This repository documents publicly disclosed security vulnerabilities that I responsibly reported to software vendors.
No exploit code or proof-of-concept code is included in this repository.
Each advisory linked below publicly acknowledges me (Daniel Weglowski) as the reporter.
Some advisory pages may prevent automated systems from accessing the acknowledgement section. Where available, machine-readable CSAF advisories are also provided.
CVE-2026-45482 Microsoft Visual Studio Code CoPilot Chat Security Feature Bypass Vulnerability
- Reported to Microsoft Security Response Center (MSRC)
- Impact: Security Feature Bypass
- Severity (CVSS v3.1): 8.4/10 (High severity)
- User Interaction: None (UI:N)
- Acknowledged by Microsoft: June 2026
The official MSRC advisory acknowledges:
Daniel Weglowski
- Human readable: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45482
- Machine readable: https://msrc.microsoft.com/csaf/advisories/2026/msrc_cve-2026-45482.json
CVE-2025-29822 Microsoft OneNote Security Feature Bypass Vulnerability
- Reported to Microsoft Security Response Center (MSRC)
- Impact: Security Feature Bypass
- Severity (CVSS v3.1): 7.8/10 (High severity)
- Acknowledged by Microsoft: April 2025
The official MSRC advisory acknowledges:
Daniel Weglowski
- Human readable: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29822
- Machine readable: https://msrc.microsoft.com/csaf/advisories/2025/msrc_cve-2025-29822.json
CVE-2023-36436 Windows MSHTML Platform Remote Code Execution Vulnerability
- Reported to Microsoft Security Response Center (MSRC)
- Impact: Remote Code Execution
- Severity (CVSS v3.1): 7.8/10 (High severity)
- Acknowledged by Microsoft: November 2023
The official MSRC advisory acknowledges:
Daniel Weglowski
- Human readable: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36436
- Machine readable: https://msrc.microsoft.com/csaf/advisories/2023/msrc_cve-2023-36436.json