ASaviral srivastavainaviraxroot.hashnode.dev·Mar 29 · 10 min readI Found 5 Security Vulnerabilities in XGBoost. Here's What Happened.XGBoost is one of the most important libraries in machine learning. 26,000+ GitHub stars. Used by banks for fraud detection, insurance companies for risk modeling, tech companies for ranking systems, 00
ASaviral srivastavainaviraxroot.hashnode.dev·Mar 19 · 9 min readCVE-2026-33017: How I Found an Unauthenticated RCE in Langflow by Reading the Code They Already FixedIn early 2025, CISA added CVE-2025-3248 to their Known Exploited Vulnerabilities catalog. It was an unauthenticated remote code execution bug in Langflow, the popular open-source AI workflow builder w00
ASaviral srivastavainaviraxroot.hashnode.dev·Mar 16 · 13 min readI Found a SQL Injection in an AI Agent. It Taught Me That We Broke the First Rule of Database Security.I was two hours into auditing AnythingLLM when I stopped scrolling and stared at my screen for a good ten seconds. Not because the code was complex. Because it was the opposite. javascript getTableSch00