Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'81 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'60 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Nintendo' disclosed a bug submitted by b'crazy_man123' 
b'[MK8DX] Improper ranking/replay file parsing'
06 Jul 2025 timeline
b'curl' disclosed a bug submitted by b'zzq1015' 
b'TLS Cipher Misconfiguration in HTTP/3/QUIC Support'
06 Jul 2025 timeline
b'curl' disclosed a bug submitted by b'skrcprst' 
b"CRLF injection in libcurl's SMTP client via --mail-from and --mail-rcpt allows SMTP command smuggling"
03 Jul 2025 timeline
b'Mozilla' disclosed a bug submitted by b'northsea' 
b'MozillaVPN: Elevation of Privilege via a Logic Vulnerability'
03 Jul 2025 timeline
b'Mozilla' disclosed a bug submitted by b'northsea' 
b'MozillaVPN: Elevation of Privilege via a Race Condition Vulnerability'
03 Jul 2025 timeline
b'Mozilla' disclosed a bug submitted by b'martinvw' 
b'Subdomain takeover on live.firefox.com'
03 Jul 2025 timeline
b'curl' disclosed a bug submitted by b'stogusho' 
b"curl doesn't hide credentials in /proc/XXX/cmdline provided via CLI arguments"
03 Jul 2025 timeline
b'curl' disclosed a bug submitted by b'justlikebono_official' 
b'Elevation of Privileges (EoP) vulnerabilities related to the some easy_options on Windows'
03 Jul 2025 timeline
b'curl' disclosed a bug submitted by b'voggerloops' 
b'Authorization Header Leak via --location-trusted in Curl'
03 Jul 2025 timeline
b'curl' disclosed a bug submitted by b'catenacyber' 
b'Memory leak of ftp (with proxy reuse)'
01 Jul 2025 timeline
b'curl' disclosed a bug submitted by b'alphox' 
b'HTTP Proxy Bypass via `CURLOPT_CUSTOMREQUEST` Verb Tunneling'
01 Jul 2025 timeline
b'curl' disclosed a bug submitted by b'evilginx1' 
b'Speculative Execution Side-Channel in `curl` '
01 Jul 2025 timeline
b'curl' disclosed a bug submitted by b'demsese' 
b'arbitrary file read via `file://` path traversal with `--path-as-is`'
01 Jul 2025 timeline
b'curl' disclosed a bug submitted by b'freak_coding' 
b'Heap buffer overflow vulnerability in conncache.c: incorrect use of pointer arrays resulting in out-of-bounds memory writes.'
01 Jul 2025 timeline
b'curl' disclosed a bug submitted by b'wolfsage' 
b'curl -OJ allows creating custom .curlrc file which allows exfiltrating private data, among other things'
01 Jul 2025 timeline
b'curl' disclosed a bug submitted by b'wolfsage' 
b'curl_easy_header runs at O(N) or worse and can be abused to use minute(s) of CPU time'
01 Jul 2025 timeline
b'curl' disclosed a bug submitted by b'oicus' 
b'[High] MITM via Insecure CA Path Handling in cURL (--capath, CURLOPT_CAPATH) (CWE-494: Download of Code Without Integrity Check)'
30 Jun 2025 timeline
b'curl' disclosed a bug submitted by b'oicus' 
b'[High] Arbitrary File Write via Path Traversal in cURL CLI (`-o`, `--output`) (CWE-22: Improper Limitation of a Pathname to a Restricted Directory)'
30 Jun 2025 timeline
b'curl' disclosed a bug submitted by b'redfoxsec' 
b'Potential XSS vector in curl via unsanitized URL parameter handling'
30 Jun 2025 timeline
b'curl' disclosed a bug submitted by b'tdp3kel9g' 
b'Double free caused by mqtt_doing()'
30 Jun 2025 timeline
1 2 3 4 ... 733
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM