Dark C0d3rs

Dark C0d3rs > Exploit Log > Research Papers/Vulnerability reports > HackerOne Disclosed Reports - 2026-06-16
Full Version: HackerOne Disclosed Reports - 2026-06-16
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

hashXploiter

Yesterday, 12:30 PM
Logo
High
resolved

Unauthenticated file deletion via deleteFileMessage DDP method allows permanent destruction of any uploaded file


Bug reported by eldudarino was disclosed at June 16, 2026, 9:47 am   |   Improper Authentication - Generic


Logo
Low
resolved

Malicious Conflux Endpoint Can Leave Stale Global OOO Queue Accounting After Teardown


Bug reported by was disclosed at June 16, 2026, 7:16 am   |   Uncontrolled Resource Consumption

A vulnerability was discovered in Tor's Conflux OOO queue accounting. The vulnerability could cause the global OOO queue byte counter to remain inflated after a Conflux set was torn down, even though the memory had already been freed. This was due to a lack of accounting updates during the teardown process. No sensitive information was included in the report.


Dark C0d3rs > Exploit Log > Research Papers/Vulnerability reports > HackerOne Disclosed Reports - 2026-06-16