Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'83 
b'linkks'75 
b'jobert'70 
b'nyymi'62 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Shopify' disclosed a bug submitted by b'raymond_lind' 
b'Reflected XSS In Marketing Reports Page On *.myshopify.com/admin'
15 Apr 2025 timeline
b'Monero' disclosed a bug submitted by b'padillac' 
b'low-level p2p ping + tcp flooding leads to a remote crash in monerod'
14 Apr 2025 timeline
b'WakaTime' disclosed a bug submitted by b'parthabishwas' 
b'Login Information and Credentials Have Been Leaked on wakatime.com'
13 Apr 2025 timeline
b'1Password - Enterprise Password Manager' disclosed a bug submitted by b'stomper4' 
b'#**CSV Injection in shared passwords leads to complete Private Vault Exfiltration**'
12 Apr 2025 timeline
b'Lichess' disclosed a bug submitted by b'ryomenshuvro' 
b'Direct IP Access to Website'
11 Apr 2025 timeline
b'Ruby on Rails' disclosed a bug submitted by b'leonsirio' 
b'1-Click Cross-Site Scripting via Custom Configuration in SafeListSanitizer'
09 Apr 2025 timeline
b'AWS VDP' disclosed a bug submitted by b'nick_frichette_dd' 
b'(Part 2) Non-Production API Endpoints for the Datazone Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration'
08 Apr 2025 timeline
b'Autodesk' disclosed a bug submitted by b'0xsom3a' 
b'HTML Injection in Business Name Parameter in Payapps'
07 Apr 2025 timeline
b'KHealth' disclosed a bug submitted by b'eneri' 
b'Information disclouser from URL parameter "access" lead to Account Takeover'
07 Apr 2025 timeline
b'Adobe' disclosed a bug submitted by b'jf0x0r' 
b'Disclosure of git metadata and springboot actuator information'
07 Apr 2025 timeline
b'HackerOne' disclosed a bug submitted by b'avinash_' 
b'The /reports/:id.json endpoint discloses potentially sensitive user attributes when reporter summary is present'
01 Apr 2025 timeline
b'Informatica' disclosed a bug submitted by b'growler09' 
b'No rate limiting on form[register]'
28 Mar 2025 timeline
b'Hemi VDP' disclosed a bug submitted by b'aaravhex' 
b'Cloudflare WAF Bypass - Origin IP Exposure'
27 Mar 2025 timeline
b'Shopify' disclosed a bug submitted by b'ooooooo_q' 
b'HTTP Response Header Injection in shopify/pitchfork + Rack 3'
27 Mar 2025 timeline
b'Brave Software' disclosed a bug submitted by b'canalun' 
b'Null Pointer Dereference by Crafted Response from AI Model'
26 Mar 2025 timeline
b'AWS VDP' disclosed a bug submitted by b'nick_frichette_dd' 
b'Non-Production API Endpoints for the Forecast Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration'
24 Mar 2025 timeline
b'Autodesk' disclosed a bug submitted by b'yunxohang' 
b'Twitter broken link hijacking in thewild.com'
24 Mar 2025 timeline
b'Trendyol' disclosed a bug submitted by b'samark19' 
b'Cache Poisoning Allows Zero Interaction Store XSS'
22 Mar 2025 timeline
b'Shopify' disclosed a bug submitted by b'samux' 
b'Limited Privilege User Can Create Unauthorized Referrals on partners.shopify.com'
20 Mar 2025 timeline
b'Autodesk' disclosed a bug submitted by b'metereorpreter' 
b'SSRF in Autodesk Rendering leading to account takeover'
18 Mar 2025 timeline
1 ... 12 13 14 15 16 ... 737
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM