Hey everyone, I'm really sorry about having to vent about this but im tired boss.

So I've been very active with Bugcrowd multiple submissions, never like made a big deal about duplicates, N/As (some wrongfully so, some understandable) since i've ran previous BB programs whilst being part of an internal Redteam right?

The thing is, as time advances, I'm now realizing that the level of complete incompetence or just flat-out laziness is detrimental on the platform.

Most, if not all, my submissions had to have literal hand-holding to explain everything over the course of months and since I've done pentests and executive & technical reports for higher-ups and engineering teams i know how to explain and demonstrate business impacts and repros so i know for a fact it's fairly easy to understand + i love to show them to my SO to make sure they can follow along to confirm that my submission is detailed and coherent.

Now what I'm unsure of is if it's laziness or stupidity.

recently I've been asked to TROUBLESHOOT why their setup installation wasn't working... in no way whatsoever related to my repro or vulnerability aside from the application i was testing. I had to direct the triager to the program's support team.

And now the straw that broke the camel's back, I've been studying, learning and practicing LLM testing since it's really fun and interesting and found a pretty big (keep in mind, this is my opinion) vulnerability.

it is RCE through a file analyzer for an agent. I was able to evade filters and because of the tool, the payload format and the prompt i "escaped" the direct assistant sandbox and reach the backend pod which is still a container but with a real kernel and network accesses.

I've spent weeks collecting proofs of the actual runtime, metadata, tokens, etc, etc... My first submission was littered with the triager not understanding basic LLM mechanics and LLM interaction with RCE and me showing screenshots and proofs and payloads and more. Surprise, surprise i forgot to respond to a dumb comment and they closed the submission after 6 days of me not responding. I was a bit peeved but understood that it was my fault.

Now for the kicker: i re-opened, as they requested, another submission for this with every single step, explanation, screenshot and absolutely everything i had gathered for the past couple of weeks to explain carefully all of this.

After some (ridiculously stupid) questions from the triagers and me answering and providing absolutely each step and guiding them to really make them understand as simply as possible (my 5 year old would've probably understood), they waited 16 days (this is, in my experience, absolutely very-high/CRITICAL) decided to not read ANYTHING and close it as N/A with the sole explanation of "Thank you for your submission. We're unable to identify any indication of a RCE here.".....

I have proof of running backend enumerations, i extracted source files from the Runtime to prove command execution of a real pod instance and proved Gateway manipulation (which let's you execute system code/actions on the cluster and pod manager server) in detail and once again providing screenshots and proofs.

I am at a loss for words.

Just needed to vent, for anybody saying "Yeah you probably did it wrong" or "The LLM probably hallucinated" yeah i thought of that too, so across different sessions, accounts and tenants i executed the same complex commands (as it is impossible for an AI to hallucinate the correct same circumstantial values for said commands).

Sorry for my long rant, no need to back me up or anything i was just at my absolute limit with stupidity like this. If you have another platform to recommend, please do!

HackerOne is one of the worst bug bounty platforms. After making more than $5,000 in earnings from this platform, I’m speaking based on my own experience. In the private program “mondelez-bbp,” the first thing I did was submit a report about a business logic bug, and they responded with a completely useless reply: “Thank you for your submission! Your report has passed the preliminary analyst review. Please note that this does not confirm validation — the status may change after further review. Next in workflow is for our team to validate and reproduce the issue, evaluating its accuracy and security impact. You will be notified when the team has reviewed and made an assessment on your report. We’ll keep you updated as the process moves forward. Have a great day! Thanks,” and even if the company closes the bug, HackerOne will not stand by your side or acknowledge that it previously existed before being fixed. The bug was that I could spend $60 and receive one gift, but I captured the request and modified it to include other gifts, and it worked I was able to receive more than one gifts instead of just one. After that, they said they were discussing it with the program, then suddenly marked my report as duplicated with another report that had a completely different title and issue, and that report was even closed as “informational” in the end, which proves it wasn’t the same bug. After that, whenever I tried to ask or discuss the situation, they completely ignored me, which shows disrespect and feels like a scam. I even submitted a mediation request, but neither the platform nor the company responded at all, and after some time I found that the bug had been fixed, so if it was really “informational,” why did they fix it in the first place?

HackerOne is one of the worst bug bounty platforms. After making more than $5,000 in earnings from this platform, I’m speaking based on my own experience. In the private program “mondelez-bbp,” the first thing I did was submit a report about a business logic bug. They responded with this completely useless reply:

Thank you for your submission!
Your report has passed the preliminary analyst review. Please note that this does not confirm validation the status may change after further review.
Next in workflow is for our team to validate and reproduce the issue, evaluating its accuracy and security impact. You will be notified when the team has reviewed and made an assessment on your report.
We’ll keep you updated as the process moves forward. Have a great day!
Thanks,

Even if the company closes the bug, HackerOne will not stand by your side or acknowledge that it previously existed before being fixed.

The bug was that I could spend $60 and receive one gift. I captured the request and modified it to include other gifts, and it worked — I was able to receive 5 gifts instead of just one.

After that, they told me they were discussing it with the program, then suddenly marked my report as duplicated with another report that had a completely different title and issue. That other report was even closed as “informational” in the end, which proves it wasn’t the same bug.

After that, whenever I tried to ask or discuss the situation, they completely ignored me — which shows disrespect and feels like a scam. I even submitted a mediation request, but neither the platform nor the company responded at all.

After some time, I found that the bug had been fixed. So if it was really “informational,” why did they fix it in the first place?

{"operationName":"LoginUserViaFederator",

"variables":{"email":"dwadaw@dwa.com","password":"dwawd"},

"query":"mutation LoginUserViaFederator($email: Email!, $password: String!) {\n  loginUserViaFederator(email: $email, password: $password) {\n    ... on LoginFederatorRes {\n      flowId\n      channel\n      value\n      otpSent\n      alternateChannelValue\n      __typename\n    }\n    ... on LoginUserInfo {\n      email\n      emailStatus\n      mobile\n      mobileStatus\n      firstName\n      success\n      state\n      __typename\n    }\n    __typename\n  }\n}"}

I tried changing the input in query an it gave an graphql_validation_failed

Any advice of what I should input there?

I've been reporting LLM vulns to a few programs over the last year and got tired of the gap between what programs advertise and what actually gets paid.

The published info is scattered across program pages, policy revisions, and disclosed reports. Nobody's pulled it into a single comparative view. So I did. Program-by-program: Anthropic, OpenAI, Google, Meta, Microsoft, Hugging Face, plus the HackerOne/Bugcrowd long tail of SaaS-with-AI-bolted-on programs. What's scoped, what's practically out-of-scope regardless of what the policy says, realistic median payouts vs. the advertised ceilings.

A few hot takes the writeup lands on:

• Median AI-bug payout in 2026 is ~$500–$2,500, not the $15k-$50k headline numbers. Those headlines refer to critical findings against core infra; the middle band is where most hunters live.
• Indirect prompt injection is the biggest scope-vs-triage gap. Most programs nominally accept it. In practice triage under-rates it, especially multi-step chains, because the impact argument lives in a paragraph of report text rather than a single reproducible step.
• OpenAI's program specifically: report framing matters more than the vuln itself. "I can make ChatGPT say X" is closed as known limitation. "I can make a third-party Custom GPT leak its uploaded knowledge files" is paid. Same underlying primitive, different framing, 10x different outcome.
• Anthropic's program is the highest-signal in the space if you can invest multi-day effort per finding — their "universal jailbreak" bar is real but so are the payouts when you hit it.
• The growth zone is the HackerOne/Bugcrowd long tail: SaaS products that bolted AI features onto existing surfaces, where triagers often don't know how to evaluate LLM-specific impact. Opportunity + frustration.

Bias disclosure: I run Wraith (AI-security platform, hands-on academy and cert for this discipline) so I care about hunters succeeding in this space because it validates the category. I've reported into several of these programs myself and flagged where I have direct experience vs. secondary.

Full writeup: wraith.sh/learn/state-of-llm-bug-bounties-2026 Pushback welcome — especially from hunters who've had different experiences with any of the programs. What would you add or disagree with?

So like 2 weeks ago I identified an access control bypass vulnerability where I can delete users using there UserId, after some hours an intigriti triager downgraded the severity to high, today I was poking around the same web app and found another endpoint (using the same api) where I can submit UserId and get PII, its an access control bypass too because to make the server negligee the session cookie you need to delete a header, now the CVSS should have confidentiality and intigrity as high which makes it a critical finding, I'm not sure if I should add a comment or make a new report even though its the same root cause

I am a beginner by the way, i'm a first year computer engineer student and started 5 months ago, finally making good bucks. i've found a handful of high's only so far.

The thing about reporting on hackerone (ig any other platform) is how much the report itself matters... it's almost as if i'm some sort of vendor trying to sell my findings.

Also i had the honour last week to visit a friend of mine, expert hunter i'd say. he showed me his reports, and in between the bigger bags, i noticed lots of low level bugs going from 20 euros to 150 or something. He was kind enough to let me read those, although he was understandably confused as why i was more interested in his low level's rather then the critical ones.
I just saw dumb path discolosures, server banner reveals, some security header shenanigans, and a few self xss here and there. What striked me was his ability to formulate his findings, looking like prime saul goodman.

When i see a low level vulnerability, i ignore it cause i just think "who cares this is useless" when in reality i shoud've been making a powerpoint presentation about it with cool transition effects !!!

Anyway i'm not trying to demean my friend, his ceiling is so high and he's really talented and i doubt i'll ever reach his level. nor am i trying to demean any of the big dogs here

i guess i dont understand reporting bruh. Maybe i should read about cases where low level bugs were the bottom bricks of a jenga tower... anyway, peace and blessings chat

Hi, recently i started bug bounty and i completed all IDOR labs on portswigger and currently trying to hunt on websites for one vulnerability. But its definitely different than labs, a lot of endpoints and information. I dont know where to start and how to find much complex bugs (i mean that bugs in closed reports are a lot harder to find than those which i learned on portswigger). Anyway thanks for help.

Hey everyone,

I’ve been testing a target that runs inside one of Google’s sandboxed environments, and I’ve managed to achieve arbitrary command execution within the sandbox.

So far I’ve confirmed:

• Command execution works reliably
• Can read local files and environment variables
• Running with high privileges inside the sandbox

After enumeration:

• Filesystem appears containerized (overlay)
• No clear access to host filesystem
• No cross-user or external data exposure so far
• Standard mounts (/proc, /sys, etc.), nothing obviously misconfigured

Looking for advice on:

• Common techniques to pivot from sandboxed execution → escape
• What areas to focus on next:
  • filesystem quirks / mounts
  • process isolation
  • shared resources
  • sandbox-specific weaknesses

Not trying to brute force --> just looking to approach this more intelligently.

Would appreciate insights from anyone experienced with sandbox escapes or similar environments.

Thanks

I've authenticated in an app with an x id, then connected to websockets with y id without authenticate again and received data from them

I've tried to report it on hackerone but they ignored me. In my first contact I send a summary but they changed the report tag to informative and closed the ticket. I've tried to send the detailed report but looks like they don't even saw it. What can I do ?

Hi I'm new to bug-bounty and I'm working on a project of orchestrating LLM agents through an MCB server to do a bug-bounty hunt.. it actually can help me on passive/active recon exploit and even do a full hunt and to the report part. I will be Human in the middle watching, learning and approving while the models are active, another model will be explaining step by step what is being done.

Is this a better approach than wasting more time on labs please let me know and if you have any ideas i should add to this build that would help me learn and make money please share with me i will be grateful.

I found xss in file upload where I use brup to modify file extension then I send it. Then I open link in browser xss pop-up it's my first bug ever .

I try to rce didn't workout

Did I report first or go further is so what next I do

Can some please help me

Lord, Sweet Jebus T Rump what tf is going on in this sub?

• "Please read my post about an unexploitable bullshit condition and halp me bcuz I think it a CRITICAL thx xoxo"
• "[BUG BOUNTY] is hot garbage because they rejected my duplicate BS bugz ;-;"
• imagine a 3rd example i cant be bothered

Here's a little guidance for these kinds of scenarios:

If the impact is weak, don't speak...

If the impact is light, don't write...

PLEASE. Learn to exploit the bugs you discover while staying within the scope. Demonstrate the impact.

PoC||GTFO

Those ^ are INSTRUCTIONS. THEY ARE NOT GUIDELINES.

bUt I cAn'T sHoW aNy ImPaCt AnD i WaNt AlL tHe MoNeY

OK. Those little no impact bugs? They are lego bricks. They could actually be GOLD. Collect them, cherish them. Curate them. Horde them. BUT FOR HEAVENS SAKE DONT TELL US ABOUT THEM OR POST THEM OR REPORT THEM. Shhhh. Shhhhhhhhhhh. Shush now. Learn how to chain them. Then combine 9 infos in a chain to make a CRITICAL. Or... JUST STFU AND FIND A DAMN CRITICAL.

1. Check the bug - is it of little or no impact?

- YES: GTFO

- NO: Step 2

2. If the bug has real impact... am I just vibe-assiging that impact?

- YES: GTFO

- NO: Step 3

3. Hmmm what is the PoC? DO I have a PoC?

- NO: GTFO

- YES: Step 4

4. Is it a complete PoC?

- NO: GTFO

- YES: Step 5

5. End to End?

- NO: GTFO

- YES: Step 6

6. And does it have real impact on users?

- NO: GTFO

- YES: Step 7

7. Am I assuming one or more other bugs are required for this to work?

- YES: GTFO

- NO: Step 8

8. Wow - I got here? I better check my facts.

- YES: GTFO

- NO: ALSO GTFO.

UGH.

Hi guy, I got some report to Google VRP, but it's took too long time, how I can talk to them to make it fast?

Hey everyone, I need your expert opinion on a finding I recently submitted.

​The Case:

I found a GraphQL mutation used to create a shipping address. The web UI has a "Validation" step before "Creation." However, the Server-Side Mutation for creating the address (CreateShippingAddress) doesn't actually verify if the address is valid or if the validation step was even called.

​The Exploit:

Using Burp Suite, I can send the creation request directly with completely fake data (e.g., City: "123", Zip: "ABC", mismatched State/City). The server accepts it, saves it to my profile, and it shows up as a "Verified" address in the UI.

​The Debate:

Some people say this is just a "Functional Bug" because it doesn't leak data. But I argued it's a "Business Logic Vulnerability" because:

​It bypasses intended security/logic controls (CWE-602).

​It allows for massive Database Pollution and Resource Exhaustion (Spamming 10k addresses via Intruder).

​It causes direct Financial Loss to the company (Shipping packages to non-existent addresses, RTO fees).

​What do you think?

​Have you seen companies pay for this as a Medium bounty?

​Or is it likely to be closed as "Informative / Won't Fix"?

​Does the fact that it's on a Production e-commerce site change your evaluation?

​I'd love to hear your experiences with similar "Validation Bypass" reports in GraphQL.

Hi, I wonder if someone could help me out. I submitted a bug to one of H1 bounty programs. The bug is a CVSS 4.0 - 9.3. The triager closed the report as INFORMATIVE with the following comment:

[HACKERONE MANAGED CASE]

---

Hey @

Thank you for your report!

After review, we have confirmed the reported behavior and identified a valid security impact.

>XXXXXXX REDACTED XXXXXXXXX

As a result, we are escalating this to the engineering team for remediation. We will keep you updated on the fix timeline.

This will not have any impact on your Signal or Reputation score. We appreciate your effort and responsible disclosure.

Kind regards,

@h1_analyst_dev

---

1 - they have confirmed that its a bug and requires remediation

2 - they said that they would keep me updated on the timeline

3 - the redacted part is the description of the bug and impact exactly as I stated and all I can say is that it has the word Critical on it.

On the other hand

1 - Message said that it wouldn't impact my signal or reputation score.

2 - Was closed as informative.

For me this clearly seems as a SOP mistake rather than a real report closure. I contacted their support but they said that they are not allowed to talk with triage and that all I can do is tag the triager and watch if they answer back. Also that a mediation will be possible when I have "Signal" but this require 3 resolved reports and the ones I have are lingering for a long time and were never resolved.

I wonder if anyone has had a similar issue and would have sugestions.

**Show HN-style: I built DevShield — npm security auditor + credential breach checker in one tool**

Hey r/webdev — built this over the last few months and finally feel good enough about it to share.

**What it does:**

- Scans any npm package for CVEs, risk score, maintenance health, and download stats

- Checks emails and passwords against 7B+ breach records using k-Anonymity (password never sent in plain text)

- Team dashboard to track vulnerabilities across all your repos and set CI/CD block policies

- Breach timeline visualization built with D3

**Why I built it:** `npm audit` tells you there's a problem. It doesn't tell you how bad it is, whether the package is even maintained anymore, or whether your team's credentials are already out there.

It's free to try, no account needed for the npm and credential tools.

👉 https://devsheild.live

Happy to answer questions about how anything works under the hood. Especially the k-Anonymity implementation — that part was interesting to build.