bug bounty

hackerone

HackerOne Bug Bounty Disclosure: b-crash-report-cloudflare-warp-doesn-t-verify-text-length-in-excluded-host-name-input-data-b-shewhoisblack

July 31, 2023

Company Name: b'Cloudflare Public Bug Bounty' Company HackerOne URL: https://hackerone.com/cloudflare Submitted By:b'shewhoisblack'Link to Submitters Profile:https://hackerone.com/b'shewhoisblack' Report Title:b'Crash report -Cloudflare WARP...

Read MoreRead more about HackerOne Bug Bounty Disclosure: b-crash-report-cloudflare-warp-doesn-t-verify-text-length-in-excluded-host-name-input-data-b-shewhoisblack
hackerone

HackerOne Bug Bounty Disclosure: b-csrf-in-seller-us-tiktok-com-profile-account-setting-delegation-login-b-eye

July 26, 2023

Company Name: b'TikTok' Company HackerOne URL: https://hackerone.com/tiktok Submitted By:b'eye_'Link to Submitters Profile:https://hackerone.com/b'eye_' Report Title:b'CSRF in seller-us.tiktok.com/profile/account-setting/delegation-login 'Report Link:https://hackerone.com/reports/2002352Date Submitted:26 July...

Read MoreRead more about HackerOne Bug Bounty Disclosure: b-csrf-in-seller-us-tiktok-com-profile-account-setting-delegation-login-b-eye
hackerone

HackerOne Bug Bounty Disclosure: heap-buffer-overflow-in-gc-writebarrier-incremental-piao

July 19, 2023

Company Name: Ruby Company HackerOne URL: https://hackerone.com/ruby Submitted By:piaoLink to Submitters Profile:https://hackerone.com/piao Report Title:heap-buffer-overflow in gc_writebarrier_incrementalReport Link:https://hackerone.com/reports/1940002Date Submitted:19 July 2023...

Read MoreRead more about HackerOne Bug Bounty Disclosure: heap-buffer-overflow-in-gc-writebarrier-incremental-piao
hackerone

HackerOne Bug Bounty Disclosure: rdoc-methodattr-is-vulnerable-to-regular-expression-denial-of-service-redos-sighook

July 18, 2023

Company Name: Ruby Company HackerOne URL: https://hackerone.com/ruby Submitted By:sighookLink to Submitters Profile:https://hackerone.com/sighook Report Title:RDoc::MethodAttr is vulnerable to Regular Expression Denial...

Read MoreRead more about HackerOne Bug Bounty Disclosure: rdoc-methodattr-is-vulnerable-to-regular-expression-denial-of-service-redos-sighook
hackerone

HackerOne Bug Bounty Disclosure: an-idor-that-can-lead-to-enumeration-of-a-user-and-disclosure-of-email-and-phone-number-within-cashier-miquinho

July 17, 2023

Company Name: Unikrn Company HackerOne URL: https://hackerone.com/unikrn Submitted By:miquinhoLink to Submitters Profile:https://hackerone.com/miquinho Report Title:An IDOR that can lead to enumeration...

Read MoreRead more about HackerOne Bug Bounty Disclosure: an-idor-that-can-lead-to-enumeration-of-a-user-and-disclosure-of-email-and-phone-number-within-cashier-miquinho
hackerone

HackerOne Bug Bounty Disclosure: an-attacker-can-can-view-any-hacker-email-via-savecollaboratorsmutation-operation-name–xrayan

July 14, 2023

Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:0xrayan1996Link to Submitters Profile:https://hackerone.com/0xrayan1996 Report Title:An attacker can can view any hacker...

Read MoreRead more about HackerOne Bug Bounty Disclosure: an-attacker-can-can-view-any-hacker-email-via-savecollaboratorsmutation-operation-name–xrayan
hackerone

HackerOne Bug Bounty Disclosure: metamask-browser-url-and-transaction-origin-spoofing-metamask-wallet-android-metamask-wallet-ios-renekroka

July 14, 2023

Company Name: MetaMask Company HackerOne URL: https://hackerone.com/metamask Submitted By:renekrokaLink to Submitters Profile:https://hackerone.com/renekroka Report Title:MetaMask Browser URL and Transaction Origin Spoofing...

Read MoreRead more about HackerOne Bug Bounty Disclosure: metamask-browser-url-and-transaction-origin-spoofing-metamask-wallet-android-metamask-wallet-ios-renekroka
hackerone

HackerOne Bug Bounty Disclosure: improper-authentication-inside-the-rockstar-games-launcher-which-leads-to-account-takeover-to-some-extend–xshivam

July 14, 2023

Company Name: Rockstar Games Company HackerOne URL: https://hackerone.com/rockstargames Submitted By:0xshivamLink to Submitters Profile:https://hackerone.com/0xshivam Report Title:Improper Authentication inside the Rockstar Games...

Read MoreRead more about HackerOne Bug Bounty Disclosure: improper-authentication-inside-the-rockstar-games-launcher-which-leads-to-account-takeover-to-some-extend–xshivam
hackerone

HackerOne Bug Bounty Disclosure: internal-machine-learning-api-endpoint-for-cwe-classification-is-vulnerable-to-path-traversal-jobert

July 14, 2023

Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:jobertLink to Submitters Profile:https://hackerone.com/jobert Report Title:Internal machine learning API endpoint for CWE...

Read MoreRead more about HackerOne Bug Bounty Disclosure: internal-machine-learning-api-endpoint-for-cwe-classification-is-vulnerable-to-path-traversal-jobert
hackerone

HackerOne Bug Bounty Disclosure: banned-user-still-able-to-invited-to-reports-as-a-collabrator-and-reset-the-password-light-r

July 14, 2023

Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:light3rLink to Submitters Profile:https://hackerone.com/light3r Report Title:Banned user still able to invited to...

Read MoreRead more about HackerOne Bug Bounty Disclosure: banned-user-still-able-to-invited-to-reports-as-a-collabrator-and-reset-the-password-light-r
hackerone

HackerOne Bug Bounty Disclosure: arbitrary-file-write-triggered-by-deeplink-abuse-metamask-android-hackerontwowheels

July 14, 2023

Company Name: MetaMask Company HackerOne URL: https://hackerone.com/metamask Submitted By:hackerontwowheelsLink to Submitters Profile:https://hackerone.com/hackerontwowheels Report Title:Arbitrary file write triggered by deeplink abuse...

Read MoreRead more about HackerOne Bug Bounty Disclosure: arbitrary-file-write-triggered-by-deeplink-abuse-metamask-android-hackerontwowheels
hackerone

HackerOne Bug Bounty Disclosure: server-side-rce-through-directory-traversal-based-arbitrary-file-write-fabianfreyer

July 14, 2023

Company Name: Rocket.Chat Company HackerOne URL: https://hackerone.com/rocket_chat Submitted By:fabianfreyerLink to Submitters Profile:https://hackerone.com/fabianfreyer Report Title:Server-side RCE through directory traversal-based arbitrary file...

Read MoreRead more about HackerOne Bug Bounty Disclosure: server-side-rce-through-directory-traversal-based-arbitrary-file-write-fabianfreyer

You may have missed

image

CVE Alert: CVE-2025-9216 – kodezen – StoreEngine – Powerful WordPress eCommerce Plugin for Payments, Memberships, Affiliates, Sales & More

September 17, 2025
image

CVE Alert: CVE-2025-10058 – smackcoders – WP Import – Ultimate CSV XML Importer for WordPress

September 17, 2025
image

CVE Alert: CVE-2025-10057 – smackcoders – WP Import – Ultimate CSV XML Importer for WordPress

September 17, 2025
image

CVE Alert: CVE-2025-10143 – catchthemes – Catch Dark Mode

September 17, 2025
image

CVE Alert: CVE-2025-10589 – N-Partner – N-Reporter

September 17, 2025