~weirdmachine64.
vulnerability research & disclosure

weirdmachine64.

Security research, tooling, and writeups.

Mohamed Benchikh · Security researcher & bug bounty hunter

2writeups
8topics
2026-07-15last updated

# latest writeup

all research →
Mar 11, 2026

CVE-2025-66413

Git for Windows is the Windows port of Git. Prior to 2.53.0(2), it is possible to obtain a user's NTLM hash by tricking them into cloning from a malicious server.

Show publication
Aug 30, 2023

CVE-2023-39137

An issue in Archive v3.3.7 allows attackers to spoof zip filenames which can lead to inconsistent filename parsing.

Show publication
Aug 30, 2023

CVE-2023-39135

An issue in Zip Swift v2.1.2 allows attackers to execute a path traversal attack via a crafted zip entry.

Show publication