Posts tagged with #writeups

• 🔒 Manipulating LinkedIn's Search Algorithm and Poisoning SERP Results

  Mar 31, 2026 (in 4 weeks) 1000 rvfet

  

  security research writeups

  Affected Company:

  LinkedIn

  How I discovered a validation and logic flaw in LinkedIn's Search Algorithm that allowed me to manipulate search results and poison the search experience for users.

  Full Write-up

• 🔒 Zero-Click Phishing & Email DoS via Google's Identity Toolkit

  Mar 10, 2026 (next week) 1000 rvfet

  

  abuse-vrp dos phishing writeups

  Affected Company:

  Google

  How I discovered a logic flaw in Google's Identity Toolkit that allowed unauthenticated attackers to send unlimited official security notifications with content injection for high-fidelity phishing and DoS.

  Full Write-up

• P2/S2 Unauthenticated Redirect Loop Leading to DoS In Google Image Proxy

  Feb 25, 2026 (4 days ago) 1000 rvfet

  

  abuse-vrp dos ssrf writeups

  Affected Company:

  Google

  How I discovered a logic flaw in Google's internal proxy service that led to unauthenticated, attribution-free DDoS amplification and infrastructure resource exhaustion.

  Full Write-up

• CVSS 6.5 Persistent State Corruption in Linear.app

  Dec 10, 2025 (3 months ago) 1000 rvfet

  

  logic-bug graphql dos writeups

  Affected Company:

  Linear.app

  How I discovered a logic flaw in Linear.app's optimistic UI architecture that allowed authenticated users to permanently 'brick' other accounts via ID collision, resulting in a persistent Denial of Service (DoS) with no recovery path.

  Full Write-up

• CVSS 9.6 Account Takeover in Azerbaijan's Most Visited Platforms

  Dec 8, 2025 (3 months ago) 1000 rvfet

  

  security research writeups

  Affected Companies:

  tap.az ,

  turbo.az

  How I discovered a critical Open Redirect to Account Takeover (ATO) vulnerability in Azerbaijan's largest online marketplaces, tap.az and turbo.az

  Azərbaycanca Full Write-up