⚡ Remote Code Execution in Amazon MWAA due to outdated Apache Airflow version 👨🏻‍💻 ricardojoserf ➟ AWS VDP ⬜ None 💰 None 🔗 hackerone.com/reports/3217840 #bugbounty #bugbountytips #cybersecurity #infosec

⚡ URL Path Manipulation Enables Cache Poisoning of Amazon Affiliate Products in Shopify Linkpop 👨🏻‍💻 saltymermaid ➟ Shopify 🟨 Low 💰 $500 🔗 hackerone.com/reports/1848940 #bugbounty #bugbountytips #cybersecurity #infosec

⚡ Rails Debug Mode Enabled On ( https://44.208.145.207/testrail/files.md5 ) 👨🏻‍💻 tarun_sec ➟ Malwarebytes 🟨 Low 💰 None 🔗 hackerone.com/reports/1874836 #bugbounty #bugbountytips #cybersecurity #infosec

⚡ Email Verification Bypass via Race Condition 👨🏻‍💻 Sijo Johnson ➟ Malwarebytes ⬜ None 💰 None 🔗 hackerone.com/reports/3020733 #bugbounty #bugbountytips #cybersecurity #infosec

⚡ Replayable Password Change Request Across Sessions. 👨🏻‍💻 Mantosh Sah ➟ Malwarebytes ⬜ None 💰 None 🔗 hackerone.com/reports/3269777 #bugbounty #bugbountytips #cybersecurity #infosec

⚡ Internal Access to Hackerone confluence Docs 👨🏻‍💻 @sh4d0wn13col ➟ HackerOne 🟥 High 💰 $12,500 🔗 hackerone.com/reports/3113398 #bugbounty #bugbountytips #cybersecurity #infosec

Have been off the grid for a while, but now it’s time to get back in the game #bugbounty #cybersecurity

⚡ ## Title Heap Use-After-Free Vulnerability in `curl` Leading to Potential Code Execution 👨🏻‍💻 irene1hacker ➟ curl 🟧 Medium 💰 None 🔗 hackerone.com/reports/3302518 #bugbounty #bugbountytips #cybersecurity #infosec

⚡ No SPF/DMARC records on mb-cosmos.com 👨🏻‍💻 Aditya sharma 🇮🇳 ➟ Malwarebytes 🟧 Medium 💰 None 🔗 hackerone.com/reports/1030042 #bugbounty #bugbountytips #cybersecurity #infosec

⚡ Email verification bypass via request to endpoint "accounts.insightly.com/signup/provisi…" 👨🏻‍💻 akostak ➟ Insightly 🆘 Critical 💰 $750 🔗 hackerone.com/reports/2718253 #bugbounty #bugbountytips #cybersecurity #infosec

⚡ WebSocket Fragmentation DoS on Curl Client 👨🏻‍💻 pelioro ➟ curl 🟥 High 💰 None 🔗 hackerone.com/reports/3303765 #bugbounty #bugbountytips #cybersecurity #infosec

⚡ Invalid 👨🏻‍💻 pashaaaaaaaa ➟ WakaTime 🟨 Low 💰 None 🔗 hackerone.com/reports/3304704 #bugbounty #bugbountytips #cybersecurity #infosec

⚡ Curl parse_connect_to_string Heap-Overread Leading to Denial of Service via CURLOPT_CONNECT_TO 👨🏻‍💻 irene1hacker ➟ curl 🟧 Medium 💰 None 🔗 hackerone.com/reports/3306456 #bugbounty #bugbountytips #cybersecurity #infosec

⚡ curl leaks destination IP via glibc getaddrinfo() UDP connect, bypassing SOCKS5/Tor 👨🏻‍💻 robert_min1 ➟ curl ⬜ None 💰 None 🔗 hackerone.com/reports/3306475 #bugbounty #bugbountytips #cybersecurity #infosec

⚡ PII Exposure via Email Confirmation Link – Email Embedded in Token & Leaked via Wayback Machine 👨🏻‍💻 Mantosh Sah ➟ Omise 🟧 Medium 💰 None 🔗 hackerone.com/reports/3210022 #bugbounty #bugbountytips #cybersecurity #infosec

⚡ Prompt Injection via GitHub Patch in Brave AI Chat (Leo) 👨🏻‍💻 Jacolon Walker ➟ Brave Software 🟥 High 💰 None 🔗 hackerone.com/reports/3086301 #bugbounty #bugbountytips #cybersecurity #infosec

⚡ Missing Security Headers 👨🏻‍💻 balajidev ➟ curl 🟧 Medium 💰 None 🔗 hackerone.com/reports/3310318 #bugbounty #bugbountytips #cybersecurity #infosec

⚡ Stored XSS in AREA tutorials 👨🏻‍💻 who_am_i_ ➟ Autodesk 🟥 High 💰 None 🔗 hackerone.com/reports/3008066 #bugbounty #bugbountytips #cybersecurity #infosec

⚡ AWS | Self Registration Internal LibreChat : Access to internal/proprietary LLMs 👨🏻‍💻 notnotnotveg ➟ AWS VDP 🟨 Low 💰 None 🔗 hackerone.com/reports/3287396 #bugbounty #bugbountytips #cybersecurity #infosec

⚡ CWE-195 in ExternalMemoryAccounter::Increase() 👨🏻‍💻 codingthunder ➟ Node.js ⬜ None 💰 None 🔗 hackerone.com/reports/3302484 #bugbounty #bugbountytips #cybersecurity #infosec