// Security Advisories

Vulnerabilities I’ve discovered and disclosed, tracked under the BVE-YYYY-NNNN identifier scheme.

BVE-2026-0008 Pending PendingCritical 2026-04-27
BVE-2026-0007 STIGQter: Local Code Execution via Crafted .stigqter Project File + Export HTML (User Interaction Required) FixedHighCVE-2026-42881squinky86 (Jon Hood) 2026-04-30
BVE-2026-0006 Pending PendingCritical 2026-04-22
BVE-2026-0005 Pending PendingCritical 2026-04-22
BVE-2026-0004 Pending PendingCritical 2026-04-22
BVE-2026-0003 ok_json: heap buffer overread in true/false/null keyword matching FixedHighionux 2026-04-22
BVE-2026-0002 ok_json: heap buffer overread in UTF-8 validation FixedHighionux 2026-04-22
BVE-2026-0001 ok_json: heap buffer overread in \uXXXX escape parsing FixedHighionux 2026-04-22