Browse all 8 CVE security advisories affecting sergejey. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Sergejey primarily develops security research tools and vulnerability analysis software, focusing on identifying and mitigating web application flaws. Historically, their work has frequently exposed remote code execution, cross-site scripting, and privilege escalation vulnerabilities across multiple platforms. Notable characteristics include a preference for thorough documentation of findings and a track record of responsibly disclosing critical issues. While no major public security incidents directly linked to their tools have been widely reported, their CVE contributions consistently highlight systemic weaknesses in common web frameworks and content management systems. Their research often emphasizes practical exploitation techniques alongside remediation strategies.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-27181 | MajorDoMo Unauthenticated Module Uninstall via Market Endpoint — MajorDoMoCWE-862 | 7.5 | High | 2026-02-18 |
| CVE-2026-27180 | MajorDoMo Supply Chain Remote Code Execution via Update URL Poisoning — MajorDoMoCWE-494 | 9.8 | Critical | 2026-02-18 |
| CVE-2026-27179 | MajorDoMo Unauthenticated SQL Injection in Commands Module — MajorDoMoCWE-89 | 8.2 | High | 2026-02-18 |
| CVE-2026-27177 | MajorDoMo Stored Cross-Site Scripting via Property Set Endpoint — MajorDoMoCWE-79 | 7.2 | High | 2026-02-18 |
| CVE-2026-27178 | MajorDoMo Stored Cross-Site Scripting via Method Parameters to Shoutbox — MajorDoMoCWE-79 | 7.2 | High | 2026-02-18 |
| CVE-2026-27176 | MajorDoMo Reflected Cross-Site Scripting in command.php — MajorDoMoCWE-79 | 6.1 | Medium | 2026-02-18 |
| CVE-2026-27175 | MajorDoMo Command Injection in rc/index.php via Race Condition — MajorDoMoCWE-78 | 9.8 | Critical | 2026-02-18 |
| CVE-2026-27174 | MajorDoMo Unauthenticated Remote Code Execution via Admin Console Eval — MajorDoMoCWE-94 | 9.8 | Critical | 2026-02-18 |
This page lists every published CVE security advisory associated with sergejey. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.