patchleaks

every patch tells a story vulnerability.

§00 — patch intelligence, from diff to PoC

Read the
patch.
Ship the
proof. // Self-hosted AI-powered patch analysis. GitHub repos, WordPress plugins, local code.

Run analysis → Browse advisories live feed

patchleaks.sh ◼ tty 01

2.8.6 on disk

A living plugin

Running in production. Tens of thousands of installs.

I Patch analysis

II Zero-day detection

III Verifier sort

commit · upstream

6802454 → mystickymenu 2.8.6 → 2.8.7

2 files · 1 security-sensitive hunk · 1 function touched

mystickymenu/classes/class-mystickymenu.php on disk · 2.8.6

1// classes/class-mystickymenu.php · 2.8.6
2public function save_lead($postArr) {
+  $allowed = ['contact_name', 'contact_email', 'contact_phone', 'page_link'];
+  $params = [];
+  foreach ($allowed as $key) {
+    if (isset($_POST[$key]) && $_POST[$key] !== '') {
+      $params[$key] = sanitize_text_field($_POST[$key]);
+    }
+  }
3  // 2.8.6: every POST key copied verbatim into SQL identifiers.
4  foreach ($postArr as $key => $val) {
5    $params[$key] = esc_sql(sanitize_text_field($val));
6  }
7  $params["widget_id"] = esc_sql(sanitize_text_field($widget_no));
8  $wpdb->insert($contact_lists_table, $params);
9  die();
10}
11
12// Reachable via admin-ajax.php · unauth · CWE-89.

CVE-2026-3657 high

CWECWE-89 · SQL injection (column identifier) CVSS8.6 · high vectorAV:N · AC:L · PR:N · UI:N KEVnot listed affectedMy Sticky Bar ≤ 2.8.6 fixed2.8.7

articles/cve-2026-3657.md ● writing · claude-haiku-4.5

codebase · wp-content/plugins indexed

avatar-upload.php180 loc● 5

smtp/send.php244 loc● 4

api/submit.php412 loc● 3

members/profile.php299 loc● 2

lib/db.php322 loc● 2

templates/reset.php112 loc● 1

redis/admin.php511 loc● 1

api/validate.php188 loc

sink rules · 6 cwe classes loaded

CWE-89mysqli_query|->query\(|.execute\(0

CWE-78system|passthru|shell_exec|exec\(0

CWE-22file_get_contents|fopen|include\(0

CWE-79echo \$|print \$0

CWE-434move_uploaded_file\(0

CWE-352wp_verify_nonce|check_admin_referer0

InputTracer · send.php tainted flow

source$_POST['email']send.php:44

rename$input = $_POST['email']send.php:45

concat$query = "... WHERE email = '$input'"send.php:51

sink$db->query($query)send.php:53

iteration 1 Initial pass · AI triage queued

›scanning 48 grep matches · 6 CWE classes

›→ 31 discarded as non-reachable / non-user-input

›→ 17 candidates elevated to deep scan

iteration 2 Deep scan · ReAct verification queued

›loading tree-sitter index · 1,284 fns · 11 files

›running 11-tool ReAct loop per candidate

›→ midpoint reflection · 4 likely defenses confirmed

11-tool ReAct loop · live trace

grep_search->query($0.08s3 hits

read_functionsendResetMail0.12s42 loc

check_user_input$_POST['email']0.04sunsanitized

find_callerssendResetMail0.21s3 routes

submit_verdictvulnerable0.01srecorded

iteration 3 Defense check · 3-iteration pipeline queued

›iteration 1 · identify defense APIs · query_docs

›iteration 2 · follow wrapper chains · trace to native

›iteration 3 · final verdict with data-element evidence

candidates · awaiting verification ● 8 findings

#1CWE-89

send.php:53

#2CWE-79

profile.php:201

#3CWE-434

avatar-upload.php:66

#4CWE-89

reset.php:77

#5CWE-89

db.php:140

#6CWE-352

admin.php:288

#7CWE-78

submit.php:410

#8CWE-22

validate.php:102

▸ True positive · exploitable 0 / 4

◂ False positive · defended 0 / 4

#1 CWE-89 shipped

send.php:53

user $_POST flows into SQL via concat; no prepare()

verdict TP

#2 CWE-79 shipped

profile.php:201

echoed unsanitized $_GET['ref'] in <a href>

verdict TP

#3 CWE-434 shipped

avatar-upload.php:66

extension check via .jpg substring; .php.jpg bypass

verdict TP

#4 CWE-89 shipped

reset.php:77

token query lacks WHERE binding; second-order SQLi

verdict TP

#5 CWE-89

db.php:140

wrapper calls wpdb->prepare() internally

verdict FP

#6 CWE-352

admin.php:288

check_admin_referer() present in parent handler

verdict FP

#7 CWE-78

submit.php:410

value whitelisted via in_array() before shell_exec

verdict FP

#8 CWE-22

validate.php:102

realpath() + basedir check present

verdict FP

writeup.md● generated

poc.sh● generated

rules● generated

article published● draft ready

inputs1 codebase · no CVE · 14k loc

pipelinegrep → tracer → 3 iterations → react → verifier

output4 zero-days · shipped

install base

pluginmystickymenu version2.8.6 downloadsactive installs php>= 7.4

§01

Patch diff analysis

Reduce multi-thousand-line commits to the few hunks that actually move the security needle.

ANALYSIS open

§02

Zero-day detector

Pattern-match CWE signatures against uncommitted code before an advisory is ever written.

ZERO-DAY open

§03

Rule generator

Derive grep rules from verified vulnerabilities. Run them across your entire library.

RULES open

§04

PoC synthesis

AI drafts a reproducer from the patch. Reviewer verifies. Report shipped.

OUTPUT open

§ wordfence

Live WordPress feed

Pulls fresh advisories from the Wordfence API. Auto-PatchDiff scheduler diffs new plugin releases on a cron.

FEED view

§ tainttrace

InputTracer · PHP

Walks each variable backward through the AST until it confirms a user-controlled origin. Non-user-input candidates dropped before AI.

TAINT

§ defense

Wrapper unwrap · 3-iter

Identifies declared defense calls, follows wrapper chains to the native implementation, emits a verdict with structured evidence.

DEFENSE

§ wp-reach

Endpoint reachability

For WordPress plugins: verifies whether a vulnerable function is actually reachable from REST, AJAX, or admin pages. Auth-level surfaced.

§02

How Products mode analyzes a patch

FOUR STAGES · DIFF-DRIVEN

stage 01

Reduce

The average security patch is buried under formatting, tests, vendored assets. We strip those noise hunks and keep what alters control flow, input handling, or crypto.

183 files → 12 hunks → 4 functions

stage 02

Match

Each remaining hunk runs against a CWE signature bank — taint analysis for injections, auth-check elisions, race windows, and crypto misuse.

CWE-89 · CWE-384 · CWE-352

stage 03

Reason

Claude Haiku reviews reduced hunks with CWE context and the project's own utility functions. It writes a one-paragraph verdict.

verdict true_positive · model claude-haiku-4.5

stage 04

Ship

A reviewer approves. PatchLeaks emits a CVE-ready writeup, a PoC request payload, detection rules, and a KEV flag — all from one pull request.

writeup · poc.sh · rules

§03

How Zero-Day mode finds vulnerabilities

SIX STAGES · PATTERN → TAINT → AI → REACT → DEFENSE → VERDICT

stage 01

Pattern match

CWE-specific grep + sink rules sweep the codebase. Thousands of files filtered to targeted matches.

CWE-89 · CWE-434 · CWE-79

stage 02

Taint trace

InputTracer (PHP) follows each variable backward through the AST to verify it originates in user input. Non-user-input matches discarded.

37 candidates kept

stage 03

Initial pass AI

Quick triage on grep-matched lines only. Drops obvious false positives before any deep scan.

37 → 5

stage 04

Deep scan AI

Full-file analysis with function-level tree-sitter context. Reasons about taint paths and missing safeguards.

5 → 2 confirmed

stage 05

Detection

Parses vulnerability blocks, verifies declared safeguards, deduplicates findings across files.

structured · per-block

stage 06

Defense check

3-iteration loop unwraps wrapper functions to native implementations. Final verdict carries structured evidence.

verdict · TP / FP / defended

§01

Live advisory feed

UPDATED EVERY 60s

CVE	Severity	Target	Class	Age	—
Loading live feed…

12,578

CVEs indexed

patches parsed

204

PoCs generated

languages supported

--:--:--Z

last feed sync

§ready

Point it at a repo. Read the report.

Free, open-source, self-hosted.

Start a scan → Open dashboard

Read thepatch.Ship theproof. // Self-hosted AI-powered patch analysis. GitHub repos, WordPress plugins, local code.

A living plugin

Patch diff analysis

Zero-day detector

Rule generator

PoC synthesis

Live WordPress feed

InputTracer · PHP

Wrapper unwrap · 3-iter

Endpoint reachability

How Products mode analyzes a patch

Reduce

Match

Reason

Ship

How Zero-Day mode finds vulnerabilities

Pattern match

Taint trace

Initial pass AI

Deep scan AI

Detection

Defense check

Live advisory feed

Point it at a repo. Read the report.

Read the
patch.
Ship the
proof. // Self-hosted AI-powered patch analysis. GitHub repos, WordPress plugins, local code.