About Shubham Shah

Bio

Shubham Shah is SVP of Engineering & Research Australia, having joined Searchlight Cyber following the acquisition of Assetnote (where he was Co-Founder and CTO). Shubham is a prolific bug bounty hunter in the top 50 hackers on HackerOne and has presented at various industry events including QCon London, Kiwicon, AusCert, BSides Canberra and CrikeyCon. In his free time, Shubham enjoys performing high impact application security research.

Posts by Shubham Shah

New Age of Collisions: Reading Arbitrary Files Pre-Auth as root in cPanel (CVE-2026-29205)

May 18, 2026

Ghosts of Encryption Past – How we Read All Your Emails in Salesforce Marketing Cloud

May 5, 2026

High Fidelity Check for the cPanel Authentication Bypass (CVE-2026-41940)

April 30, 2026

Breaking Oracle’s Identity Manager: Pre-Auth RCE (CVE-2025-61757)

November 20, 2025

Secondary Context Path Traversal in Omnissa Workspace ONE UEM

August 30, 2025

Struts Devmode in 2025? Critical Pre-Auth Vulnerabilities in Adobe Experience Manager Forms

July 29, 2025

How We Accidentally Discovered a Remote Code Execution Vulnerability in ETQ Reliance

July 22, 2025

Abusing Windows, .NET quirks, and Unicode Normalization to exploit DNN (DotNetNuke)

July 8, 2025

Novel SSRF Technique Involving HTTP Redirect Loops

June 23, 2025