Everything you care about in one place

Follow feeds: blogs, news, RSS and more. An effortless way to read and digest content of your choice.

Get Feeder
← Find more feeds

rss.ricterz.me

HackerOne Hacker Activity

Get the latest updates from HackerOne Hacker Activity directly as they happen.

Follow now 109 followers

Latest posts

Last updated about 18 hours ago

Node.js: Incomplete fix for CVE-2026-21637: loadSNI() in _tls_wrap.js lacks try/catch leading to Remote DoS

about 18 hours ago

Node.js: Incomplete fix for CVE-2026-21637: loadSNI() in _tls_wrap.js lacks try/catch leading to...

Rocket.Chat: RBAC bypass on App log endpoints via `permissionRequired` typo — any authenticated user reads admin-only Enterprise App logs

1 day ago

Rocket.Chat: RBAC bypass on App log endpoints via `permissionRequired` typo — any...

Rocket.Chat: Complete authentication bypass to admin permissions

2 days ago

Rocket.Chat: Complete authentication bypass to admin permissions

Nextcloud: SMIL values and by attributes bypass remote image blocking via unvalidated resource-loading animations, enabling email tracking without consent

4 days ago

Nextcloud: SMIL values and by attributes bypass remote image blocking via unvalidated...

Nextcloud: position: fixed !important bypasses CSS sanitizer's fixed-position mitigation, enabling full-viewport phishing overlays.

4 days ago

Nextcloud: position: fixed !important bypasses CSS sanitizer's fixed-position mitigation, enabling full-viewport phishing...

Nextcloud: Unquoted body background attribute enables CSS injection that bypasses remote image blocking

4 days ago

Nextcloud: Unquoted body background attribute enables CSS injection that bypasses remote image...

Nextcloud: SVG filter primitives bypass remote image blocking, enabling email tracking without consent.

4 days ago

Nextcloud: SVG filter primitives bypass remote image blocking, enabling email tracking without...

curl: libcurl omits IPv6 zoneid from host identity and leaks credentials/cookies across scoped link-local realms

5 days ago

curl: libcurl omits IPv6 zoneid from host identity and leaks credentials/cookies across...

curl: Digest Auth State Leak on Cross-Origin Redirect via Netrc - Username and Password Hash Sent to Wrong Host

5 days ago

curl: Digest Auth State Leak on Cross-Origin Redirect via Netrc - Username...

Nextcloud: Stored XSS in attachment-display exploitable through SameSite

5 days ago

Nextcloud: Stored XSS in attachment-display exploitable through SameSite

curl: libcurl reuses a learned RTSP Session header across different hosts on the same easy handle, enabling cross-host session leak and replay

6 days ago

curl: libcurl reuses a learned RTSP Session header across different hosts on...

Ruby on Rails: Rails::HTML::Sanitizer.allowed_uri? returns true for entity-encoded control-character-split javascript: URLs

6 days ago

Ruby on Rails: Rails::HTML::Sanitizer.allowed_uri? returns true for entity-encoded control-character-split javascript: URLs

Sign up to continue

Try Feeder for free

Everything you care about in one place

Try Feeder now