Security Research

Vulnerabilities discovered by Gecko's Scanner.
Each finding was responsibly disclosed to the vendor.

Assigned CVEs

Disclosure Process

Vulnerabilities Fixed

Featured

Research

How Gecko Discovered 30 0-Day Vulnerabilities No AppSec Tool Found

Previously, there were entire classes of business logic and multi-step vulnerabilities that have long been invisible to SAST. Today, that changes.

Jeevan JutlaJul 31, 2025

Read post

Discoveries

Security vulnerabilities discovered and responsibly disclosed

RESEARCH

Why Static Analysis Struggles with Business Logic Vulnerabilities

The gap between tracking where data flows and reasoning about whether the logic is correct.

Jan 27, 2026Read more

RESEARCH

How Broken Access Controls in Cal.com Leaked Millions of Bookings and Enabled Complete Account Takeover

Gecko's AI security engineer discovered critical chained vulnerabilities in Cal.com Cloud that allowed complete account takeover and exposed all booking data.

Jan 26, 2026Read more

RESEARCH

How Gecko Discovered 30 0-Day Vulnerabilities No AppSec Tool Found

Previously, there were entire classes of business logic and multi-step vulnerabilities that have long been invisible to SAST. Today, that changes.

Jul 31, 2025Read more