Company Name: Mozilla Company HackerOne URL: https://hackerone.com/mozilla Submitted By:northseaLink to Submitters Profile:https://hackerone.com/northsea Report Title:MozillaVPN: Elevation of Privilege via a Race...
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:justlikebono_officialLink to Submitters Profile:https://hackerone.com/justlikebono_official Report Title:Elevation of Privileges (EoP) vulnerabilities related to...
Company Name: Mozilla Company HackerOne URL: https://hackerone.com/mozilla Submitted By:northseaLink to Submitters Profile:https://hackerone.com/northsea Report Title:MozillaVPN: Elevation of Privilege via a Logic...
Company Name: Mozilla Company HackerOne URL: https://hackerone.com/mozilla Submitted By:martinvwLink to Submitters Profile:https://hackerone.com/martinvw Report Title:Subdomain takeover on livefirefoxcomReport Link:https://hackerone.com/reports/2899858Date Submitted:03 July...
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:stogushoLink to Submitters Profile:https://hackerone.com/stogusho Report Title:curl doesn't hide credentials in /proc/XXX/cmdline provided...
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:wolfsageLink to Submitters Profile:https://hackerone.com/wolfsage Report Title:curl_easy_header runs at O(N) or worse and...
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:wolfsageLink to Submitters Profile:https://hackerone.com/wolfsage Report Title:curl -OJ allows creating custom curlrc file...
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:evilginx1Link to Submitters Profile:https://hackerone.com/evilginx1 Report Title:Speculative Execution Side-Channel in `curl` Report Link:https://hackerone.com/reports/3124490Date...
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:demseseLink to Submitters Profile:https://hackerone.com/demsese Report Title:arbitrary file read via `file://` path traversal...
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:alphoxLink to Submitters Profile:https://hackerone.com/alphox Report Title:HTTP Proxy Bypass via `CURLOPT_CUSTOMREQUEST` Verb TunnelingReport...
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:freak_codingLink to Submitters Profile:https://hackerone.com/freak_coding Report Title:Heap buffer overflow vulnerability in conncachec: incorrect...
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:catenacyberLink to Submitters Profile:https://hackerone.com/catenacyber Report Title:Memory leak of ftp (with proxy reuse)Report...
Confidental Information of NASA found Confidental Information of NASA found Researcher: arjanchaudharyy Engagement: National Aeronautics and Space Administration (NASA) -...
RXSS at `https://skyview.gsfc.nasa.gov/current/cgi/vo/sia.pl` RXSS at `https://skyview.gsfc.nasa.gov/current/cgi/vo/sia.pl` Researcher: GxbNt Engagement: National Aeronautics and Space Administration (NASA) - Vulnerability Disclosure Program Disclosed...
Sensitive NASA Equipment Inventory Disclosed via Public Endpoint on www3.nasa.gov Sensitive NASA Equipment Inventory Disclosed via Public Endpoint on www3.nasa.gov...
NASA-User Owned PDF Publicly Exposed with Full Edit Rights — Risk of Deletion and PII Disclosure NASA-User Owned PDF Publicly...
Company Name: Lichess Company HackerOne URL: https://hackerone.com/lichess Submitted By:immmLink to Submitters Profile:https://hackerone.com/immm Report Title:Path Traversal Vulnerability in Lila ProjectReport Link:https://hackerone.com/reports/3181066Date...
Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:root_geek280Link to Submitters Profile:https://hackerone.com/root_geek280 Report Title:IDOR Vulnerability at AddTagToAssets operation nameReport Link:https://hackerone.com/reports/2633771Date...
Company Name: Lichess Company HackerOne URL: https://hackerone.com/lichess Submitted By:oblivionsageLink to Submitters Profile:https://hackerone.com/oblivionsage Report Title:ImageId Format Injection in Image Upload EndpointReport...
Company Name: hostinger Company HackerOne URL: https://hackerone.com/hostinger Submitted By:aziz0x48Link to Submitters Profile:https://hackerone.com/aziz0x48 Report Title:1 Click Account Takeover via Auth Token...
Exposed NASA/JPL Credentials and Emails via Public Pastebin Leak Exposed NASA/JPL Credentials and Emails via Public Pastebin Leak Researcher: JustAKids...
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:z2_Link to Submitters Profile:https://hackerone.com/z2_ Report Title:CVE-2025-5399: WebSocket endless loopReport Link:https://hackerone.com/reports/3168039Date Submitted:04 June...
Company Name: Insightly Company HackerOne URL: https://hackerone.com/insightly Submitted By:basant0x01Link to Submitters Profile:https://hackerone.com/basant0x01 Report Title:returnUrl= allow attacker to redirect users to...
Company Name: Mozilla Company HackerOne URL: https://hackerone.com/mozilla Submitted By:z3phyrusLink to Submitters Profile:https://hackerone.com/z3phyrus Report Title:IDOR: Account Deletion via Session Misbinding Attacker...
