Skip to content
ProjectsSecurityOSSAIInfrastructureWritingContact
All writing

Tagged

#nuclei

1 post

Note Technical

One CVE, Two Ecosystems: a Kopia RCE Check for Metasploit and Nuclei

CVE-2026-45695 is an argument-injection RCE in Kopia's SFTP ProxyCommand handling. I shipped a detection for it twice — a Metasploit exploit and a Nuclei template — and the two idioms disagree in instructive ways.

Read

Newsletter

Notes from building & climbing

New essays and short notes — privacy-first software, AI, security, and the occasional rambling from the trail. Every other week, no filler.