Abusing an Unauthenticated Local Server to Overwrite LLM Wiki

12h ago · 4 min read · Local HTTP servers in desktop apps are easy to overlook during a security review. They don't show up in bug bounty scopes, they're not publicly routable, and developers rarely treat them as a trust bo