Safari

JULY 20, 2023

By Vignesh Rao Overview In this blog post, we describe a method to exploit an integer overflow in Apple WebKit due to a vulnerability resulting from incorrect range computations when optimizing Javascript code. This...

Google Chrome V8 ArrayShift Race Condition Remote Code Execution

MAY 16, 2023

By Javier Jimenez Overview This post describes a method of exploiting a race condition in the V8 JavaScript engine, version 9.1.269.33. The vulnerability affects the following versions of Chrome and Edge: Google Chrome versions between...

Escaping Adobe Sandbox: Exploiting an Integer Overflow in Microsoft Windows Crypto Provider

APRIL 6, 2023

By Michele Campa Overview We describe a method to exploit a Windows Nday vulnerability to escape the Adobe sandbox. This vulnerability is assigned CVE-2021-31199 and it is present in multiple Windows 10 versions. The...

1 2 Next →