Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'81 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'60 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'curl' disclosed a bug submitted by b'tdp3kel9g' 
b'Free of uninitialized pointer in doh_decode_rdata_name()'
28 Jun 2025 timeline
b'curl' disclosed a bug submitted by b'irfanmughal1122' 
b'Improper Restriction of Authentication Attempts in cURL'
28 Jun 2025 timeline
b'curl' disclosed a bug submitted by b'oblivionsage' 
b"Stack Buffer Overflow in curl's OpenSSL Provider Handling"
28 Jun 2025 timeline
b'curl' disclosed a bug submitted by b'behindtheblackwall' 
b' OS Command Injection in scripts/firefox-db2pem.sh via untrusted certificate nicknames'
28 Jun 2025 timeline
b'TikTok' disclosed a bug submitted by b'z3phyrus' 
b'Unauthorized Access to Private Video Description via Translation API for Private Accounts'
27 Jun 2025 timeline
b'Basecamp' disclosed a bug submitted by b'sudi' 
b'Mutation Based Stored XSS on Trix Editor version latest (2.1.8)'
27 Jun 2025 timeline
b'curl' disclosed a bug submitted by b'grahamcampbell' 
b'Failure to strip Proxy-Authorization header on change in origin'
27 Jun 2025 timeline
b'curl' disclosed a bug submitted by b'ednaq' 
b'Arbitrary File Read via Unsanitized curl Usage Results in Sensitive File Exposure'
27 Jun 2025 timeline
b'Nintendo' disclosed a bug submitted by b'kinnay' 
b'NEX: Stack overflow in UnicodeToUtf8'
27 Jun 2025 timeline
b'Bykea' disclosed a bug submitted by b'grassye' 
b'Improper Access Control Allows Trip Hijacking and Passenger/Driver PII Disclosure'
26 Jun 2025 timeline
b'Bykea' disclosed a bug submitted by b'mrrhacker' 
b'Exposed trip_no in WebSocket Responses Leading to Excessive information Disclosure'
26 Jun 2025 timeline
b'Automattic' disclosed a bug submitted by b'q5ca' 
b'Woocommerce SQL Injection in WC_Report_Coupon_Usage'
24 Jun 2025 timeline
b'curl' disclosed a bug submitted by b'oxghostly' 
b'Credential leak on redirect due to improper state clearing when parsing macdef in netrc.c'
22 Jun 2025 timeline
b'curl' disclosed a bug submitted by b'z2_' 
b'Sensitive information disclosure with malicious netrc file'
22 Jun 2025 timeline
b'Informatica' disclosed a bug submitted by b'growler09' 
b'EXIF metadata not stripped from profile image'
18 Jun 2025 timeline
b'Node.js' disclosed a bug submitted by b'kenballus' 
b'Improper HTTP header block termination in llhttp'
13 Jun 2025 timeline
b'Informatica' disclosed a bug submitted by b'xbow' 
b'[20.98.103.245] Cross-Site Scripting (XSS) via /ssl-vpn/getconfig.esp at GlobalProtect VPN Portal'
13 Jun 2025 timeline
b'Rootstock Labs' disclosed a bug submitted by b'guido' 
b'Crafted smart contract can take 8 minutes to execute due to bug in modexp precompile.'
13 Jun 2025 timeline
b'Rootstock Labs' disclosed a bug submitted by b'spacewasp' 
b'DOS of RSKJ server'
13 Jun 2025 timeline
b'Lichess' disclosed a bug submitted by b'closec4ll' 
b'Improper Authentication Throttling Allows Attacker-Controlled Account Lockouts '
13 Jun 2025 timeline
1 2 3 4 5 6 ... 733
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM