Michael Imfeld (born0monday)

4 exploits Active since Aug 2025
CVE-2025-8760 GITHUB CRITICAL python WORKING POC
INSTAR 2K+/4K <3.11.1.1124 - Buffer Overflow
A vulnerability was identified in INSTAR 2K+ and 4K 3.11.1 Build 1124. This affects the function base64_decode of the component fcgi_server. The manipulation of the argument Authorization leads to buffer overflow. It is possible to initiate the attack remotely.
4 stars
CVSS 9.8
CVE-2026-4391 GITHUB MEDIUM rust WORKING POC
TeamSpeak 3 Server ECC Key heap-based overflow
A security vulnerability has been detected in TeamSpeak 3 Server up to 3.13.7. This vulnerability affects unknown code of the component ECC Key Parser. Such manipulation leads to heap-based buffer overflow. The attack may be launched remotely. Upgrading to version 3.13.8 is able to resolve this issue. It is suggested to upgrade the affected component.
CVSS 5.3
CVE-2026-4392 GITHUB MEDIUM rust WORKING POC
TeamSpeak 3 Server clientek Handshake assertion
A vulnerability was detected in TeamSpeak 3 Server up to 3.13.7. This issue affects some unknown processing of the component clientek Handshake Handler. Performing a manipulation of the argument proof results in reachable assertion. Remote exploitation of the attack is possible. Upgrading to version 3.13.8 is capable of addressing this issue. Upgrading the affected component is recommended.
CVSS 5.3
CVE-2026-4390 NOMISEC MEDIUM WORKING POC
TeamSpeak 3 Server Connection State Management process_resend_queue use after free
A weakness has been identified in TeamSpeak 3 Server up to 3.13.7. This affects the function process_resend_queue of the component Connection State Management. This manipulation causes use after free. The attack may be initiated remotely. Upgrading to version 3.13.8 is able to mitigate this issue. The affected component should be upgraded.
CVSS 5.4