Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'58 
b'ooooooo_q'52 
b'haxta4ok00'49 
b'jon_bottarini'49 

the unofficial HackerOne disclosure timeline.

X
b'Internet Bug Bounty' disclosed a bug submitted by b'nacl_123' 
b'[SECURITY] CVE-2024-50379 Apache Tomcat - RCE via write-enabled default servlet'
27 May 2025 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'snhebrok' 
b'TLS client authentication can be bypassed due to ticket resumption'
27 May 2025 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'sav_' 
b'CVE-2024-56374: Denial-of-service vulnerability in IPv6 validation'
27 May 2025 timeline
b'Node.js' disclosed a bug submitted by b'jessewilson' 
b'WASI sandbox escape via symlink'
24 May 2025 timeline
b'Monero' disclosed a bug submitted by b'sech1' 
b"Dynamic fee algorithm doesn't check for zero fee"
23 May 2025 timeline
b'Monero' disclosed a bug submitted by b'ptrstr' 
b'RPC service DOS'
23 May 2025 timeline
b'curl' disclosed a bug submitted by b'darkroomdragon' 
b'Memory Leak in libcurl via Location Header Handling (CWE-770)'
22 May 2025 timeline
b'curl' disclosed a bug submitted by b'jmanojlovich' 
b'`Curl_socketpair()` fallback vulnerable to man-in-the-middle attack'
20 May 2025 timeline
b'Cloudflare Public Bug Bounty' disclosed a bug submitted by b'jai-kandepu' 
b'Any WARP User Can Access Organization-Specific Application'
19 May 2025 timeline
b'Shopify' disclosed a bug submitted by b'mr_asg' 
b'Shopify Partners Invitation Process Allows Privilege Escalation Without Email Verification'
15 May 2025 timeline
b'AWS VDP' disclosed a bug submitted by b'nkirk-nrlabs' 
b'Bedrock Guardrails Evasion with Prompt Formatting'
15 May 2025 timeline
b'Node.js' disclosed a bug submitted by b'justinnietzel' 
b'Corrupted pointer in node::fs::ReadFileUtf8(const FunctionCallbackInfo<Value>& args) when args[0] is a string.'
15 May 2025 timeline
b'Lichess' disclosed a bug submitted by b'hajjaj-' 
b'Weak Rate Limiting Controls in the (LOGIN) page Expose System to Brute Force and DoS Attacks'
15 May 2025 timeline
b'Lichess' disclosed a bug submitted by b'delsec_' 
b'Open Redirect Vulnerability in OAuth Flow Leading to Potential Phishing Attack'
15 May 2025 timeline
b'Nintendo' disclosed a bug submitted by b'roccodev' 
b'[Xenoblade Chronicles X: Definitive Edition] Unrestricted RPCs allow DoS and writing arbitrary flags remotely'
15 May 2025 timeline
b'Nintendo' disclosed a bug submitted by b'roccodev' 
b'[Xenoblade Chronicles X: Definitive Edition] Improper validation of names allows injecting formatting tags and bypassing profanity filter'
15 May 2025 timeline
b'Node.js' disclosed a bug submitted by b'tniessen' 
b'Improper error handling in async cryptographic operations crashes process'
14 May 2025 timeline
b'WakaTime' disclosed a bug submitted by b'atasec' 
b'user api key leaked'
13 May 2025 timeline
b'Mozilla' disclosed a bug submitted by b'samirsec0x01' 
b'Netlify Authentication Token Exposed in Public Mozilla CI Logs'
13 May 2025 timeline
b'Mars' disclosed a bug submitted by b'reinhardtthe' 
b'insecure deserilize object leads to RCE On Sitecore (CVE--27218)'
12 May 2025 timeline
1 2 3 4 ... 729
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM