NEWS > Research Blog

X41 discovered a vulnerability in Chilkat's ASN.1 decoder

X41 discovered multiple vulnerabilities in Antragsgrün

X41 releases the audit report of Eclipse Cyclone DDS

X41 explores using power side channels for fuzzing coverage guidance.

A proof of concept for how the vulnerability in Chilkat's PRNG impacted an app using it.

The Chilkat library generated secret key material using a pseudorandom number generator not designed for cryptographic purposes. Attackers observing a sufficient number of outputs can recover past and future outputs of it. This includes, for example, key material generated with it, allowing attackers to decrypt or alter data protected by the key material.

X41 announces the companys first product - A CVSS calculator that scales!

X41 releases the code audit report of BIND 9

X41 reviewed Rust-VMM

Yasar Klawohn and JM of X41 discovered multiple vulnerabilities in OPNsense

X41 releases the code review report of OpenSearch

X41 reviewed the fuzzers employed to exercise the code base of Envoy

X41 releases the audit report of libjpeg-turbo

X41 releases the audit report of Go TUF

X41 releases the audit report of in-toto

X41 releases the audit report of c-ares

X41 releases the audit report of libcap

X41 releases the audit report of simplejson

X41 releases the audit report of Git

X41 releases the audit report of The Update Framework.