Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'64 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'lemlist' disclosed a bug submitted by b'mcdave' 
b'Unauthorized Password Reset Allows Account Takeover Across Tenant Boundaries'
07 Nov 2025 timeline
b'Lovable VDP' disclosed a bug submitted by b'anxioussick' 
b'Low-privileged user can enable or disable Lovable AI for new projects in workspace'
07 Nov 2025 timeline
b'Django' disclosed a bug submitted by b'cyberstan' 
b'SQL Injection in Django ORM via Unvalidated `_connector` in Q Objects'
06 Nov 2025 timeline
b'curl' disclosed a bug submitted by b'giant_anteater' 
b'CVE-2025-10966: missing SFTP host verification with wolfSSH'
05 Nov 2025 timeline
b'Lovable VDP' disclosed a bug submitted by b'd0maxploit' 
b'Improper Authorization Leads to Editor can toggle admin-only workspace features (Lovable AI)'
04 Nov 2025 timeline
b'Lovable VDP' disclosed a bug submitted by b'd0maxploit' 
b'Improper Authorization Leads to Editor can toggle admin-only workspace features (Lovable Cloud)'
04 Nov 2025 timeline
b'Mozilla' disclosed a bug submitted by b'xhacking_z' 
b'Microsoft `x-apikey` Exposed in Mozilla CI Public Logs'
03 Nov 2025 timeline
b'curl' disclosed a bug submitted by b'hackerpllim' 
b'HackerOne'
03 Nov 2025 timeline
b'curl' disclosed a bug submitted by b'hackerpllim' 
b'Hi Hacker'
03 Nov 2025 timeline
b'curl' disclosed a bug submitted by b'oliverkremer' 
b'Directory Traversal Vulnerability in cURL via Content-Disposition Header Processing'
01 Nov 2025 timeline
b'Hiro' disclosed a bug submitted by b'craxermgr' 
b'No Confirmation Email For Email Change'
31 Oct 2025 timeline
b'Hiro' disclosed a bug submitted by b'craxermgr' 
b'Information Disclosure'
31 Oct 2025 timeline
b'Hiro' disclosed a bug submitted by b'vyshnav_nk' 
b'REDIRECTION VULNERABILITY/HOST HEADER INJECTION VULNERABILITY'
31 Oct 2025 timeline
b'Hiro' disclosed a bug submitted by b'myskar' 
b'Missing restriction on string size of Full Name at browser.blockstack.org'
31 Oct 2025 timeline
b'Hiro' disclosed a bug submitted by b'myskar' 
b'Can view all username leaked in https://core.blockstack.org'
31 Oct 2025 timeline
b'Hiro' disclosed a bug submitted by b'droop3r' 
b'Invalidate active sessions after password change'
31 Oct 2025 timeline
b'Hiro' disclosed a bug submitted by b'0x1_aulia' 
b'blockstack.org - is vulnerable to (CVE-2016-2183, CVE-2016-6329)'
31 Oct 2025 timeline
b'Hiro' disclosed a bug submitted by b'frozensolid' 
b'Blockstack Browser For Mac leaks "Core API Password" to 3rd parties'
31 Oct 2025 timeline
b'Hiro' disclosed a bug submitted by b'anonymous--1000' 
b'Logout Bypass Vulnerability in Hiro.so'
31 Oct 2025 timeline
1 2 3 ... 742
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM