Skip to content
View Le1a's full-sized avatar

Block or report Le1a

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Le1a/README.md

Hey 👋 I'm Le1a

Retired CTFer · Security Researcher


Experience

  • Feb 2026 – Present: JD.com — Security Engineer
  • May 2023 – Jan 2026: ThreatBook — Security Researcher

Selected CVEs

CVE Product Type
CVE-2023-34747 UJCMS File Upload
CVE-2024-45627 Apache Linkis File Read
CVE-2025-25347 QingLong Panel RCE
CVE-2025-28044 ECShop RCE
CVE-2025-48999 DataEase RCE
CVE-2025-49001 DataEase Auth Bypass
CVE-2025-49002 DataEase RCE
CVE-2025-6507 h2o-3 File Read & RCE
CVE-2025-6544 h2o-3 File Read & RCE
CVE-2025-53004 DataEase RCE
CVE-2025-53005 DataEase RCE
CVE-2025-57773 DataEase File Write
CVE-2025-29847 Apache Linkis File Read

Pinned Loading

  1. CVE-2023-33246 CVE-2023-33246 Public

    Apache RocketMQ 远程代码执行漏洞(CVE-2023-33246) Exploit

    81 5

  2. LokiPool LokiPool Public

    一个使用Rust编写的SOCKS5代理池管理工具,能够自动测速、管理多个代理服务器,提供高效稳定的匿名代理服务。

    Rust 83 13

  3. JarLibsConsolidator JarLibsConsolidator Public

    一个IDEA插件:一键收集项目中所有jar包依赖的工具插件。遍历项目目录收集所有jar文件,复制到all-in-one文件夹,并自动添加为项目库。

    Kotlin 55 2