HackerOne Bug Bounty Disclosure: authorization-bypass-in-starknet-snap-via-enableauthorize-parameter-leads-to-unauthorized-transaction-signing-aszx - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-authorization-bypass-in-starknet-snap-via-enableauthorize-parameter-leads-to-unauthorized-transaction-signing-aszx/
#hackerone
HackerOne Bug Bounty Disclosure: curl-compareheader-fails-to-match-multi-value-http-headers-henriqueg - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-curl-compareheader-fails-to-match-multi-value-http-headers-henriqueg/
HackerOne Bug Bounty Disclosure: sql-injection-vulnerability-found-on-ibm-com-endpoint-cr-ckerxploit - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-sql-injection-vulnerability-found-on-ibm-com-endpoint-cr-ckerxploit/
HackerOne Bug Bounty Disclosure: bypass-of-open-redirect-fix-on-lovable-dev-via-path-traversal-in-redirect-parameter-marioniangi - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-bypass-of-open-redirect-fix-on-lovable-dev-via-path-traversal-in-redirect-parameter-marioniangi/
HackerOne Bug Bounty Disclosure: urlapi-off-by-one-in-custom-scheme-validation-skips-last-character-otiscui - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-urlapi-off-by-one-in-custom-scheme-validation-skips-last-character-otiscui/
HackerOne Bug Bounty Disclosure: cve-use-after-free-in-smb-connection-reuse-rat-ak - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-cve-use-after-free-in-smb-connection-reuse-rat-ak/
HackerOne Bug Bounty Disclosure: cve-wrong-proxy-connection-reuse-with-credentials-nobcoder - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-cve-wrong-proxy-connection-reuse-with-credentials-nobcoder/
HackerOne Bug Bounty Disclosure: cve-token-leak-with-redirect-and-netrc-spectreglobalsec - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-cve-token-leak-with-redirect-and-netrc-spectreglobalsec/
HackerOne Bug Bounty Disclosure: connection-reuse-ignores-oauth-bearer-token-mismatch-sabari-n - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-connection-reuse-ignores-oauth-bearer-token-mismatch-sabari-n/
HackerOne Bug Bounty Disclosure: curlopt-unrestricted-auth-dangerous-default-documentation-gap-sabari-n - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-curlopt-unrestricted-auth-dangerous-default-documentation-gap-sabari-n/
#Hackerone allows researchers a certain amount of "trial submissions" even when they have a signal value below the lowest accepted threshold for a specific program.
This effectively makes the signal requirement pointless for an individual project as the worst researcher on the platform might still sneak in and spend their "trials" in your program. Even when they have a signal value way below our requirement.
And they can always just create a new account and become n1nj4hack3er[num++]
HackerOne Bug Bounty Disclosure: users-can-change-project-visibility-which-requires-high-subscription-by-just-changing-request-body-hossam - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-users-can-change-project-visibility-which-requires-high-subscription-by-just-changing-request-body-hossam/
HackerOne Bug Bounty Disclosure: lm-challenge-response-hash-always-sent-in-smb-authentication-brewm-ster - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-lm-challenge-response-hash-always-sent-in-smb-authentication-brewm-ster/
HackerOne Bug Bounty Disclosure: arbitrary-code-execution-via-scanner-bypass-in-aws-diagram-mcp-server-exec-namespace-locus-x - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-arbitrary-code-execution-via-scanner-bypass-in-aws-diagram-mcp-server-exec-namespace-locus-x/
HackerOne Bug Bounty Disclosure: missing-access-control-in-migrationfile-allows-attacker-to-upload-files-to-any-migration-ahacker - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-missing-access-control-in-migrationfile-allows-attacker-to-upload-files-to-any-migration-ahacker/
HackerOne Bug Bounty Disclosure: dos-via-unbounded-memory-allocation-in-sendwebstream-on-fastify-v-leads-to-oom-crash-when-backpressure-is-ignored-onlybugs - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-dos-via-unbounded-memory-allocation-in-sendwebstream-on-fastify-v-leads-to-oom-crash-when-backpressure-is-ignored-onlybugs/
HackerOne Bug Bounty Disclosure: ssti-leads-to-command-injection-errorbehavior - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-ssti-leads-to-command-injection-errorbehavior/
HackerOne Bug Bounty Disclosure: use-after-free-in-hyperfifo-example-deepbluev - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-use-after-free-in-hyperfifo-example-deepbluev/
Kommentar: KI-Müll treibt curls Bug-Bounty-Programm vor sich her | Developer https://www.heise.de/meinung/Kommentar-KI-Muell-treibt-curls-Bug-Bounty-Programm-vor-sich-her-11191390.html #curl #BugBounty #GitHub #OpenSource #HackerOne #ArtificialIntelligence #AI #AIslop
HackerOne Bug Bounty Disclosure: curl-telnet-handler-buffer-overflow-pelioro - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-curl-telnet-handler-buffer-overflow-pelioro/
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst