Work & Research

Security advisories, press coverage, certifications, and community contributions.

Security Advisories & CVEs

MISP — SQL Injection via Unvalidated Ordering Parameters

SQL injection in event and shadow attribute listings

GCVE-1-2026-0031

9.4 CRITICAL

MISP — Improper Access Control in Auth Key Reset

Privilege escalation to site administrator

GCVE-1-2026-0030

9.3 CRITICAL

LookyLoo — PlaywrightCapture Local File Access

Permits access to local files and internal network resources during page capture

GCVE-1-2026-0028

9.3 CRITICAL

bestpractical/RT — Privilege Escalation via REST 2.0

Privilege escalation and information disclosure via user collection endpoint

CVE-2026-44231

9.1 CRITICAL

Metabase — Dashboard Update Response Leaks Card Details

Authenticated user can retrieve full card details from restricted collections via PUT response

GHSA-58qx-j9c7-4rq7

MODERATE

AIL Framework — Stored XSS in Modal Item Preview

Stored XSS in modal item preview for long item content

GCVE-1-2026-0023

8.5 HIGH

AIL Framework — Stored XSS (CVE-2026-39416)

Stored XSS in modal item preview for long item content

CVE-2026-39416

HIGH

OpenProject.org — Cross-Project Meeting Agenda Injection

Meeting agenda item injection via unscoped section lookup

CVE-2026-40896

6.5 MODERATE

PostgreSQL — pg_restore_attribute_stats Array Overflow

Accepts values that cause query planning to read past end of stats array

CVE-2026-6575

4.3 MODERATE

MISP — Stored XSS in Link-Type Attributes

XSS via link-type attributes in MISP events

MISP v2.5.36

Hall of Fame & Profiles

Gent.be Hall of Fame ↗SiteGround Honor Roll ↗Intigriti ↗HackerOne ↗

Press & Recognition

Spamhaus

Featured by Spamhaus as Top Threat Intel Contributor

Profiled as a top contributor to the Spamhaus Threat Intel Community Portal for ongoing threat hunting work.

↗

Abusix

Reporting Malicious Sites: Taking Down 60,000

Guest blog post detailing how I used automated reporting and Abusix's Abuse Contact Database to take down 60,000+ malicious sites globally.

↗

Young Talent in Action

Xplorer Award Winner — Young Talent in Action

Profiled as one of five Xplorer Award winners for founding JustGuard, a platform that detects and neutralizes phishing campaigns.

↗

Trends/Levif

L'appétit international des jeunes entrepreneurs

Featured in the Belgian business magazine Trends/Levif covering young entrepreneurs with international ambitions.

↗

Training & Events

2025🏆

Young Talent in Action — Xplorer Award ↗

Won the VBO FEB Xplorer Award for founding JustGuard.

2025📜

TryHackMe — SOC Level 1 Certificate

Completed the SOC Level 1 learning path covering security operations, log analysis, and incident response.

2025🎤

Cybersecurity Challenge Belgium — Finalist

6th place finish in the national Cybersecurity Challenge Belgium competition.

2024🚀

European Space Agency (ESA) Cybersecurity Training Course ↗

Selected for the pilot edition of ESA's cybersecurity training program at the ESA Academy.

2023🎓

BEST Soft Skills Track 2023

Completed the BEST Leuven soft skills track covering interview preparation, diversity & inclusion, and more.

2023📜

Practical Ethical Hacking — TCM Security ↗

Completed the comprehensive practical ethical hacking course.

2019🇪🇺

Euroscola — European Parliament Student Representative

Represented Belgium in discussions about European challenges with students from across the EU in Strasbourg.