About Shubham Shah

Bio

Shubham Shah is SVP of Engineering & Research Australia, having joined Searchlight Cyber following the acquisition of Assetnote (where he was Co-Founder and CTO). Shubham is a prolific bug bounty hunter in the top 50 hackers on HackerOne and has presented at various industry events including QCon London, Kiwicon, AusCert, BSides Canberra and CrikeyCon. In his free time, Shubham enjoys performing high impact application security research.

Posts by Shubham Shah

Breaking Oracle’s Identity Manager: Pre-Auth RCE (CVE-2025-61757)

November 20, 2025

Secondary Context Path Traversal in Omnissa Workspace ONE UEM

August 30, 2025

Struts Devmode in 2025? Critical Pre-Auth Vulnerabilities in Adobe Experience Manager Forms

July 29, 2025

How We Accidentally Discovered a Remote Code Execution Vulnerability in ETQ Reliance

July 22, 2025

Abusing Windows, .NET quirks, and Unicode Normalization to exploit DNN (DotNetNuke)

July 8, 2025

Novel SSRF Technique Involving HTTP Redirect Loops

June 23, 2025

Loose Types Sink Ships: Pre-Authentication SQL Injection in Halo ITSM

April 2, 2025

Doing the Due Diligence: Analyzing the Next.js Middleware Bypass (CVE-2025-29927)

March 24, 2025

Uncovering Critical Vulnerabilities in Magento: A Deep Dive

August 21, 2024