Finding vulnerabilities in modern software,
disclosing them responsibly.

Discovering security vulnerabilities in modern web applications and open source software.

I aim to provide clear, actionable reports that help maintainers understand real‑world impact and ship safer software.

I follow industry‑standard responsible disclosure practices. When I discover a vulnerability, I contact the project maintainers or security team privately with:

• Clear reproduction steps and affected components
• A concise description of impact and realistic attack scenarios
• Remediation suggestions or relevant references where possible

I do not publicly share technical details, proof‑of‑concept exploits, or attack paths until a fix is available and users have had a reasonable opportunity to patch.