| Esaias | Business Logic Errors (CWE-840) | | Mon, 2 Feb 2026 |
| ali- | Cross-site Scripting (XSS) - Reflected (CWE-79) | | Mon, 2 Feb 2026 |
| nVbla | Improper Access Control - Generic (CWE-284) | | Mon, 2 Feb 2026 |
| hazembea | Business Logic Errors (CWE-840) | | Mon, 2 Feb 2026 |
| SecurityReapers | Server Misconfiguration - Subdomain Takeover (CWE-16) | | Mon, 2 Feb 2026 |
| 22sh | Insufficiently Protected Credentials (CWE-522) | | Mon, 2 Feb 2026 |
| Sto | Deserialization of Untrusted Data (CWE-502) | | Mon, 2 Feb 2026 |
| mark02 | Improper Authentication - Generic (CWE-287) | | Mon, 2 Feb 2026 |
| zd_7a | Insecure Direct Object Reference (IDOR) (CWE-639) | | Mon, 2 Feb 2026 |
| marco2063 | Information Disclosure (CWE-200) | | Mon, 2 Feb 2026 |
| MiraiiSec | Information Disclosure (CWE-200) | | Mon, 2 Feb 2026 |
| na7na7 | Improper Authentication - Generic (CWE-287) | | Mon, 2 Feb 2026 |
| n1ko | Path Traversal (CWE-22) | | Mon, 2 Feb 2026 |
| Mister-L | Resource Injection (CWE-99) | | Mon, 2 Feb 2026 |
| Hussein-Mahmoud7 | Improper Access Control - Generic (CWE-284) | | Sun, 1 Feb 2026 |
| pepelux | Improper Authentication - Generic (CWE-287) | | Sun, 1 Feb 2026 |
| Exal | Deserialization of Untrusted Data (CWE-502) | | Sun, 1 Feb 2026 |
| zd_7a | Permissive Cross-domain Policy with Untrusted Domains (CORS) (CWE-942) | | Sun, 1 Feb 2026 |
| AmInFaKhR | CRLF Injection (CWE-93) | | Sun, 1 Feb 2026 |
| official_nullsec | Improper Authentication - Generic (CWE-287) | | Sun, 1 Feb 2026 |
| zd_7a | Violation of Secure Design Principles (CWE-657) | | Sun, 1 Feb 2026 |
| walack | Information Exposure Through an Error Message (CWE-209) | | Sun, 1 Feb 2026 |
| cod3rjava | Information Disclosure (CWE-200) | | Sun, 1 Feb 2026 |
| zz05k | Insecure Direct Object Reference (IDOR) (CWE-639) | | Sun, 1 Feb 2026 |
| wolfman | Improper Access Control - Generic (CWE-284) | | Sun, 1 Feb 2026 |
| zd_7a | Insecure Direct Object Reference (IDOR) (CWE-639) | | Sun, 1 Feb 2026 |
| d3f7ult | Improper Authentication - Generic (CWE-287) | | Sun, 1 Feb 2026 |
| ZuluOctober | Insecure Direct Object Reference (IDOR) (CWE-639) | | Sun, 1 Feb 2026 |
| zd_7a | Open Redirect (CWE-601) | | Sun, 1 Feb 2026 |
| 0xcyborg | Improper Handling of Extra Parameters (CWE-235) | | Sun, 1 Feb 2026 |
| 22sh | Improper Access Control - Generic (CWE-284) | | Sun, 1 Feb 2026 |
| TheIDM | Insecure Direct Object Reference (IDOR) (CWE-639) | | Sun, 1 Feb 2026 |
| destro4evr | Information Disclosure (CWE-200) | | Sun, 1 Feb 2026 |
| 0sKai | Server-Side Request Forgery (SSRF) (CWE-918) | | Sun, 1 Feb 2026 |
| Magdy12 | Brute Force (CWE-307) | | Sun, 1 Feb 2026 |
| Mcsky23 | Heap Overflow (CWE-122) | | Sun, 1 Feb 2026 |
| zyp3 | Cross-site Scripting (XSS) - DOM (CWE-79) | | Sun, 1 Feb 2026 |
| ZuluOctober | Cross-Site Request Forgery (CSRF) (CWE-352) | | Sun, 1 Feb 2026 |
| TheIDM | Insecure Direct Object Reference (IDOR) (CWE-639) | | Sun, 1 Feb 2026 |
| R1M4 | Business Logic Errors (CWE-840) | | Sun, 1 Feb 2026 |
| Kheops | Insecure Direct Object Reference (IDOR) (CWE-639) | | Sun, 1 Feb 2026 |
| lucaaasv | Information Disclosure (CWE-200) | | Sun, 1 Feb 2026 |
| zyp3 | Cross-site Scripting (XSS) - DOM (CWE-79) | | Sun, 1 Feb 2026 |
| lucaaasv | Information Disclosure (CWE-200) | | Sun, 1 Feb 2026 |
| HannanHaseeb | Deserialization of Untrusted Data (CWE-502) | | Sun, 1 Feb 2026 |
| elaichix | Server-Side Request Forgery (SSRF) (CWE-918) | | Sun, 1 Feb 2026 |
| screamerrrrr | Out-of-bounds Read (CWE-125) | | Sun, 1 Feb 2026 |
| elaichix | Path Traversal (CWE-22) | | Sun, 1 Feb 2026 |
| elaichix | Key Exchange without Entity Authentication (CWE-322) | | Sun, 1 Feb 2026 |
| elaichix | Use of a Broken or Risky Cryptographic Algorithm (CWE-327) | | Sun, 1 Feb 2026 |
