Proof

What Tachyon actually finds

Real vulnerabilities discovered by Tachyon in widely-used open-source projects. Each one was responsibly disclosed and has been patched.

CriticalAuthorization BypassCVE-2025-14297

Authorization bypass via protocol-level inconsistency

MLflow (Databricks)

An authorization bypass in MLflow's tracking server allowed unauthorized users to read, modify, and delete experiments and runs by exploiting inconsistencies in how authorization was enforced across different API protocols.

What Tachyon found

Tachyon's agent traced the authorization enforcement path across MLflow's REST and gRPC interfaces and discovered that while the REST API correctly checked permissions, an alternative protocol surface skipped the authorization middleware entirely. The agent validated this by constructing a proof-of-concept request sequence that accessed protected resources without valid credentials.

Why scanners missed it

Traditional SAST tools analyze individual files and functions. This vulnerability required understanding how two different protocol handlers routed to the same underlying data layer — but with different middleware chains. A file-level scanner would see valid auth checks on both paths and report nothing.

Read the full analysis →

HighSSRF

Server-Side Request Forgery with metadata exfiltration

OpenWebUI

An SSRF vulnerability allowed any authenticated user to make the server fetch arbitrary internal URLs — including cloud metadata endpoints — and exfiltrate the responses. The initial patch was incomplete, leaving redirect-based and DNS rebinding bypasses open.

What Tachyon found

Tachyon identified that user-controlled URLs were passed to server-side HTTP requests without adequate validation. The agent traced the data flow from user input through multiple function calls to the outbound request, then validated that the response was reflected back to the user — confirming full read SSRF with data exfiltration.

Why scanners missed it

The URL input passed through multiple layers of processing before reaching the HTTP client. Pattern-matching tools that flag raw `requests.get()` calls would need to trace through several indirection layers to connect the user input to the outbound request — a multi-file, multi-function analysis that rule-based scanners don't perform.

Read the full analysis →

CriticalSandbox Escape

Sandbox escape via filesystem path traversal

AI Development Platform

A path traversal vulnerability in a sandboxed code execution environment allowed untrusted code to read and write files outside the sandbox boundary, potentially accessing host system resources and other tenants' data.

What Tachyon found

Tachyon's agent analyzed the sandbox's file access controls and identified that while direct path traversal was blocked, a combination of symlink creation and relative path resolution allowed escaping the sandbox root. The agent constructed a multi-step exploit chain: create a symlink inside the sandbox pointing to a parent directory, then access files through the symlink.

Why scanners missed it

This vulnerability required reasoning about the interaction between filesystem operations and sandbox boundary enforcement — a security property that emerges from the combination of multiple correct-looking individual operations. No single line of code is "vulnerable"; the bug is in the composition.

Read the full analysis →

See what Tachyon finds in your code

These are the kinds of vulnerabilities that slip through traditional scanners. Install Tachyon and find out what's hiding in your codebase.

Get Started