Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'83 
b'linkks'75 
b'jobert'70 
b'nyymi'62 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Mars' disclosed a bug submitted by b'kuriyama' 
b'Bug Report #23JAN135 (subdomain takeover via shopify )'
02 Sep 2025 timeline
b'Mars' disclosed a bug submitted by b'kuriyama' 
b'RXSS on stores on */visitorRegistration.pml via destination parameter'
02 Sep 2025 timeline
b'Mars' disclosed a bug submitted by b'blackbird_azar' 
b'Order More Than Maximum Allowed Quantity'
02 Sep 2025 timeline
b'Mars' disclosed a bug submitted by b'egsec' 
b'Account Takeover in Password Reset Function'
02 Sep 2025 timeline
b'Lichess' disclosed a bug submitted by b'albetisi' 
b' Unauthorized Blogs Creation'
02 Sep 2025 timeline
b'curl' disclosed a bug submitted by b'9vvert' 
b'Incorrect Parsing of IPv6 Zone ID in curl'
01 Sep 2025 timeline
b'Node.js' disclosed a bug submitted by b'codingthunder' 
b'CWE-195 in ExternalMemoryAccounter::Increase()'
26 Aug 2025 timeline
b'AWS VDP' disclosed a bug submitted by b'notnotnotveg' 
b'AWS | Self Registration Internal LibreChat : Access to internal/proprietary LLMs'
25 Aug 2025 timeline
b'Autodesk' disclosed a bug submitted by b'who_am_i_' 
b'Stored XSS in AREA tutorials'
25 Aug 2025 timeline
b'Omise' disclosed a bug submitted by b'mantu1738' 
b'PII Exposure via Email Confirmation Link Email Embedded in Token & Leaked via Wayback Machine'
23 Aug 2025 timeline
b'Brave Software' disclosed a bug submitted by b'stellersjay' 
b'Prompt Injection via GitHub Patch in Brave AI Chat (Leo)'
22 Aug 2025 timeline
b'curl' disclosed a bug submitted by b'balajidev' 
b'Missing Security Headers'
22 Aug 2025 timeline
b'curl' disclosed a bug submitted by b'robert_min1' 
b'curl leaks destination IP via glibc getaddrinfo() UDP connect, bypassing SOCKS5/Tor'
20 Aug 2025 timeline
b'curl' disclosed a bug submitted by b'irene1hacker' 
b'Curl parse_connect_to_string Heap-Overread Leading to Denial of Service via CURLOPT_CONNECT_TO'
20 Aug 2025 timeline
b'WakaTime' disclosed a bug submitted by b'pashaaaaaaaa' 
b'Invalid'
19 Aug 2025 timeline
b'curl' disclosed a bug submitted by b'pelioro' 
b'WebSocket Fragmentation DoS on Curl Client'
19 Aug 2025 timeline
b'Insightly' disclosed a bug submitted by b'akostak' 
b'Email verification bypass via request to endpoint "accounts.insightly.com/signup/provisionuser"'
18 Aug 2025 timeline
b'Malwarebytes' disclosed a bug submitted by b'assassin_marcos' 
b'No SPF/DMARC records on mb-cosmos.com'
18 Aug 2025 timeline
18 Aug 2025 disclosed a bug submitted by Title Heap Use-After-Free Vulnerability in `curl` Leading to Potential Code Execution' 
b'
b'irene1hacker' timeline
b'Malwarebytes' disclosed a bug submitted by b'sijojohnson' 
b'Email Verification Bypass via Race Condition'
15 Aug 2025 timeline
1 2 3 4 ... 738
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM