Top10 publishers:
bobrov114 
linkks73 
geeknik70 
sp1d3rs62 
jobert52 
guido45 Twitter
bl4de42 
ryat40 
bigbear_38 
zombiehelp5437 Twitter

the unofficial HackerOne disclosure timeline.

X
curl disclosed a bug submitted by vshmuk 
Port and service scanning on localhost due to improper URL validation.
15 Jan 2020 timeline
Node.js disclosed a bug submitted by tunz 
Use After Free in crypto.randomFill
15 Jan 2020 timeline
Node.js disclosed a bug submitted by arkadiyt 
Http request splitting
15 Jan 2020 timeline
Automattic disclosed a bug submitted by godofdarkness_msf 
Theme Assets uploader allows HTML content
14 Jan 2020 timeline
Automattic disclosed a bug submitted by godofdarkness_msf 
Follow by email allows for following by unverified emails
14 Jan 2020 timeline
Mail.ru disclosed a bug submitted by mickey01 
Information disclosure with sensitive data
14 Jan 2020 timeline
Mail.ru disclosed a bug submitted by mobius07 
API method at api.my.games allows to enumerate user emails
14 Jan 2020 timeline
DRIVE.NET, Inc. disclosed a bug submitted by dre4dp1r4terob3rts 
Same site Scripting
13 Jan 2020 timeline
Razer disclosed a bug submitted by namunah 
Misconfigured s3 Bucket exposure
12 Jan 2020 timeline
Node.js third-party modules disclosed a bug submitted by vineetpandey 
[node-red] Stored XSS within Flow's - "Name" field
11 Jan 2020 timeline
Node.js third-party modules disclosed a bug submitted by mik317 
[npm-git-publish] RCE via insecure command formatting
11 Jan 2020 timeline
Node.js third-party modules disclosed a bug submitted by ayerobot 
Stored XSS (Hexo-admin plugin)
11 Jan 2020 timeline
Node.js third-party modules disclosed a bug submitted by mik317 
[meta-git] RCE via insecure command formatting
11 Jan 2020 timeline
Node.js disclosed a bug submitted by vavkamil 
CRLF Injection in legacy url API (url.parse().hostname)
10 Jan 2020 timeline
NordVPN disclosed a bug submitted by bobby6102000 
Version problem in wordpress leads to the many vulnearability
10 Jan 2020 timeline
SEMrush disclosed a bug submitted by zcashi 
Unrestricted file upload in www.semrush.com > /my_reports/api/v1/upload/image
10 Jan 2020 timeline
Razer disclosed a bug submitted by corraldev 
Reflected XSS at https://pay.gold.razer.com escalated to account takeover
10 Jan 2020 timeline
Node.js disclosed a bug submitted by tosh 
Hostname spoofing
10 Jan 2020 timeline
Mail.ru disclosed a bug submitted by bounty- 
unauthorized access to add admin endpoint
09 Jan 2020 timeline
Mail.ru disclosed a bug submitted by sparks 
Race condition ??? ??????? ???????? ?? games.mail.ru
09 Jan 2020 timeline
1 2 3 4 ... 397
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM