Other badge Other


Vulnerabilities are never limited to a set list. Any bug that escalates a user’s privileges or causes unexpected behavior with an impact to the integrity or confidentiality of our users’ data will be considered.

It is often the types of vulnerabilities we haven’t thought about that are the most interesting!

Recently collected Other bounties:

1 vyshakh 10000 pts Vyshakh Parakkat Repository imports defaulting to public regardless of user's visibility selection
2 brxxn 10000 pts brian Incorrect OAuth scopes shown on authorization page
3 patte 5000 pts Patrick Recher Insufficient authorization check of GitHub App repo creation
4 x-crossfire 3000 pts Dmitry Repository Service Hooks making non-http requests
5 evilpacket 2500 pts Adam Baldwin GitHub employee GitHub.com tokens exposed via NPM package