aviral srivastava

@aviralxroot

Offensive AI Security & Exploit Development

Sunnyvale, USAJoined March 2026

About

I explore the offensive side of cybersecurity through exploit research, AI security, and vulnerability discovery. Here, I document real bugs, attack paths, and technical deep dives into how modern software and AI systems fail.

Available for

Nothing here yet.

aviral srivastava's blogs

Offensive AI Exploitationaviraxroot.hashnode.dev2 posts

Articles Threads Comments

Recently published

ASaviral srivastavaaviraxroot.hashnode.dev

0

CVE-2026-33017: How I Found an Unauthenticated RCE in Langflow by Reading the Code They Already Fixed

2h ago · 9 min read · In early 2025, CISA added CVE-2025-3248 to their Known Exploited Vulnerabilities catalog. It was an unauthenticated remote code execution bug in Langflow, the popular open-source AI workflow builder w

Join discussion

ASaviral srivastavaaviraxroot.hashnode.dev

0

I Found a SQL Injection in an AI Agent. It Taught Me That We Broke the First Rule of Database Security.

3d ago · 13 min read · I was two hours into auditing AnythingLLM when I stopped scrolling and stared at my screen for a good ten seconds. Not because the code was complex. Because it was the opposite. javascript getTableSch

Join discussion

aviral srivastava

About

Available for

aviral srivastava's blogs

Recently published

CVE-2026-33017: How I Found an Unauthenticated RCE in Langflow by Reading the Code They Already Fixed

I Found a SQL Injection in an AI Agent. It Taught Me That We Broke the First Rule of Database Security.

Search Hashnode

aviral srivastava

About

Available for

aviral srivastava's blogs

Recently published

CVE-2026-33017: How I Found an Unauthenticated RCE in Langflow by Reading the Code They Already Fixed

I Found a SQL Injection in an AI Agent. It Taught Me That We Broke the First Rule of Database Security.