TNTùng Nguyễn Thanhinblogs.night-wolf.io·May 29 · 4 min readAbusing an Unauthenticated Local Server to Overwrite LLM WikiLocal HTTP servers in desktop apps are easy to overlook during a security review. They don't show up in bug bounty scopes, they're not publicly routable, and developers rarely treat them as a trust bo00