zlacker

Related: https://arstechnica.com/gadgets/2025/05/open-source-project-...

>>ikmcke+(OP)
The main difference is that all of the vulnerabilities reported here are real, many quite critical (XXE, RCE, SQLi, etc.). To be fair there were definitely a lot of XSS, but the main reason for that is that it's a really common vulnerability.

>>moyix+5i
All of them are real? You have a 100% rate of reports closed as valid?