HackerOne Report Search
Explore 10,000+ publicly disclosed vulnerability reports from HackerOne
| ID | Title | Severity | Disclosed | Actions |
|---|---|---|---|---|
1821085 |
Origin IP Exposed waf bypass | Low | 2026-05-14 13:38:42 | |
3725659 |
Kerberos/SPNEGO Connection Reuse Vulnerability | Unknown | 2026-05-14 09:32:23 | |
3577145 |
QuickSight Authorization Bypass: Chat Agents Accessible Despite Custom Permissions Denial | Unknown | 2026-05-12 14:54:33 | |
3723002 |
another liberapay member team twitter account broken Link Hijacking via Expired Twitter Account Link | Unknown | 2026-05-09 14:49:08 | |
3721519 |
Liberapay member team twitter account broken Link Hijacking via Expired Twitter Account Link | Unknown | 2026-05-09 13:28:14 | |
3511998 |
Private circle can be added to another circle via API despite visibility restriction | Low | 2026-05-08 12:55:29 | |
3304830 |
Files drop share links for end-to-end encrypted folders allowed to drop files into other folders of the share owner | Low | 2026-05-08 11:08:04 | |
3521434 |
View-only guests could see deleted Collectives pages in the trashbin | Low | 2026-05-08 08:35:48 | |
3717365 |
mbedTLS private-key blob null-termination asymmetry in lib/vtls/mbedtls.c (mbed_load_privkey) | Unknown | 2026-05-07 20:44:35 | |
3580511 |
ActiveStorage Disk Service Path Traversal via Custom Blob Key Injection | Medium | 2026-05-07 14:04:44 |
Page 1