Bug Bounty Channel (@bug_bounty_channel) — Telegram-канал | Telegram Dialogs
Все каналы
Bug Bounty Channel

Bug Bounty Channel

@bug_bounty_channel

15K подписчиков технологии

All bug bounties here.

Последние публикации

Bug Bounty Channel
16.07.2026 05:12 · 👁 364
🏦 Rocket.Chat Report ⚡ Title: Stored XSS in Rocket.Chat HTML File Export — Unauthenticated Entry via LiveChat 🔍 Reporter: olidayw (Denis Rostilov) 📋 Details: └ 📊 Status: resolved └ ⚡ Severity: Medium └ 🎯 CWE: Cross-site Scripting \(XSS\) - Stored └ 🔢 CVE: None ⏰ Timeline: └ 🔓 Disclosed: 2026-07-16 05:02:04 UTC └ 📝 Created: 2026-06-03 13:37:47 UTC
Bug Bounty Channel
15.07.2026 16:40 · 👁 457
🏦 GitHub Report ⚡ Title: Able to bypass authorization logic and gain more access then intended 🔍 Reporter: vaib25vicky (v1c7) 📋 Details: └ 📊 Status: resolved └ ⚡ Severity: Medium └ 🎯 CWE: Not Specified └ 🔢 CVE: CVE-2026-9106 ⏰ Timeline: └ 🔓 Disclosed: 2026-07-15 16:35:57 UTC └ 📝 Created: 2026-05-05 07:30:36 UTC
Bug Bounty Channel
15.07.2026 15:25 · 👁 438
🏦 AWS VDP Report ⚡ Title: Bedrock AgentCore Starter Toolkit Creates Gateway IAM Roles Without Confused Deputy Protections 🔍 Reporter: mistercloudsec (Sergio Garcia) 📋 Details: └ 📊 Status: resolved └ ⚡ Severity: Medium └ 🎯 CWE: Incorrect Permission Assignment for Critical Resource └ 🔢 CVE: None ⏰ Timeline: └ 🔓 Disclosed: 2026-07-15 15:11:59 UTC └ 📝 Created: 2026-03-27 19:33:14 UTC
Bug Bounty Channel
14.07.2026 19:35 · 👁 511
🏦 Basecamp Report 📝 Title: Stored XSS on Trix Editor version latest \(2.1.16\) - Sanitizer Bypass 🔍 Reporter: newbiefromcoma (jeeva) 📋 Details: └ 📊 Status: resolved └ ⚡ Severity: Low └ 🎯 CWE: Cross-site Scripting \(XSS\) - Stored └ 🔢 CVE: None ⏰ Timeline: └ 🔓 Disclosed: 2026-07-14 19:26:37 UTC └ 📝 Created: 2026-03-02 22:01:38 UTC
Bug Bounty Channel
14.07.2026 19:05 · 👁 496
🏦 AWS VDP Report ⚡ Title: bedrock-mantle.api.aws accepts Bedrock API keys outside the IAM Deny, CloudTrail signal, and invocation logging AWS publishes for Bedrock keys 🔍 Reporter: mistercloudsec (Sergio Garcia) 📋 Details: └ 📊 Status: resolved └ ⚡ Severity: Medium └ 🎯 CWE: Insecure Default Initialization of Resource └ 🔢 CVE: None ⏰ Timeline: └ 🔓 Disclosed: 2026-07-14 18:52:27 UTC └ 📝 Created: 2026-04-28 21:50:53 UTC
Bug Bounty Channel
13.07.2026 19:46 · 👁 559
🏦 SingleStore Report ⚠️ Title: SELECT ... INTO OUTFILE does not enforce the FILE WRITE privilege unprivileged arbitrary file write on the server 🔍 Reporter: bisht-ji (No name) 📋 Details: └ 📊 Status: resolved └ ⚡ Severity: High └ 🎯 CWE: Missing Authorization └ 🔢 CVE: None ⏰ Timeline: └ 🔓 Disclosed: 2026-07-13 19:35:07 UTC └ 📝 Created: 2026-06-03 20:54:07 UTC
Bug Bounty Channel
09.07.2026 15:45 · 👁 900
🏦 AWS VDP Report ⚡ Title: Kiro IDE Stores Auth Tokens with World-Readable Permissions \(0644\) 🔍 Reporter: mistercloudsec (Sergio Garcia) 📋 Details: └ 📊 Status: resolved └ ⚡ Severity: Medium └ 🎯 CWE: Incorrect Default Permissions └ 🔢 CVE: CVE-2026-11931 ⏰ Timeline: └ 🔓 Disclosed: 2026-07-09 15:31:28 UTC └ 📝 Created: 2026-03-26 20:58:40 UTC
Bug Bounty Channel
06.07.2026 17:48 · 👁 1K
🏦 AWS VDP Report ⚠️ Title: OS Command Injection in \`aws-cdk-lib\` NodejsFunction via Unsanitized \`OsCommand\` Helper \(Supply Chain RCE\) 🔍 Reporter: kaporia (Kaporia515) 📋 Details: └ 📊 Status: resolved └ ⚡ Severity: High └ 🎯 CWE: OS Command Injection └ 🔢 CVE: None ⏰ Timeline: └ 🔓 Disclosed: 2026-07-06 17:48:30 UTC └ 📝 Created: 2026-03-30 12:48:07 UTC
Bug Bounty Channel
04.07.2026 11:08 · 👁 1.1K
🏦 Basecamp Report ⚡ Title: Any installed app can force immediate logout and persistent DOS of authenticated Basecamp sessions via unprotected exported StartActivity 🔍 Reporter: zerodaysec_xyz (Z) 📋 Details: └ 📊 Status: resolved └ ⚡ Severity: Medium └ 🎯 CWE: Improper Access Control - Generic └ 🔢 CVE: None ⏰ Timeline: └ 🔓 Disclosed: 2026-07-04 11:05:36 UTC └ 📝 Created: 2026-05-27 08:46:53 UTC
Bug Bounty Channel
03.07.2026 18:50 · 👁 959
🏦 Shopify Report 📋 Title: admin.shopify.com: Shopify Flow continues sending internal emails to a configured recipient after the staff author is removed 🔍 Reporter: abahack (Emmanuel Abah) 📋 Details: └ 📊 Status: informative └ ⚡ Severity: None └ 🎯 CWE: Not Specified └ 🔢 CVE: None ⏰ Timeline: └ 🔓 Disclosed: 2026-07-03 18:50:06 UTC └ 📝 Created: 2026-03-26 10:49:30 UTC
Чат поддержки
Ответим здесь же, обычно быстро
Здравствуйте! Напишите ваш вопрос — оператор ответит в этом чате.