REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
81
b'linkks'
75
b'jobert'
70
b'nyymi'
62
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'curl'
disclosed a bug submitted by
b'nyymi'
b'OpenSSL HTTP/3 bogus CURLINFO_TLS_SSL_PTR'
28 Jul 2025
b'Mars'
disclosed a bug submitted by
b'0xun7h1nk4ble'
b'RXSS on via customerId parameter'
28 Jul 2025
b'Node.js'
disclosed a bug submitted by
b'oblivionsage'
b'Windows Device Names Still Allow Path Traversal in UNC Paths After CVE-2025-27210 Fix'
28 Jul 2025
b'curl'
disclosed a bug submitted by
b'cyph3r_nitro'
b'Vulnerability Report: Public Exposure of Security Audit File'
27 Jul 2025
b'curl'
disclosed a bug submitted by
b'ejejohn'
b'Security check up'
24 Jul 2025
b'curl'
disclosed a bug submitted by
b'catenacyber'
b'Use after free (or assert triggered) with failed allocations in openssl'
24 Jul 2025
b'curl'
disclosed a bug submitted by
b'yousesf'
b'Exposure of Private RSA Private Key in curl GitHub Repository'
23 Jul 2025
b'curl'
disclosed a bug submitted by
b'nyymi'
b'GnuTLS CURLINFO_TLS_SESSION / CURLINFO_TLS_SSL_PTR type confusion'
23 Jul 2025
b'GitLab'
disclosed a bug submitted by
b'timothyleung'
b'Mint Oauth2 access token for targeted user'
23 Jul 2025
b'curl'
disclosed a bug submitted by
b'lyb_unaffiliated'
b'on the implications of permitting procedural culling'
22 Jul 2025
b'curl'
disclosed a bug submitted by
b'cmeister2'
b'curl ASSERTs when accessing an LDAP URL'
22 Jul 2025
b'AWS VDP'
disclosed a bug submitted by
b'muhammad_kasim'
b'XSS on Amazon Aquisition: elemental'
22 Jul 2025
b'Remitly'
disclosed a bug submitted by
b'db3wy'
b'[CRITICAL] 0-Click Account Takeover via Password Reset [AUTH-3243] /orchestrator/v1/password_reset/start'
21 Jul 2025
b'1Password - Enterprise Password Manager'
disclosed a bug submitted by
b'sudosu001'
b'API Key Exposed in JavaScript File on 1Password Developer Site'
18 Jul 2025
b'HackerOne'
disclosed a bug submitted by
b'boy_child_'
b'Account takeover of existing HackerOne accounts through SCIM provisioning'
17 Jul 2025
b'MainWP'
disclosed a bug submitted by
b'rishail01'
b'Reflected XSS in "Cost Tracker" Notes Field'
17 Jul 2025
b'MainWP'
disclosed a bug submitted by
b'rishail01'
b'Reflected XSS in "Manage Tags" Notes Field'
17 Jul 2025
b'MainWP'
disclosed a bug submitted by
b'rishail01'
b'Reflected XSS in "Create Category" Functionality of Post Creation Module'
17 Jul 2025
b'MainWP'
disclosed a bug submitted by
b'rishail01'
b'Stored Cross-Site Scripting (XSS) in "Add Contact" Name Field MainWP Plugin'
17 Jul 2025
1
2
3
...
735
BY DENIS WERNER - @NOBBD -
IMPRESSUM