Skip to content
View AL-Cybision's full-sized avatar
30 followers · 25 following
  • Gray

Highlights

Block or report AL-Cybision

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
AL-Cybision/README.md

πŸ‘¨πŸ»β€πŸ’Ό Muhammad Noman Ilyas (AL-Cybision)

πŸ›‘οΈ Application Security & Vulnerability Researcher

GitHub Followers LinkedIn


OSWE Badge

πŸ” SECURE CODE REVIEW Β Β  πŸ›‘οΈ VULNERABILITY RESEARCH Β Β  πŸ€– AI/ML MODEL FILE VULNS

Highlights

πŸͺ² Vulnerabilities Discovered

CVE ID CVSS Project Summary References
CVE-2026-6691 πŸ”΄ 8.6 High πŸƒ MongoDB C Driver Cyrus SASL username canonicalization heap buffer overflow via unsafe string copy leads to RCE & DoS CDRIVER-6134
CVE-2025-11157 πŸ”΄ 7.8 High 🍽️ Feast Unsafe PyYAML deserialization in Kubernetes materializer enables arbitrary code execution Fix PR #5643 / Huntr
CVE-2025-59420 πŸ”΄ 7.5 High πŸ” Authlib JWT/JWS accepts unknown crit headers β†’ possible authz bypass GHSA-9ggr-2464-2j32
CVE-2025-61920 πŸ”΄ 7.5 High πŸ” Authlib DoS via oversized JOSE segments GHSA-pq5p-34cr-23v9
CVE-2025-62706 🟑 6.5 Medium πŸ” Authlib zip=DEF decompression bomb enables DoS GHSA-g7f3-828f-7h7m

πŸ”’ Private Validated Findings

Status Area Public-safe summary
Private / Validated joblib model-file security Load-time model artifact deserialization issue leading to code-execution risk and scanner-evasion behavior. Technical details withheld until disclosure.
Private / Validated Keras .keras model-file security Safe-mode model-loading bypass class involving model configuration/data-loading behavior, aligned with later public Keras CVE-2025-12058 research. Technical details withheld until disclosure.

🀝 Contributions

Project Description Version Link
Go-Jose Fixed bug: b64 header ignored in unprotected header (now rejected). v4.1.3 PR #210
Authlib Collaborated on patch for critical header validation bypass. v1.6.4 PR #823

Pinned Loading

  1. authlib/authlib authlib/authlib Public

    The ultimate Python library in building OAuth, OpenID Connect clients and servers. JWS, JWE, JWK, JWA, JWT included.

    Python 5.3k 535

  2. go-jose go-jose Public

    Forked from go-jose/go-jose

    An implementation of JOSE standards (JWE, JWS, JWT) in Go

    Go

  3. huggingface/huggingface_hub huggingface/huggingface_hub Public

    The official Python client for the Hugging Face Hub.

    Python 3.6k 1k