Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:giant_anteaterLink to Submitters Profile:https://hackerone.com/giant_anteater Report Title:Apple SecTrust legacy path accepts untrusted certificates...
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:giant_anteaterLink to Submitters Profile:https://hackerone.com/giant_anteater Report Title:OpenSSL backend: X509 peer certificate not freed...
Company Name: PortSwigger Web Security Company HackerOne URL: https://hackerone.com/portswigger Submitted By:farmerLink to Submitters Profile:https://hackerone.com/farmer Report Title:DNS Rebinding SSRF in Burp...
Company Name: Omise Company HackerOne URL: https://hackerone.com/omise Submitted By:mantu1738Link to Submitters Profile:https://hackerone.com/mantu1738 Report Title:Pending invites remain valid even after the...
Public Exposure of PII of NASA Meeting Registrations Public Exposure of PII of NASA Meeting Registrations Researcher: chirag8023 Engagement: National...
Company Name: Insightly Company HackerOne URL: https://hackerone.com/insightly Submitted By:khaledxLink to Submitters Profile:https://hackerone.com/khaledx Report Title:CSRF vulnerability allows disabling Gmail contacts link...
Company Name: Insightly Company HackerOne URL: https://hackerone.com/insightly Submitted By:khaledxLink to Submitters Profile:https://hackerone.com/khaledx Report Title:Stored XSS in Email Notifcation Report Link:https://hackerone.com/reports/1597271Date...
Members can enumerate and delete organization invites Members can enumerate and delete organization invites Researcher: Engagement: PostHog Vulnerability Disclosure Engagement...
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:smiliesandcoLink to Submitters Profile:https://hackerone.com/smiliesandco Report Title:int overflow in krb5_read_data() leads to (possible)...
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:jfhgdsjkfLink to Submitters Profile:https://hackerone.com/jfhgdsjkf Report Title:Security Analysis Report: CURL Integer Overflow VulnerabilityReport...
Company Name: Shopify Company HackerOne URL: https://hackerone.com/shopify Submitted By:fr4viaLink to Submitters Profile:https://hackerone.com/fr4via Report Title:URL Scheme Validation Bypass in Shopify Mobile...
Company Name: Bykea Company HackerOne URL: https://hackerone.com/bykea Submitted By:sameer_aliLink to Submitters Profile:https://hackerone.com/sameer_ali Report Title:MongoDB Query Logs & Schema Leak via...
Company Name: Shopify Company HackerOne URL: https://hackerone.com/shopify Submitted By:ahmednasr1Link to Submitters Profile:https://hackerone.com/ahmednasr1 Report Title:GraphQL Introspection Enabled on Shopify API Endpoint...
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:batuhanilgarrLink to Submitters Profile:https://hackerone.com/batuhanilgarr Report Title:Stack Buffer Overflow in cURL Cookie Parsing...
Details of the collaboration between NASA and Inmarsat Government and the type of contract Details of the collaboration between NASA...
Publicly Editable Google Docs Linked from NASA SnowEx PPT Publicly Editable Google Docs Linked from NASA SnowEx PPT Researcher: Engagement:...
Company Name: Django Company HackerOne URL: https://hackerone.com/django Submitted By:eyalsecLink to Submitters Profile:https://hackerone.com/eyalsec Report Title:SQL Injection when using FilteredRelationReport Link:https://hackerone.com/reports/3292573Date Submitted:15...
Company Name: TikTok Company HackerOne URL: https://hackerone.com/tiktok Submitted By:ahmed_xyzLink to Submitters Profile:https://hackerone.com/ahmed_xyz Report Title:Stored XSS on TikTok's backend leads to...
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:0xreyLink to Submitters Profile:https://hackerone.com/0xrey Report Title:TOCTOU Race Condition in HTTP/2 Connection Reuse...
Company Name: TikTok Company HackerOne URL: https://hackerone.com/tiktok Submitted By:eneriLink to Submitters Profile:https://hackerone.com/eneri Report Title:Chained Broken Access Control in TikTok Live...
Reflected Cross-Site Scripting (XSS) on www.nasa.gov/search/search.jsp Reflected Cross-Site Scripting (XSS) on www.nasa.gov/search/search.jsp Researcher: madhu873 Engagement: National Aeronautics and Space Administration...
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:cruoccoLink to Submitters Profile:https://hackerone.com/cruocco Report Title:CVE-2025-10148: predictable WebSocket maskReport Link:https://hackerone.com/reports/3330839Date Submitted:10 September...
Company Name: Khan Academy Company HackerOne URL: https://hackerone.com/khanacademy Submitted By:meowsintLink to Submitters Profile:https://hackerone.com/meowsint Report Title:337k users and 1 employee leaked...
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:bigsleepLink to Submitters Profile:https://hackerone.com/bigsleep Report Title:CVE-2025-9086: Out of bounds read for cookie...
