Skip to content

Pull requests: SecureBananaLabs/bug-bounty

New pull request New
1,228 Open 253 Closed
1,228 Open 253 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

fix: validate message creation payloads 🙋 Bounty claim
#2068 opened May 30, 2026 by Ceyvion Loading…
1
fix: keep registration token subject consistent 🙋 Bounty claim
#2065 opened May 30, 2026 by Ceyvion Loading…
1
Fix freelancer skill separator 🙋 Bounty claim
#2063 opened May 30, 2026 by sodalone Loading…
1
fix: return json rate limit errors 🙋 Bounty claim
#2062 opened May 30, 2026 by Ceyvion Loading…
1
fix: require admin role for metrics 🙋 Bounty claim
#2059 opened May 30, 2026 by Ceyvion Loading…
1
Add notifications action feed 🙋 Bounty claim
#2058 opened May 30, 2026 by sodalone Loading…
1
fix: require files for uploads 🙋 Bounty claim
#2055 opened May 30, 2026 by Ceyvion Loading…
1
fix: validate payment amounts 🙋 Bounty claim
#2053 opened May 30, 2026 by Ceyvion Loading…
1
fix: keep message ids server owned 🙋 Bounty claim
#2051 opened May 30, 2026 by Ceyvion Loading…
1
fix: keep review ids server owned 🙋 Bounty claim
#2049 opened May 30, 2026 by Ceyvion Loading…
1
fix(api): require auth for message routes 🙋 Bounty claim
#2047 opened May 30, 2026 by chinook1001 Loading…
1
fix: keep proposal ids server owned 🙋 Bounty claim
#2044 opened May 30, 2026 by Ceyvion Loading…
1
fix(api): require auth for job creation 🙋 Bounty claim
#2037 opened May 30, 2026 by chinook1001 Loading…
1
fix: keep user ids server owned 🙋 Bounty claim
#2035 opened May 30, 2026 by Ceyvion Loading…
1
fix: validate refresh token input 🙋 Bounty claim
#2026 opened May 30, 2026 by Ceyvion Loading…
1
Add API benchmark suite
#2021 opened May 30, 2026 by sodalone Loading…
1
fix: reject public admin registration 🙋 Bounty claim
#2020 opened May 30, 2026 by Ceyvion Loading…
1
fix: return 400 for invalid job payloads 🙋 Bounty claim
#2018 opened May 30, 2026 by Ceyvion Loading…
1
fix: use api test discovery 🙋 Bounty claim
#2016 opened May 30, 2026 by Ceyvion Loading…
1
Fix: Settings page should provide actionable account controls
#2015 opened May 30, 2026 by lajp2711 Loading…
fix: prevent DoS on search endpoint via query length limit and input validation
#2013 opened May 30, 2026 by lb1192176991-lab Loading…
1
fix: restrict register role to client/freelancer, pass refresh token from body
#2012 opened May 30, 2026 by lb1192176991-lab Loading…
1
fix: enforce unread notification creation 🙋 Bounty claim
#2011 opened May 30, 2026 by Ceyvion Loading…
1
fix: remove stale Next.js version from README 🙋 Bounty claim
#2009 opened May 30, 2026 by Ceyvion Loading…
1
Add API benchmark suite 🙋 Bounty claim
#2007 opened May 30, 2026 by adityawrk Loading…
1
ProTip! Exclude everything labeled bug with -label:bug.