Interested in web hacking and AI for security
Who am I
name: 신현서 (se1en)
Team: CyKor
E-mail: selen0328@gmail.com
Experience
CyKor 세미나 강사(2024,2025)
CyKor Recruiting CTF 문제 출제(2024,2025)
CyKor CTF 문제출제(2025)
KoS CTF 문제 출제(2025)
Awards
2023 고려대학교 해커톤 HACKUTHON (1st place)
제 5회 부산.울산 정보보호 경진대회 장려상
2025 숭실대 해킹방어대회 대학부 최우수상
Bug Bounty & CVEs
- CVE-2025-66514 | cvss 5.4 / xss in nextcloud mail | (Bounty Awarded)
- CVE-2025-66558 | cvss 3.1 / Improper Authentication in nextcloud twofactor_webauthn | (Bounty Awarded)
- CVE-2026-0994 | cvss 8.2 / dos in protobuf
- CVE-2026-21721 | cvss 8.1 / Privilege Escalation in grafana | (Bounty Awarded)
- CVE-2026-22922 | cvss 6.5 / Incorrect Use of Privileged APIs in airflow | (Bounty Awarded)
- pending CVEs….
Bug Bounty (No CVE issued)
- Nextcloud Contacts (pre-release) | cvss 6.5 / idor in nextcloud contacts | (Bounty Awarded)
- Matomo | Security issue reported via HackerOne | (Bounty Awarded)
- Matomo Official plugins | Security issue reported via HackerOne | (Bounty Awarded)
- Matomo Official plugins | Security issue reported via HackerOne | (Bounty Awarded)
- Matomo Official plugins | Security issue reported via HackerOne | (Bounty Awarded)
- Grafana | Security issue reported via Intigriti | (Bounty Awarded, pending CVE)
- Owncloud | Security issue reported via YesWeHack | (Bounty Awarded, pending CVE)
- Discourse | Security issue reported via HackerOne | (Bounty Awarded, pending CVE)
- Discourse | Security issue reported via HackerOne | (Bounty Awarded, pending CVE)
- Discourse | Security issue reported via HackerOne | (Bounty Awarded, pending CVE)
- Discourse | Security issue reported via HackerOne | (Bounty Awarded, pending CVE)
- Discourse | Security issue reported via HackerOne | (Bounty Awarded, pending CVE)
- Discourse | Security issue reported via HackerOne | (Bounty Awarded, pending CVE)
- Discourse | Security issue reported via HackerOne | (Bounty Awarded, pending CVE)
- Discourse | Security issue reported via HackerOne | (Bounty Awarded, pending CVE)
Team Project
BOB 14th team weblover
CVEs: CVE-2026-25051 ,CVE-2025-15514,CVE-2026-0621, CVE-2026-25631 pending CVEs….
papers:다중 에이전트 시스템의 공격 표면 분석을 통한 공격 벡터 도출 | 한국정보보호학회
Education
고려대학교 사이버국방학과(2023~)
Best of the Best 14th 취약점분석트랙(2025)