# Research

- [AI is coming for your C code and it does not need coffee](/blog/ai-coming-for-your-c-code.md) (2026-04-03)
- [Rtpengine RTP Injection and Media Bleed Vulnerabilities (CVE-2025-53399)](/blog/rtpengine-critical-security-advisory-cve-2025-53399.md) (2025-07-31)
- [OpenSIPS Security Audit Report is fully disclosed and out there](/blog/opensips-security-audit-report.md) (2023-03-17)
- [Kamailio's exec module considered harmful](/blog/kamailio-exec-module-considered-harmful.md) (2023-01-26)
- [Bug discovery diaries: Abusing VoIPmonitor for Remote Code Execution](/blog/buffer-overflow-discovery-to-rce-in-voipmonitor.md) (2021-03-16)
- [Details about CVE-2020-26262, bypass of Coturn's default access control protection](/blog/cve-2020-26262-bypass-of-coturns-access-control-protection.md) (2021-01-11)
- [Jitsi Meet on Docker default passwords - how bad is it, how to detect and fix it](/blog/jitsi-meet-on-docker-default-password-exploitation.md) (2020-04-20)
- [How we abused Slack's TURN servers to gain access to internal services](/blog/slack-webrtc-turn-compromise-and-bug-bounty.md) (2020-04-06)