Security Boulevard

Fuzzing to Zero-Day: Pwning V8CTF With TurboFan Type Confusion, CVE-2025-2135

The bug was assigned CVE-2025-2135, and we successfully used it to pwn Google’s V8CTF as a zero-day. The root cause lies in TurboFan’s InferMapsUnsafe() function, which fails to handle aliasing when ...
IEEE

Precise String Domain for Analyzing JavaScript Arrays and Objects

Abstract: JavaScript is a scripting language that is used for creating web pages. It is widely used and a top contender in realworld usage. JavaScript has many dynamic features that makes it ...
GitHub

zeakd/react-naver-maps

Naver Maps JavaScript API v3의 Non-Official React 컴포넌트 라이브러리입니다. 네이버맵의 기본 기능을 최대한 유지하면서, React에서 다루기 쉬운 인터페이스를 제공합니다. React 19 전용, 런타임 의존성 ...
GitHub

0071-Catch-stalling-on-corrupted-map-data-NBT-arrays.patch

diff --git a/src/main/java/net/minecraft/server/NBTTagByteArray.java b/src/main/java/net/minecraft/server/NBTTagByteArray.java index c6b5f70..13e9d0b 100644 --- a/src ...