This repository hosts public security advisories authored by Suman Roy. These documents serve as the official references for assigned Common Vulnerabilities and Exposures (CVE) identifiers and document the technical details of discovered vulnerabilities.
The contents of this repository are limited to:
- β Public advisories for assigned CVE IDs.
- β Technical descriptions of vulnerability types and impact.
- β Version information for affected software.
- β Remediation or mitigation steps.
This repository may contain:
β οΈ Exploit code, payloads, or active Proof of Concept (PoC) scripts.β οΈ Vulnerability details for issues.
| CVE ID | Status | Affected Software | Vulnerability Type | NVD Link | PoC/Advisory |
|---|---|---|---|---|---|
| CVE-2025-70559 | π’ Live | pdfminer.six (All versions) | Insecure Pickle Deserialization | NVD | π Details | π GHSA |
| CVE-2025-70560 | π’ Live | boltz (All versions) | Insecure Pickle Deserialization | NVD | π Details | π Issue |
Legend: π’ Live |
β οΈ Pending | π΄ Disputed
All disclosures are made in accordance with responsible disclosure practices. Technical details are published only after:
- The vulnerability has been reported to the vendor or maintainer.
- A coordinated release date has been reached, or a reasonable remediation period has elapsed.
- A patch or mitigation is available for users.
Advisories are maintained as individual Markdown files in the root directory as per their respective Year, named by their corresponding CVE ID (e.g., CVE-YYYY-NNNNN.md).
Security research and advisories are authored by Suman Roy.
- π§ Email: secureme@sumanroy.in
- π Website: sumanroy.in
- π LinkedIn: linkedin.com/in/sumanrox