On June 27, 2026, pseudonymous researcher 'bikini' made the 'Exploitarium' repository public on GitHub with more than 30 proof-of-concept exploits for zero-days in open-source projects, without any prior coordination with maintainers. The Register, which first reported the repository, explicitly stated it had not verified bikini's claims about the functionality of individual PoCs. Among the confirmed vulnerabilities, CVE-2026-55200 in libssh2 received a patch in the main branch on June 12 — fifteen days before the dump — but a stable release was not yet available. The immediate effect was not accelerating a fix that already existed, but making working exploits public while defenders still lacked an installable update.
- The 'Exploitarium' repository initially contained about 15 exploits, later expanded to more than 30, published June 27, 2026 without any coordinated vulnerability disclosure process.
- CVE-2026-55200 in libssh2, CVSS 9.2, was already in coordinated fix by other researchers: the patch was merged to the main branch on June 12, before bikini's public release.
- Ethan Andrews of Federal Signal independently verified CVE-2026-55200 and reported active exploitation, publishing 44 KQL rules for Microsoft Sentinel and Defender.
- CVE-2026-58053 in Gitea act_runner is a container escape via unsanitized Docker container options, with CVSS 4.0 AV:N/AC:L/AT:N/PR:L per the NVD record.
- bikini stated using GPT-5.3 for automated fuzzing, but writing PoCs manually.
The Method: AI Fuzzing and Open Disclosure as a Stated Position
In an exclusive interview with Infosecurity Magazine, bikini explained the approach. "I think it's the best way for people to learn and become allured into the field," the researcher said, defending open disclosure as an educational tool. The core of the reasoning lies in direct evidence: "I just came to the understanding that open disclosure is better for everyone in 99% of circumstances."
The researcher clarified the role of artificial intelligence: the entire fuzzing process was automated with GPT-5.3, while the PoCs were written by hand. "None of the actual PoCs themselves were vibe-coded; I did, in fact, hand-type them," reads the original repository README, now removed from GitHub but circulated via archive. The detail separates the discovery phase, made scalable by AI, from the PoC publication phase, which bikini claims as their own.
The lack of maintainer notification is confirmed by the researcher. "I did not inform any of the maintainers of the publication," bikini told Infosecurity Magazine. The choice effectively excludes any embargo window for coordinated patching, a point the CVE-2026-55200 case makes particularly counterproductive.
The libssh2 Vulnerability: Patch Exists, Exploit Public, No Release
CVE-2026-55200 is a pre-authentication RCE in libssh2 with CVSS 9.2 per the NVD record, which assigns vector AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. The vulnerability was independently discovered by Tristan Madani, a researcher who disclosed it via VulnCheck through a coordinated disclosure path.
Pull request #2052 with the fix was merged to the main branch on June 12, 2026, with commit 97acf3d on GitHub. The date is certified by the project's official repository. When bikini published Exploitarium on June 27, the fixed code already existed. According to SOURCE 9, it is not confirmed that the patch is in a stable release. Production users did not yet have an updated package to install.
Open disclosure did not accelerate a fix that already existed; it instead expanded the population of actors able to exploit the vulnerability while those tasked with protecting real systems remained without practical tools. The exposure window, for defenders, compressed in the wrong direction.
"The most technically significant findings — libssh2 pre-auth heap write and Gitea default Docker auth bypass — have been independently verified as high-risk with active exploitation observed" — Ethan Andrews, Federal Signal Corporation
The Gitea Container Escape and Independent Verification
The second notable vulnerability is CVE-2026-58053 in Gitea's act_runner component. The NVD record describes a container escape: the system passes the workflow container.options parameter directly to the Docker job container HostConfig, allowing escape to the host with root privileges. The CVSS 4.0 vector is AV:N/AC:L/AT:N/PR:L. The record was received by VulnCheck on June 27, 2026, the same day as the Exploitarium dump.
Ethan Andrews of Federal Signal independently verified both major vulnerabilities. Beyond technical confirmation, he reported active exploitation for CVE-2026-55200 and published 44 KQL rules for Microsoft detection platforms. The source does not quantify the extent of exploitation nor describe its geographic or sectoral distribution.
The NVD record for CVE-2026-55200 shows a CISA-ADP SSVC indication classifying exploitation status as 'poc', not 'active'. The discrepancy with Andrews' 'active exploitation observed' wording reflects different detection criteria or timelines: CISA-ADP documents available proof-of-concept, while Andrews signals observation of exploitation in the field. The two sources do not necessarily contradict, but use different evidence scales.
What to Do Now
For organizations running infrastructure with libssh2 or Gitea, immediately actionable steps derive from documented facts:
- Apply the 44 KQL rules published by Ethan Andrews for Microsoft Sentinel and Defender, focused on CVE-2026-55200.
- Monitor the libssh2 repository for availability of the stable release containing the June 12, 2026 patch.
- Check for Gitea act_runner in your deployments and evaluate restricting Docker permissions for workflows.
- Consult NVD records for CVE-2026-55200 and CVE-2026-58053 for updates on attack vectors and exploitability conditions.
The dossier does not detail severity or specific exploitability for other CVEs assigned to Exploitarium. Organizations must assess exposure to the involved open-source projects case by case, based on their own inventory scans.
The Limit of the Paradox
The Exploitarium case is neither a victory for open disclosure nor a simple catastrophe. It is a structural paradox: publication speed outpaced distribution of an already-existing fix, without generating new protection. bikini demonstrated that AI makes discovery scalable, but scalability does not solve the coordination problem between development and distribution.
The researcher's position is explicit: "Of course not. The disclaimer might help, but at the end of the day, they have the free will to make their own choices." The answer, given to Infosecurity Magazine on whether a disclaimer deters malicious actors, closes any hypothesis of shared responsibility. The paradox remains: who bears the cost of verification and patching when publication precedes coordinated release?
The cited sources present known areas of uncertainty. The Register did not verify the functionality of individual PoCs. The 130+ PoC figure cited by SystemTwoSecurity is not corroborated by other sources, which indicate 30-40. The exact AI model was corrected by bikini from an initial designation to GPT-5.3. The relationship between Exploitarium and the previous Nightmare Eclipse repository is not clarified in the dossier.
Information verified against cited sources and current as of publication.
Sources
- https://www.infosecurity-magazine.com/news/researcher-exploitarium-exploits/
- https://www.it-connect.tech/exploitarium-researcher-exposes-zero-day-flaws-in-15-open-source-projects/
- https://www.theregister.com/security/2026/06/29/anonymous-researcher-drops-0-day-exploitarium-repo/5263961
- https://www.heise.de/en/news/Exploitarium-Anonymous-security-researcher-publishes-two-dozen-zero-days-11350105.html
- https://undercodenews.com/when-open-disclosure-turns-into-a-digital-wildfire-the-exploitarium-zero-day-dump-that-shook-open-source-security/
- https://nvd.nist.gov/vuln/detail/CVE-2026-55200
- https://nvd.nist.gov/vuln/detail/CVE-2026-58053
- https://systemtwosecurity.com/share/inspiration/VNJMKFVM
- https://github.com/libssh2/libssh2/pull/2052
- https://github.com/bikini/exploitarium