API for CERTs

Hall of Fame

  Top Security Researchers

  Acknowledgements

For Security Researchers

Twitter Login		HOW IT WORKS Download presentation and learn how our service works PDF, 1MB
Report a Vulnerability
Browse Bug Bounty Programs
Write a Blog Post
Ask a Question

For Website Owners

Start a Bug Bounty		HOW IT WORKS Download presentation and learn how our service works PDF, 1MB
Ask a Question
API

About

  About the Project

  Latest Reports

  Contact Us
Forum
Blog

To promote coordinated and responsible disclosure enabled by Open Bug Bounty non-profit project, we provide national and private (subject to qualification) CERTs with a free API to search our databases and get alerts on new submissions affecting any domain.

We do not provide any vulnerability details (that belong to the security researchers) unless they are publicly disclosed via the API.

Upon request, we can also try to put your in contact with a researcher to facilitate coordinate disclosure and vulnerability remediation.

Request API access

Latest Patched

09.12.2019 burdastyle.ru

09.12.2019 newtonnc.gov

09.12.2019 gilacountyaz.gov

09.12.2019 teamunify.com

09.12.2019 karar.com

09.12.2019 sd26.senate.ca.gov

09.12.2019 legislature.mi.gov

09.12.2019 dailyverses.net

09.12.2019 gamepedia.jp

09.12.2019 brickset.com

Latest Blog Posts

30.11.2019 by IAMMUSTAFAQADRI
How to hack an app: 8 best practices for pen testing mobile apps

27.11.2019 by TahakhanTaha
Reflected xss in 360totalsecurity

21.11.2019 by TahakhanTaha
blind xss in apple

30.10.2019 by Nep_1337_1998
Denial of Service vulnerability in script-loader.php (CVE-2018-6389)

17.10.2019 by 0xrocky
Stored XSS

Recent Recommendations

9 December, 2019

TristanGuiheux:

Kenan G. has helped us to find and fix some issues on web sites we're protecting. This kind of help is greatly appreciated from a security perspective. This way we can improve ourselves and protect our customers. Thanks again in my name.