I have had a special interest for reverse engineering since high school. Since then, I have looked at all kinds of software, from bootloaders to userland applications. This has led to the discovery of various critical vulnerabilities in software, such as authentication bypasses, and memory corruption leading to remote code execution. Some of my public projects can be found on GitHub.
CTFs
Nowadays, I am a challenge author for the European Cyber Security Challenge and its national qualifiers. Some of the challenges that I have created can be found here.As a player, some of my past achievements include:
2025:
- 1st place at International Cyber Security Challenge as part of Team Europe.
- 2nd place at m0lecon CTF with former Team Europe members.
- 1st place at the International Cyber Security Challenge as part of Team Europe.
- 1st place at the European Cyber Security Challenge as part of Team Germany.
- 1st place at the European Cyber Security Challenge as part of Team Germany.
- 1st place at Cyber Security Challenge Germany (the German qualifiers for ECSC).
- 1st place at Challenge the Cyber (the Dutch qualifiers for ECSC).
- 2nd place at the European Cyber Security Challenge as part of Team Germany.
Pwn2Own
I have successfully demonstrated remote code execution on the following targets at Pwn2Own:- (2026) Kenwood DNR1007XR
- (2025) Philips Hue Bridge
CVEs
The following table includes some of my CVEs.| CVE | Product | Description |
|---|---|---|
| CVE-2026-9063 | Axis OS | (not yet disclosed) |
| CVE-2026-9035 | IBM Aspera | Path traversal allowing arbitrary files to be read |
| CVE-2026-8180 | IBM Aspera | Null pointer dereference leading to crash |
| CVE-2026-8179 | IBM Aspera | Stack overflow leading to remote code execution |
| CVE-2026-8175 | IBM Aspera | Unauthenticated heap overflow leading to authentication bypass and potential RCE |
| CVE-2026-7876 | IBM Aspera | Authentication bypass |
| CVE-2024-6612 | Mozilla Firefox | CSP violations were leaked to an attacker through DNS prefetching |
Note that not all software vendors issue a CVE for vulnerabilities that are reported to them.
Public Reports
Unfortunately I am not allowed to disclose most reports that I have submitted through bug bounty programs. The following table lists the reports for which I have requested disclosure and disclosure has been granted. Click on the date to view the respective report.| Reported At | Vendor | Description |
|---|---|---|
| 2025-12-13 | Nintendo | ASLR leak in Mario Kart World (link) |
| 2025-06-06 | Nintendo | TLS certificate verification bypass on Nintendo Switch (link) |
| 2018-12-19 | Nintendo | Stack overflow in game server client leading to RCE in many games (link) |