Anonymous GitHub Account Drops 30+ Undisclosed 0-Days

On June 26, 2026, an anonymous GitHub user published a consolidated repository containing proof-of-concept exploits for over 30 vulnerabilities across more than 20 open-source projects. The repository, titled "exploitarium," includes entries for FFmpeg, libssh2, c-ares, Floci, nghttp2, nmap, OpenVPN Connect, RustDesk, 7-Zip, and others. Many of these vulnerabilities appear to be previously undisclosed 0-days.

The Scale of the Drop

The repository contains 22 folders, each representing a distinct vulnerability or chain. According to the author's own tracking, the repo includes at least 96 tracked entries (files) from 12 former standalone repositories, plus direct entries for 11 more vulnerabilities. The largest folder is objdump-dlx-calc-poc with 41 tracked files, followed by libssh2-publickey-list-calc-poc (10 files) and ghidra-12.1.2-rce-ace-calc-poc (9 files).

Key vulnerabilities include:

  • FFmpeg-rasc-dlta-calc-poc (7 tracked entries, direct entry June 26, 2026) — a heap overflow in FFmpeg's RASC/DLTA decoder.
  • libssh2-cve-2026-55200-poc (3 tracked entries, direct entry June 23, 2026) — a use-after-free in libssh2's public key authentication.
  • c-ares-tcp-uaf-calc-poc (7 tracked entries, direct entry June 24, 2026) — a use-after-free in the c-ares DNS resolver library.
  • floci-apigateway-vtl-rce-poc (3 tracked entries, direct entry June 23, 2026) — remote code execution in Floci's API Gateway VTL engine.
  • nmap-ipv6-extlen-wrap-poc (4 tracked entries, direct entry June 23, 2026) — an integer overflow in Nmap's IPv6 extension header parsing.
  • php857-streambucket-soap-rce-rpoc (6 tracked entries, direct entry June 26, 2026) — remote code execution in PHP 8.5.7's stream bucket handling with SOAP.
  • openvpn-connect-echo-script-ace-poc (8 tracked entries) — arbitrary code execution via OpenVPN Connect's echo script injection.
  • rustdesk-session-permission-pocs (17 tracked entries, direct entry June 25, 2026) — privilege escalation in RustDesk session permissions.

The Methodology: AI-Assisted Fuzzing with a Human Touch

The anonymous researcher provided a detailed statement on their methodology. They wrote: > "My fuzzing workflow was automated by AI with a strict harness. I used GPT-5.5-3-Codex-Spark for ALL the fuzzing, as barely any 'thought' is necessary when provided with an efficient harness."

They clarified that they hold a degree in the subject and have published multiple papers on fuzzing methodology. The AI was used to drive fuzzing, not to write the PoCs: > "None of the actual PoCs themselves were vibe-coded; I did, in fact, hand-type them. I did use AI assistance for RustDesk, however, as I'm not as familiar with the language."

The researcher also noted that the README files are entirely AI-generated, but they reviewed them for accuracy. They emphasized that a state-of-the-art model is not necessary: "You do NOT need a SOTA model to help you identify these issues, I promise!"

Verification and Consistency

To ensure the consolidated repository matches the original standalone repos, the author performed a tree-based comparison on June 23, 2026. They checked 12 repos and 96 tracked entries, requiring identical relative paths, Git object types, tree modes (including executable bits), and Git blob IDs. All 96 entries matched perfectly, confirming the PoCs are unmodified copies.

What This Means for Developers

If you use any of the affected libraries or tools, you should immediately review the PoCs and assess your exposure. The vulnerabilities span:

  • FFmpeg (rasc/delta decoder)
  • libssh2 (two separate vulnerabilities: CVE-2026-55200 and publickey list use-after-free)
  • c-ares (TCP use-after-free)
  • nmap (IPv6 extension length wrap)
  • nghttp2 (upgrade queue poison)
  • PHP 8.5.7 (stream bucket SOAP RCE)
  • Ghidra 12.1.2 (RCE via ACE)
  • OpenVPN Connect (echo script ACE)
  • RustDesk (session permission bypass)
  • 7-Zip (RAR5 MOTW chain)
  • AnyDesk (printer COM impersonation)
  • Gitea (act-runner container options)
  • ImageMagick (Ghostscript delegate hijack)
  • MyBB (limited ACP to admin)
  • VLC (VP9 resolution change crash)
  • System Informer (phsvc trusted host LPE)
  • Docker (cp copyout destination escape)
  • Firefox (SmartWindow private URL exfiltration)
  • Flowise (MCP env case bypass)
  • Lunar/Modrinth (chain)
  • objdump (out-of-bounds write)

Next Steps

  1. Review the PoCs at https://github.com/bikini/exploitarium.
  2. Check if your projects depend on any of the listed libraries and assess whether the vulnerable code paths are reachable.
  3. Apply vendor patches if available — for libssh2, check for CVE-2026-55200. For others, monitor upstream repos.
  4. Consider your own fuzzing pipeline — the researcher's AI-assisted approach is replicable with commodity models and a good harness.

The researcher has stated they will continue dropping findings and can be contacted on Discord (@ashdfrkl). They explicitly prohibit malicious use and describe the work as "good-faith, open-disclosure vulnerability research."