khoadha

khoadha

Also known as: l0ggg

Researcher

Security Research

Security researcher specializing in Java and enterprise application security. He has discovered several zero-day vulnerabilities across major platforms including Atlassian, ManageEngine, Oracle, VMware, and Microsoft, notably contributing to the SharePoint ToolShell vulnerability (2025).

🔒
12
Advisories
0 this year
📚
0
Publications
Research papers
🏆
3
Recognition
Awards & bounties
🏢
4
Vendors
Organizations

📊 Activity Overview

Last 12 Months Activity

Mar
Apr
May
1
Jun
Jul
4
Aug
Sep
Oct
1
Nov
Dec
Jan
Feb

Top Vendors

Microsoft 6 vulnerabilities
Atlassian 3 vulnerabilities
Oracle 2 vulnerabilities
Zoho 1 vulnerability

Discovery Timeline

2025

4 advisories , 2 awards
🏆 Recognition
Top 5 Pwn2Own Ireland (IoT) 2025
Canon, Lexmark, Home Assistant, Philips
🏅 Pwn2Own
🔒 Advisory
CVE-2025-49706
Microsoft SharePoint authentication bypass
Microsoft
🔒 Advisory
CVE-2025-49704
Microsoft SharePoint insecure deserialization
Microsoft
🔒 Advisory
CVE-2025-53771
Microsoft SharePoint authentication bypass
Microsoft
🔒 Advisory
CVE-2025-53770
Microsoft SharePoint insecure deserialization
Microsoft
🏆 Recognition
Top 2 Pwn2Own Berlin 2025
Oracle, Microsoft, NVIDIA
🏅 Pwn2Own

2024

1 advisory , 1 award
🏆 Recognition
Master of Pwn in Pwn2Own Ireland (IoT) 2024
Lorex, Synology, Sonos, HP, QNAP, Lexmark, Canon, Ubiquiti, TrueNAS
🏅 Pwn2Own
🔒 Advisory
CVE-2024-32987
CVE-2024-32987
Microsoft

2022

5 advisories
🔒 Advisory
CVE-2022-0540
CVE-2022-0540
Atlassian
🔒 Advisory
CVE-2022-21306
CVE-2022-21306
Oracle
🔒 Advisory
CVE-2022-26136
CVE-2022-26136
Atlassian
🔒 Advisory
CVE-2022-26137
CVE-2022-26137
Atlassian
🔒 Advisory
CVE-2022-47966
CVE-2022-47966
Zoho

2021

2 advisories
🔒 Advisory
CVE-2021-36975
CVE-2021-36975
Microsoft
🔒 Advisory
CVE-2021-35684
CVE-2021-35684
Oracle

🔒 CVE Advisories 12

Security vulnerabilities discovered and disclosed

🏆 Recognition & Highlights 3

Bug bounty rewards and achievements