Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'58 
b'ooooooo_q'52 
b'haxta4ok00'49 
b'jon_bottarini'49 

the unofficial HackerOne disclosure timeline.

X
b'AWS VDP' disclosed a bug submitted by b'xendaviour' 
b'Session Timeout Does Not Enforce Re-Authentication on AWS Access Portal'
05 Mar 2025 timeline
b'Autodesk' disclosed a bug submitted by b'khoof' 
b'CVE-2023-5561 on Payapps.com'
05 Mar 2025 timeline
b'AWS VDP' disclosed a bug submitted by b'nick_frichette_dd' 
b'Non-Production API Endpoints for the Device Farm Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration'
04 Mar 2025 timeline
b'AWS VDP' disclosed a bug submitted by b'hemant1' 
b'Sensitive API Key Leakage'
04 Mar 2025 timeline
b'MTN Group' disclosed a bug submitted by b'trev0ck' 
b'Ability to Add and Verify Uncontrolled Mobile Numbers Leading to Account Takeover (ATO)'
04 Mar 2025 timeline
b'MTN Group' disclosed a bug submitted by b'hafiz-ng' 
b'Broken Access Control leads to disclosure of transaction history via /v2/rechargeTransactionHistory endpoint'
02 Mar 2025 timeline
b'MTN Group' disclosed a bug submitted by b'tinopreter' 
b'Admin Dashboard Access Leads to Updating Merchant Info'
02 Mar 2025 timeline
b'Autodesk' disclosed a bug submitted by b'the-white-evil' 
b'Stored XSS via Post Tittle Enabling Non-Privileged User to Privileged User Exploitation on https://forums.autodesk.com/'
26 Feb 2025 timeline
b'AWS VDP' disclosed a bug submitted by b'nick_frichette_dd' 
b'Non-Production API Endpoints for the Datazone Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration'
26 Feb 2025 timeline
b'PortSwigger Web Security' disclosed a bug submitted by b'iamunixtz' 
b'Burp Suite extensions can execute arbitrary code'
26 Feb 2025 timeline
b'Sorare' disclosed a bug submitted by b'tinine' 
b'Unsufficent input verification leads to DoS and resource consumption'
26 Feb 2025 timeline
b'GitLab' disclosed a bug submitted by b'asterion04' 
b'Account Takeover via Password Reset without user interactions'
26 Feb 2025 timeline
b'AWS VDP' disclosed a bug submitted by b'nick_frichette_dd' 
b'Amazon Comprehend Medical Service Reporting "AWS Internal" for CloudTrail Events Generated from FIPS Endpoints'
25 Feb 2025 timeline
b'Hemi VDP' disclosed a bug submitted by b'muralidharan_1530' 
b'Broken X (Twitter) link on hemi.xyz/about'
25 Feb 2025 timeline
b'Reddit' disclosed a bug submitted by b'la_revoltage' 
b'Exposed proxy allows to access internal reddit domains'
24 Feb 2025 timeline
b'MTN Group' disclosed a bug submitted by b'offensiveops' 
b'Information disclosure due to debug mode enabled at Laravel instance https://mpos.mtn.co.sz/ '
23 Feb 2025 timeline
b'MTN Group' disclosed a bug submitted by b'h0w' 
b'CVE-2023-41763 Business Elevation of Privilege vulnerability on [.mtn.com]'
22 Feb 2025 timeline
b'MTN Group' disclosed a bug submitted by b'h0w' 
b'Unauthorized access to PII leads to Administrator account Takeover'
22 Feb 2025 timeline
b'WakaTime' disclosed a bug submitted by b'm_kamal' 
b'User Email Disclosure via ID-Based Invitation'
22 Feb 2025 timeline
b'Autodesk' disclosed a bug submitted by b'alphahacks' 
b'Insecure Direct Object Reference (IDOR) in GraphQL deleteProfileImages Mutation'
21 Feb 2025 timeline
1 2 3 4 5 ... 724
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM