目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

漏洞赏金情报

数据来源:HackerOne 公开披露报告 · 每 6 小时更新

浏览 HackerOne 平台公开披露的漏洞赏金报告,按严重程度、漏洞类型或目标项目筛选,关联 CVE 编号。

已披露报告
12,217
关联 CVE
1,854
参与项目数
342
近 7 天新增
12
严重度: All CriticalHighMediumLow
类型: 全部 Information Disclosure 1173 Cross-site Scripting (XSS) … 747 Violation of Secure Design … 719 Improper Access Control - Generic 656 Improper Authentication - Generic 652 Cross-site Scripting (XSS) … 513 Uncontrolled Resource Consumption 483 Cross-site Scripting (XSS) … 461 Cross-Site Request Forgery (CSRF) 421 Privilege Escalation 375
项目筛选:monero
Critical Deadlock Vulnerability in Monero RPC Leading to Complete Node Paralysis
Monero Uncontrolled Resource Consumption (CWE-400)
Critical
2026-05-06
Connection Count Bug in Monero Node Enables Outbound Peer Reset Attack
Monero Privacy Violation (CWE-359)
Unknown
2026-05-06
Reported Denial of Service
Monero Uncontrolled Resource Consumption (CWE-400)
Unknown
2026-04-06
Reported RPC Overflow
Monero Integer Overflow (CWE-190)
Unknown
2026-04-06
Dynamic fee algorithm doesn't check for zero fee
Monero Uncontrolled Resource Consumption (CWE-400)
Low
2025-05-23
RPC service DOS
Monero Uncontrolled Resource Consumption (CWE-400)
Medium
2025-05-23
Transactions in invalid blocks are kept in tx-pool without undergoing certain checks.
Monero
Unknown
2025-04-23
A peer can remotely fill the pending block queue to an extremely high size, with blocks that will never leave the queue.
Monero
Unknown
2025-04-23
Remote memory exhaustion in Epee RPC stack under zero Receive Window
Monero Uncontrolled Resource Consumption (CWE-400)
High
2025-04-23
Spamming highly nested JSON RPC requests cause node to disconnect from p2p network
Monero Uncontrolled Resource Consumption (CWE-400)
Unknown
2025-04-23
low-level p2p ping + tcp flooding leads to a remote crash in monerod
Monero
Critical
2025-04-14
[Monero wallet RPC] File precreation to file ownership and credentials leak
Monero Improper Access Control - Generic (CWE-284)
Unknown
2024-09-04
Reentrancy attack in eth-monero atomic swap
Monero Improper Access Control - Generic (CWE-284)
Unknown
2023-04-20
monerod JSON RPC server remote DoS
Monero Uncontrolled Resource Consumption (CWE-400)
Medium
2022-09-12
RPC call crashes node
Monero Uncontrolled Resource Consumption (CWE-400)
High
2022-08-20
Misconfiguration in build environment allows DLL preloading attack
Monero
Low
2022-01-29
DLL hijacking in Monero GUI for Windows 0.17.3.0 would allow an attacker to perform remote command execution
Monero Code Injection (CWE-94)
Medium
2021-12-30
Array Index Underflow--http rpc
Monero Array Index Underflow (CWE-129)
High
2021-10-11
Unix time unlock_time values have dangerous validation rules enabling a number of exploits
Monero Business Logic Errors (CWE-840)
High
2021-09-12
Hardware Wallets Do Not Check Unlock TIme
Monero Man-in-the-Middle (CWE-300)
Medium
2021-09-12
高频漏洞类型
最活跃项目
项目报告数最高赏金
U.S. Dept Of Defense896
Internet Bug Bounty817
HackerOne609
Nextcloud582
Shopify464
curl439
Node.js third-party modules307
GitLab258
X / xAI250 $2,500
Uber239 $9,895