Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'64 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'curl' disclosed a bug submitted by b'exploitguru101' 
b'Logical Flaw in curl_url_set Leads to Inconsistent Query Parameter Encoding'
29 Oct 2025 timeline
b'curl' disclosed a bug submitted by b'tjbecker_theori' 
b'Memory leak in Curl_auth_create_ntlm_type3_message'
28 Oct 2025 timeline
b'curl' disclosed a bug submitted by b'geeknik' 
b'curls persistence files inherit world-readable/writable perms from umask, leaking and tampering with cookies/HSTS/Alt-Svc caches'
28 Oct 2025 timeline
b'curl' disclosed a bug submitted by b'max_from_secmate' 
b'libcurl MQTT PUBLISH length overflow (heap overflow)'
28 Oct 2025 timeline
b'curl' disclosed a bug submitted by b'nyymi' 
b'Cookie exposure due to unexpected file permission change'
27 Oct 2025 timeline
b'curl' disclosed a bug submitted by b'sippysir' 
b'CURLX_SET_BINMODE(NULL) can call fileno(NULL) and cause undefined behavior / crash'
27 Oct 2025 timeline
b'curl' disclosed a bug submitted by b'asdkjhasldkjahslfdkjfa' 
b'Integer Overflow to Heap Overflow in DoH Response Handling'
25 Oct 2025 timeline
b'Revive Adserver' disclosed a bug submitted by b'kanon4' 
b"Error-Based & Time-Based SQL Injection in 'keyword' Parameter of admin-search.php Allowing Full Database Access in Revive Adserver v6.0.0"
24 Oct 2025 timeline
b'curl' disclosed a bug submitted by b'idris_0x' 
b'Use of Deprecated strcpy() with User-Controlled Environment Variable in Memory Debug Initialization'
22 Oct 2025 timeline
b'curl' disclosed a bug submitted by b'idris_0x' 
b'Use of Deprecated strcpy() with Fixed-Size Buffers in Progress Time Formatting'
22 Oct 2025 timeline
b'Revive Adserver' disclosed a bug submitted by b'env_bak' 
b'Reflected Cross-Site Scripting (XSS) in Revive Adserver 5.5.2'
22 Oct 2025 timeline
b'SingleStore' disclosed a bug submitted by b'axolot23' 
b'2FA bypass possible on https://authsvc.singlestore.com'
22 Oct 2025 timeline
b'curl' disclosed a bug submitted by b'aybanda' 
b'Buffer Overflow in WebSocket Handshake (lib/ws.c:1287)'
21 Oct 2025 timeline
b'arkadiyt-projects' disclosed a bug submitted by b'newby99' 
b'DNS Rebinding Attack'
19 Oct 2025 timeline
b'arkadiyt-projects' disclosed a bug submitted by b'newby99' 
b'Arbitrary File Write'
19 Oct 2025 timeline
b'Discourse' disclosed a bug submitted by b'theteatoast' 
b'Application Level DoS - Large Markdown Payload in Reply Section Leading to Resource Exhaustion'
18 Oct 2025 timeline
b'PlayStation' disclosed a bug submitted by b'theflow0' 
b'Blu-ray Disc Java Sandbox Escape via two vulnerabilities '
18 Oct 2025 timeline
b'curl' disclosed a bug submitted by b'spolu-dust' 
b'SMTP Command Injection Vulnerability in libcurl 8.16.0 via RFC 3461 Suffix'
17 Oct 2025 timeline
b'Nextcloud' disclosed a bug submitted by b'daroo' 
b'Path Traversal Vulnerability in Nextcloud Tables Enables Arbitrary File Exfiltration of Any Files Supported by PhpSpreadsheet Library'
16 Oct 2025 timeline
1 2 3 ... 741
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM