Introduction Hello, I’m Sato (@Nick_nick310 ), a security engineer at GMO Flatt Security Inc. In recent years, the evolution and widespread adoption of Large Language Models (LLM) have been remarkable, and they are being utilized as generative AI in many services and business processes. While LLMs bring significant benefits, new security risks stemming from their characteristics have also been pointed out, making sufficient understanding and countermeasures essential for safe utilization. W...| GMO Flatt Security Research
Introduction Hello. I’m Yamakawa (@dai_shopper3 ), a security engineer at GMO Flatt Security, Inc. LLMs exhibit high capabilities in various applications such as text generation, summarization, and question answering, but they have several limitations when used alone. Fundamentally, a standalone model only has the function of generating strings in response to input natural language. Therefore, to create an autonomous AI based on an LLM, a means to exchange information with the outside and e...| GMO Flatt Security Research
Introduction Hello. I’m Mori (@ei01241 ), a security engineer at GMO Flatt Security, Inc. In recent years, the evolution of Large Language Models (LLMs) has accelerated the development of a wide range of AI applications, such as chatbots, data analysis/summarization, and autonomous agents. LLM frameworks like LangChain and LlamaIndex abstract LLM collaboration and external data connections to improve development efficiency, but behind this convenience lie new security risks. In this article...| GMO Flatt Security Research
An official blog of GMO Flatt Security Inc. based in Tokyo, Japan. We are striving harder to improve the cybersecurity for the local and global community. We strongly believe that identifying and eradicating cyber weaknesses on products will eventually make the internet a much safer medium to communicate and utilize.| GMO Flatt Security Research
Introduction Hello, I’m RyotaK (@ryotkak ), a security engineer at GMO Flatt Security Inc. In May 2025, I participated in the Meta Bug Bounty Researcher Conference 2025. During this event, I discovered a vulnerability (CVE-2025-59489) in the Unity Runtime that affects games and applications built on Unity 2017.1 and later. In this article, I will explain the technical aspects of this vulnerability and its impact. This vulnerability was disclosed to Unity following responsible disclosure pra...| GMO Flatt Security Research
Introduction Hi, I’m canalun (@i_am_canalun ), a security researcher at GMO Flatt Security Inc. This article explores the question: “Why Does XSS Still Occur So Frequently?” We will delve into why this notorious and classic vulnerability despite the widespread adoption of built-in XSS countermeasures in modern development frameworks. The world of web development, especially frameworks, is evolving at a rapid pace, bringing improvements not only in development efficiency but also in secu...| GMO Flatt Security Research
Introduction Hello, I’m RyotaK (@ryotkak ), a security engineer at GMO Flatt Security Inc. A while ago, I reported a remote code execution vulnerability that chains multiple problems in Chatwork, a popular communication tool in Japan. In the report that I sent to the bug bounty platform, I used an obsolete feature of Electron to escalate to the preload context. As the vulnerability was interesting, I’m writing this article to share the details of it.| GMO Flatt Security Research
Introduction Hello, I’m RyotaK ( @ryotkak ), a security engineer at GMO Flatt Security Inc. In October 2024, I was hunting bugs for the GitHub Bug Bounty program. After investigating GitHub Enterprise Server for a while, I felt bored and decided to try to find bugs on GitHub Desktop instead. After reading the source code of GitHub Desktop, I found a bug that allows a malicious repository to leak the user’s credentials. Since the concept of the bug is interesting, I decided to investigate ...| GMO Flatt Security Research
Introduction: The Art of Non-Intrusive Web Recon Hello, I’m pizzacat83 (@pizzacat83 ), a software engineer at Flatt Security Inc. When hunting for bugs, understanding the behavior of a target application is invaluable. The more knowledge you gain about the application—where each functionality resides, how pages and APIs interconnect—the greater your ability to pinpoint weaknesses and unravel vulnerabilities. Imagine a tool that could seamlessly assist with this process, extracting key i...| flatt.tech
Introduction Hello, I’m RyotaK (@ryotkak ), a security engineer at Flatt Security Inc. A few days ago, I was upgrading my home lab network, and I decided to upgrade the OpenWrt on my router.1 After accessing the LuCI, which is the web interface of OpenWrt, I noticed that there is a section called Attended Sysupgrade, so I tried to upgrade the firmware using it. After reading the description, I found that it states it builds new firmware using an online service.| flatt.tech
Introduction Hello, I’m RyotaK (@ryotkak ), a security engineer at Flatt Security Inc. In 2023, James Kettle of PortSwigger published an excellent paper titled Smashing the state machine: the true potential of web race conditions. In the paper, he introduced a new attack technique called single-packet attack that can exploit a race condition without being affected by the network jitter. Quoted from Smashing the state machine: the true potential of web race conditions Recently, I encountered...| flatt.tech
Hello, I’m Shiga( @Ga_ryo_ ), a security engineer at Flatt Security Inc. In this article, I would like to give you a technical description of CVE-2021–20226( ZDI-2021–001 ) which is published before. I discovered this vulnerability and reported it to the vendor via the Zero Day Initiative. This article is not intended to inform you of the dangers of vulnerabilities, but to share tips from a technical point of view.| flatt.tech
Introduction Hello, I’m RyotaK ( @ryotkak ), a security engineer at Flatt Security Inc. Recently, I reported multiple vulnerabilities to several programming languages that allowed an attacker to perform command injection on Windows when the specific conditions were satisfied. Today, affected vendors published advisories of these vulnerabilities , so I’m documenting the details here to provide more information about the vulnerabilities and minimize the confusion regarding the high CVSS score.| flatt.tech
