<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"><channel><title>David Carliez</title><description>Just another Freelance Offensive Security Professional. The posts in this blog are snippets of my work that can be shared publicly.</description><link>https://davidcarliez.github.io/</link><item><title>Finding Gaps in Gemini CLI Security Boundaries</title><link>https://davidcarliez.github.io/posts/bypassing-google-gemini-cli-security-measures/</link><guid isPermaLink="true">https://davidcarliez.github.io/posts/bypassing-google-gemini-cli-security-measures/</guid><description>Two rejected Google VRP reports and one design concern from my Gemini CLI testing: a blocked-command bypass, an MCP startup policy bypass, and an MCP permission-scope issue.</description><pubDate>Sat, 13 Jun 2026 00:00:00 GMT</pubDate></item><item><title>CVE-2026-58635 Exploit Development: From a Braille Table to SYSTEM shell</title><link>https://davidcarliez.github.io/posts/cve-2026-58635-braille-to-system/</link><guid isPermaLink="true">https://davidcarliez.github.io/posts/cve-2026-58635-braille-to-system/</guid><description>Exploit development for the Windows Narrator Braille vulnerability, from an unauthenticated BrlAPI parameter write to LocalService execution and an optional SYSTEM shell.</description><pubDate>Thu, 16 Jul 2026 00:00:00 GMT</pubDate></item><item><title>CVE-2026-52860: Vim Arbitrary Code Execution</title><link>https://davidcarliez.github.io/posts/vim-python-omni-completion-rce/</link><guid isPermaLink="true">https://davidcarliez.github.io/posts/vim-python-omni-completion-rce/</guid><description>Root cause and exploit primitive for GHSA-65p9-mwwx-7468 / CVE-2026-52860, a Vim Python omni-completion arbitrary code execution bug fixed in 9.2.0597.</description><pubDate>Fri, 19 Jun 2026 00:00:00 GMT</pubDate></item><item><title>Windows AppResolver LPE: From AppContainer to SYSTEM</title><link>https://davidcarliez.github.io/posts/windows-appresolver-lpe-to-system/</link><guid isPermaLink="true">https://davidcarliez.github.io/posts/windows-appresolver-lpe-to-system/</guid><description>Exploit development for a Windows AppResolver authorization issue fixed in July 2026, from a zero-capability AppContainer to an interactive SYSTEM shell.</description><pubDate>Fri, 17 Jul 2026 00:00:00 GMT</pubDate></item></channel></rss>