Skip to main content
MemCyber
Critical CVSS 9.1 CORS Responsible Disclosure

Disclosure

Final Deep Results

[redacted].store Final Deep Dive -- All Findings Target: [redacted].store / [target] Bu final deep dive fazinda onceki tapdiqlar uzerine 7 yeni kritik ve yuksek severity bulgu ortaya cixarildi. Toplam etkile 1.44M istifadeci, 197K fatura kaydi, 69K email adresi, 851K degerlendirme ve

Target
SEA Crypto Exchange
Category
CORS
Channel
Responsible Disclosure
Disclosed
2026-03

Redaction note

Vendor identity withheld.

This finding is documented here as part of MemCyber’s public disclosure record. The vendor has been anonymized to a sector and region descriptor. Full technical detail — including root cause, reproducible proof-of-concept, remediation guidance, and vendor attribution where granted — is available to qualified prospects under NDA.

Coordinated disclosure

How we handled it.

  • Reported to the vendor via Responsible Disclosure with a reproducible proof-of-concept.
  • Triage + remediation window coordinated with the vendor security team.
  • Fix verified before any public reference.
  • This record published only after the embargo period closed.

Similar category

Critical

[vendor] -- 30K+ Kullaniciya TOPLU ERISIM: DOGRULANMIS VEKTOR ANALIZI

Crypto Gaming Platform

 Critical

CORS HTTP Downgrade Enables 0-Click Crypto Theft via MITM

Global P2P Crypto Marketplace

 Critical

CORS Origin Reflection + Credentials (Admin Takeover)

Gaming Marketplace

Want the full technical detail?

Named vendor, PoC, remediation — shared under NDA.

Request Assessment