| | You did this with an AI and you do not understand what you're doing here (hackerone.com) |
| 1178 points by redbell 14 days ago | past | 542 comments |
|
| | Node.js team dismisses new Windows device name bug after patching CVE-2025-27210 (hackerone.com) |
| 2 points by oblivionsage 69 days ago | past |
|
| | Hackerone is doing code scanning now (hackerone.com) |
| 4 points by hippoplatypus 81 days ago | past |
|
| | Uncontrolled File Write/Arbitrary File Creation (hackerone.com) |
| 8 points by smartberry9 82 days ago | past | 5 comments |
|
| | Arbitrary File Read via File:// Protocol in Curl (hackerone.com) |
| 2 points by gslin 89 days ago | past | 1 comment |
|
| | Truth Behind the Hack: Experts Break Down AI Red Teaming in a Live Q&A (hackerone.com) |
| 2 points by wslh 3 months ago | past |
|
| | Login to any user account using other Facebook app access token (2015) (hackerone.com) |
| 2 points by gilsonconte 4 months ago | past | 1 comment |
|
| | CRLF Injection in `–proxy-header` allows extra HTTP headers (CWE-93) (hackerone.com) |
| 11 points by oblivionsage 4 months ago | past | 17 comments |
|
| | Bug Bounty Programs (hackerone.com) |
| 1 point by Brysonbw 5 months ago | past |
|
| | HTTP/3 Stream Dependency Cycle Exploit (hackerone.com) |
| 8 points by Tomte 5 months ago | past | 1 comment |
|
| | XSS on using the legacy "Graphie To PNG" API (hackerone.com) |
| 9 points by Rahat_Ahmed 5 months ago | past | 1 comment |
|
| | Gitlab: Account Takeover via Password Reset (hackerone.com) |
| 1 point by jeeybee 7 months ago | past |
|
| | Gitlab: Account Takeover via Password Reset (hackerone.com) |
| 5 points by samber 7 months ago | past | 3 comments |
|
| | Exposed DoD database leaking sensitive information, including operation details (hackerone.com) |
| 2 points by AdeptusAquinas 8 months ago | past |
|
| | Usernames still visible on report export pdf despite (hackerone.com) |
| 1 point by todayisnew 9 months ago | past | 2 comments |
|
| | Buffer Overflow Risk in Curl_inet_ntop and Inet_ntop4 (hackerone.com) |
| 163 points by sprawl_ 10 months ago | past | 71 comments |
|
| | Riot's kernel-anticheat: $100k bounty to solve DDoS affecting T1&other pro teams (hackerone.com) |
| 3 points by xeonmc 10 months ago | past | 1 comment |
|
| | For some reason, the PS4/PS5 is vulnerable to [CVE-2006-4304] (hackerone.com) |
| 2 points by benjacksondev 11 months ago | past |
|
| | Coinbase awarded a $500k bug bounty (hackerone.com) |
| 210 points by alexcos on Aug 1, 2024 | past | 159 comments |
|
| | Header Parsing Leads to Possible Denial of Service Vulnerability (hackerone.com) |
| 1 point by tomtom1989 on May 24, 2024 | past |
|
| | GitHub Access Token Exposure (hackerone.com) |
| 1 point by Pyrobyte on April 19, 2024 | past | 3 comments |
|
| | Broken Authentication and Session Management (hackerone.com) |
| 1 point by Buggybaby on Feb 19, 2024 | past |
|
| | Sensitive Information Exposed at Test (hackerone.com) |
| 1 point by drosofray on Feb 2, 2024 | past |
|
| | HackerOne Partners with Semgrep (hackerone.com) |
| 3 points by ajbt200128 on Jan 11, 2024 | past |
|
| | The Start of AI-Generated BugBounty Reports (hackerone.com) |
| 4 points by paul-tharun on Jan 3, 2024 | past |
|
| | Critical SSRF Vulnerability Disclosed in HackerOne (hackerone.com) |
| 1 point by rtvkiz on Dec 8, 2023 | past |
|
| | HackerOne Employee Accidentally Posted Their Session Cookie on HackerOne (2019) (hackerone.com) |
| 1 point by karagenit on Nov 17, 2023 | past |
|
| | Null Pointer Dereference in Idn.c (hackerone.com) |
| 2 points by beeburrt on Oct 1, 2023 | past | 1 comment |
|
| | Login to any user account using other Facebook app access token (2015) (hackerone.com) |
| 18 points by Bikee on Sept 5, 2023 | past | 16 comments |
|
| | HackerOne lays off 12% of its workforce (hackerone.com) |
| 67 points by Techbrunch on Aug 2, 2023 | past | 106 comments |
|
|
| More |
