Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'58 
b'ooooooo_q'52 
b'haxta4ok00'49 
b'jon_bottarini'49 

the unofficial HackerOne disclosure timeline.

X
b'Yelp' disclosed a bug submitted by b'vijaysimha-reddy' 
b'Privilege Escalation - A Non Owner User Who Does not Have access to the user management can invite other users to the restaurant page'
29 Jan 2025 timeline
b'Adobe' disclosed a bug submitted by b'titanrain' 
b'Registration Information Leakage '
29 Jan 2025 timeline
b'Cognizant' disclosed a bug submitted by b'hellicopter' 
b'Disclosure of the valid Cognizant credentials at the Postman collection'
29 Jan 2025 timeline
b'Yelp' disclosed a bug submitted by b'vijaysimha-reddy' 
b'Privilege Escalation - A Low Privilege User who does not have access to the user management module can remove the owner of the business account'
28 Jan 2025 timeline
b'Node.js' disclosed a bug submitted by b'taise' 
b'Path traversal by drive name in Windows environment'
27 Jan 2025 timeline
b'TikTok' disclosed a bug submitted by b'datph4m' 
b'Unauthorized Access to TikTok Account [Private Videos] via API Endpoint'
24 Jan 2025 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'0xrasputin' 
b'Public google drive link Exposes Military Orders Containing PII (Name, SSN etc..) and Operational Details'
24 Jan 2025 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'hxhbrofessor' 
b'Exposure of Private Personal Information to an Unauthorized Actor - PII and soldier data (mos, schools, and speciality training)'
24 Jan 2025 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'iamunixtz' 
b'Boolen Based Blind Sql Injection Via User Agent in .mil'
24 Jan 2025 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'leofmlopes' 
b'Time-based blind SQL injection'
24 Jan 2025 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'thpless' 
b'XSS vulnerability found in javascript code of https://.mil'
24 Jan 2025 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'thpless' 
b'XSS found in https://www..mil'
24 Jan 2025 timeline
b'XVIDEOS' disclosed a bug submitted by b'chse_' 
b'Stored XSS via SMTP Error Message'
24 Jan 2025 timeline
b'IBM' disclosed a bug submitted by b'youssifs7' 
b'POST based Cross-Site Scripting on IBM research endpoint'
23 Jan 2025 timeline
b'Node.js' disclosed a bug submitted by b'parrot409' 
b'Usage of unsafe random function in undici for choosing boundary'
23 Jan 2025 timeline
b'Mozilla' disclosed a bug submitted by b'0d_amrr' 
b' Bypass Email verification for monitoring at `monitor.mozilla.org`'
22 Jan 2025 timeline
b'Node.js' disclosed a bug submitted by b'leodog896' 
b'Worker permission bypass via InternalWorker leak in diagnostics'
21 Jan 2025 timeline
b'HackerOne' disclosed a bug submitted by b'haxta4ok00' 
b'Disclosing PolicyPageAssetGroup in Private Programs via /graphql `gid://hackerone/PolicyPageAssetGroupsIndex::PolicyPageAssetGroup/{id}`'
21 Jan 2025 timeline
b'Yelp' disclosed a bug submitted by b'mester_x' 
b"Object Level access control leads to reading user's full requests, sessions, and error messages"
18 Jan 2025 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'leixiao' 
b'CVE-2022-40604: Apache Airflow: Format String Vulnerability'
18 Jan 2025 timeline
1 ... 9 10 11 12 13 ... 729
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM