CV

Email: [email protected] · Telegram: @nicksv

CVEs

7 published CVEs in widely-used open-source projects. Full list →

CVE	Product	Type	Proof
CVE-2026-29079	Lexbor	Type confusion	→
CVE-2026-29078	Lexbor	Integer underflow / OOB memory access	→
CVE-2025-49795	libxml2	NULL pointer dereference	→
CVE-2025-49796	libxml2	Memory corruption	→
CVE-2025-49794	libxml2	Use-after-free	→
CVE-2025-14177	PHP	Uninitialized heap memory leak in getimagesize()	→
CVE-2025-9714	libxml2	Uncontrolled recursion / stack overflow	→

Publications

All publications →

Skills

Security
Web Application Security · Source Code Audit · Vulnerability Research · Fuzzing (AFL, libFuzzer) · OWASP · Penetration Testing · Bug Bounty

Programming
PHP · Java · Python · C/C++

Tools
Burp Suite · Docker · Linux · AI-assisted automation & agent orchestration

Languages
English · Russian (native)

Experience

Security Researcher — Positive Technologies (PT Swarm)
Jan 2025 – Present

Conducting independent security research across various domains
Publishing findings as technical articles (Publications )

Web Application Pentester — Positive Technologies (PT Swarm)
Nov 2022 – Dec 2024

Performed web application security assessments for enterprise clients
Focused on identifying and exploiting vulnerabilities in web applications

Security Consultant — Freelance
Jul 2021 – Feb 2022

Conducted API security assessment of a major banking application
Discovered a race condition vulnerability enabling unauthorized fund transfers

Security Researcher — Huawei
Jul 2020 – Nov 2022

Performed systematic vulnerability assessments of web components across Huawei products
Participated in penetration testing engagements and collaborative security assessments with third-party vendors
Developed an internal tool for detecting second-order command injection vulnerabilities
Transitioned from hands-on pentesting to security research focused on automated vulnerability discovery

Entrepreneur — Independent Business
2016 – 2020

Security Engineer — NDA
Jan 2015 – Feb 2016

CTF

Active CTF player since 2013. CTFtime profile →

Team	Year	Global	Russia
AntiBuddies	2021	53rd	4th
Hardc0de	2013	40th	9th
Hardc0de	2014	45th	8th

Notable: 1st place at Tenable CTF 2021, 2nd place at SecureBug CTF

Education

ITMO University — Saint Petersburg, Russia
Bachelor’s degree in Computer and Information Systems Security / Information Assurance
2012 – 2016