Ariel Koren Get in Touch
Selected Work

A short, organized index - not an archive dump.

Three categories of active work, ordered by what I actually spend time on. Older technical writeups are preserved in the Archive.

Security Research

Security Research

Applied security research, vulnerabilities, and short technical writeups.

2 entries
2026

CVE-2026-48029: Two grid-decode bugs in libheif

Vulnerability research - CVE-2026-48029 · Public / Patched

A single afternoon of fuzzing against libheif 1.21.2 produced two memory-safety bugs in the same function. F1 is a NULL pointer dereference on a malformed grid dimg reference - deterministic DoS-on-decode from any public decode API. F2 is a uint32 underflow in the inverse-rotation tile arithmetic that feeds a debug-only assert; in NDEBUG release builds (the configuration typical distribution packages use) the assert is compiled out and the access becomes a heap out-of-bounds read with an attacker-influenced offset. Reported privately on 2026-05-02; fixed in libheif 1.22.0 on 2026-05-19. Tracked as GHSA-6x5f-qchq-cxqv and assigned CVE-2026-48029.

Read the writeup
2020

Finding CVE-2020-1321: Fuzzing Office's 3D Model Parser

Vulnerability research - CVE-2020-1321 · Public / Patched

A grammar-driven .glb fuzzing campaign found a memory-corruption bug in the shared 3D parser used by Microsoft Word and the Microsoft 3D Viewer. Reported to MSRC in January 2020; patched on June 9, 2020 as the Microsoft Office Remote Code Execution Vulnerability (CWE-119, CVSS 7.8, Exploitation Less Likely).

Read the writeup
Systems Design

Systems Design

Git fixes, fuzzing, security architecture, and other things I built.

0 entries

Nothing published in this category yet.

Startups

Startups

SNDBOX, OmniBoard, and the founder/product work that came with them.

2 entries
2023-2024

OmniBoard: The Board Game Console That Didn't Pencil Out

Founder · boardgames console · Shelved on hardware costs

OmniBoard was a console for board games: multi-touch board, flexible color e-ink cards, OmniShop marketplace, creator SDK. Same hardware, infinite games. The product vision worked. The math did not. The post-mortem on a ~$553 BOM that could not survive a $500 retail target.

Read the writeup
2017-2021

SNDBOX

Co-founder · malware analysis · Acquired

TBD - full writeup coming soon. Co-founded SNDBOX, an automated malware analysis platform.

Read