API for CERTs

For Researchers

Twitter Login		HOW IT WORKS Download presentation and learn how our service works PDF, 1MB
Report a Vulnerability
Browse Bug Bounty Programs
Write a Blog Post
Ask a Question

For Owners

Start a Bug Bounty		HOW IT WORKS Download presentation and learn how our service works PDF, 1MB
Ask a Question
API

Hall of Fame

Top Security Researchers

Acknowledgements
About

  About the Project

  Latest Reports

  Contact Us
Forum
Blog

To promote coordinated and responsible disclosure enabled by Open Bug Bounty non-profit project, we provide national and private (subject to qualification) CERTs with a free API to search our databases and get alerts on new submissions affecting any domain.

We do not provide any vulnerability details (that belong to the security researchers) unless they are publicly disclosed via the API.

Upon request, we can also try to put your in contact with a researcher to facilitate coordinate disclosure and vulnerability remediation.

Request API access

Latest Patched

29.03.2020 gir.am

28.03.2020 shorturl.at

28.03.2020 degruyter.com

28.03.2020 letmejerk3.com

28.03.2020 vanityfair.com

28.03.2020 team1x1.com

28.03.2020 extrabux.com

28.03.2020 seguradoralider.com.br

28.03.2020 link-assistant.com

28.03.2020 calculator.net

Latest Blog Posts

12.03.2020 by Rando02355205
(Paypal) www.paypal.com [CSP High Level] - [XSS Reflected] - [Bug Bounty] - [Write Up]

08.03.2020 by CybeReports
JDECO.net XSS Vulnerability| CybeReports

29.02.2020 by Rando02355205
(Google) groups.google.com - [Stored XSS] - [Bug Bounty] - [WriteUp] - [24/02/2020]

10.02.2020 by 0xrocky
Stored XSS on h2biz.net

10.02.2020 by ismailtsdln
SQL Injection Payload List

Recent Recommendations

27 March, 2020

hstead:

Very rapid communication and detailed instructions as to how to fix the issue. Thanks for the assistance.

27 March, 2020

PaulMar23292621:

r00tpgp reported a serious issue to us and helped us with reproducing the issue and pushing towards a fix for the problem.
Thank you very much for the great work!

27 March, 2020

Michael3277:

Thanks for your report. With your help we could find the bug and make our Website safer!

roker is a friendly Security Resercher who is answering very fast to mails!

26 March, 2020

KyleGeorgeArch:

Thank you ElProfesor for responsibly disclosing an XSS issue and providing the reproduction steps. With your help we've identified the issue and are working on a fix. Thank you for your hard work and responsible practices.

25 March, 2020

KyleGeorgeArch:

ianf0ns3c identified an XSS issue and provided the reproduction steps in a polite and timely manner, giving us all the information we needed to investigate and take it to our developers. We're grateful for his work on the matter.

Making Web a Safer Place

Coordinated & Responsible Disclosure

Based on ISO 29147 Guidelines