Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'81 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'60 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'curl' disclosed a bug submitted by b'oicus' 
b'[High] Arbitrary File Write via Path Traversal in cURL CLI (`-o`, `--output`) (CWE-22: Improper Limitation of a Pathname to a Restricted Directory)'
30 Jun 2025 timeline
b'curl' disclosed a bug submitted by b'redfoxsec' 
b'Potential XSS vector in curl via unsanitized URL parameter handling'
30 Jun 2025 timeline
b'curl' disclosed a bug submitted by b'tdp3kel9g' 
b'Double free caused by mqtt_doing()'
30 Jun 2025 timeline
b'curl' disclosed a bug submitted by b'cyberguardianrd' 
b"Buffer Overflow in curl's Rustls Backend"
30 Jun 2025 timeline
b'curl' disclosed a bug submitted by b'agent_0' 
b'Stack-based Buffer Overflow in TELNET NEW_ENV Option Handling'
30 Jun 2025 timeline
b'Yelp' disclosed a bug submitted by b'0xold' 
b'RXSS AT https://proze.yelp.com/tmsubscribe.net/vidsn.aspx'
30 Jun 2025 timeline
b'Cosmos' disclosed a bug submitted by b'unknown_feature' 
b'Making transfer v2 channel unupgradable through the forwarding '
30 Jun 2025 timeline
b'Cosmos' disclosed a bug submitted by b'unknown_feature' 
b'Replacing ICA active channel during the upgrade and a bit more'
30 Jun 2025 timeline
b'Tools for Humanity' disclosed a bug submitted by b'polem4rch' 
b'Unlock underage blocked app without support interaction using airplane mode'
30 Jun 2025 timeline
b'curl' disclosed a bug submitted by b'geeknik' 
b'Heap Buffer Overflow in libcurl curl_slist_append via Unterminated String'
30 Jun 2025 timeline
b'curl' disclosed a bug submitted by b'catenacyber' 
b'Memory leak from doh_write_cb'
29 Jun 2025 timeline
b'Cosmos' disclosed a bug submitted by b'unknown_feature' 
b'Unauthorized coins transfer from locking account(s)'
29 Jun 2025 timeline
b'curl' disclosed a bug submitted by b'evilginx1' 
b'HTTP/2 CONTINUATION Flood Vulnerability'
28 Jun 2025 timeline
b'curl' disclosed a bug submitted by b'ziad616' 
b'Path Traversal Vulnerability in curl via Unsanitized IPFS_PATH Environment Variable'
28 Jun 2025 timeline
b'curl' disclosed a bug submitted by b'deep-hackerone' 
b'Buffer Overflow in curl MQTT Test Server (tests/server/mqttd.c) via Malicious CONNECT Packet'
28 Jun 2025 timeline
b'curl' disclosed a bug submitted by b'tdp3kel9g' 
b'Free of uninitialized pointer in doh_decode_rdata_name()'
28 Jun 2025 timeline
b'curl' disclosed a bug submitted by b'irfanmughal1122' 
b'Improper Restriction of Authentication Attempts in cURL'
28 Jun 2025 timeline
b'curl' disclosed a bug submitted by b'oblivionsage' 
b"Stack Buffer Overflow in curl's OpenSSL Provider Handling"
28 Jun 2025 timeline
b'curl' disclosed a bug submitted by b'behindtheblackwall' 
b' OS Command Injection in scripts/firefox-db2pem.sh via untrusted certificate nicknames'
28 Jun 2025 timeline
b'TikTok' disclosed a bug submitted by b'z3phyrus' 
b'Unauthorized Access to Private Video Description via Translation API for Private Accounts'
27 Jun 2025 timeline
1 2 3 4 5 ... 733
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM