CVE-2025-26673 (CVSS 7.5) (w/ Shahak Morag) - Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
CVE-2025-32724 (CVSS 7.5) (w/ Shahak Morag) - Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability
15 different exploitations of agent hijacking in Gemini (w/ Ben Nassi & Stav Cohen)
CVE-2024-10668 (CVSS 5.9) (w/ Shmuel Cohen) - Google Quick Share for Windows - Accept File Dialog Bypass
RCE attack chain on Quick Share (CVE was not issued, involves CVE-2024-38271 & CVE-2024-38272 & more)
CVE-2024-38271 (CVSS 5.9) (w/ Shmuel Cohen) - Google Quick Share for Windows - Forced WiFi connection for MITM
CVE-2024-38272 (CVSS 7.1) (w/ Shmuel Cohen) - Google Quick Share for Windows & Android - Accept File Dialog Bypass
CVE-2023-36396 (CVSS 7.8) - Windows Compressed Folder Remote Code Execution Vulnerability
CVE-2024-30093 (CVSS 7.3) - Windows Storage Elevation of Privilege Vulnerability
CVE-2023-32054 (CVSS 7.5) - Volume Shadow Copy Elevation of Privilege Vulnerability
CVE-2022-37971 (CVSS 7.5) - Windows Defender & Defender For Endpoint Privilege Escalation
CVE-2022-45797 (CVSS 7.1) - Trend Micro Apex One Privilege Escalation on Windows
CVE-2022-4173 (CVSS 7.3) - Avast Anti Virus & AVG Anti Virus Privilege Escalation on Windows
SentinelOne Privilege Escalation on Windows (CVE was not issued🤷♂️ nor a fully public credit)
CVE-2023-42757 - Process Explorer Denial of Service