zlacker

[parent] [thread] 1 comments
1. ackbar+(OP)[view] [source] 2025-06-25 11:43:28
> The market for bounties is a circus, breadcrumbs for free work from people trying to 'make it'. > The number of CVSS vulns with a score above 8 that have floated across the front page of HN in the past year without anyone getting paid tells you that much.

You make it sound like there's a ton of people going around who can just dig up CVSS vulns above 8 and is making me all confused. Is that really happening? I have a single bounty on H1 just to show I could do it, and that still took ages and was a shitty bug.

replies(1): >>monste+PK
2. monste+PK[view] [source] 2025-06-25 16:22:44
>>ackbar+(OP)
The weighted average is 7.6. Finding them doesn't necessarily take much effort if you know what to look for.
[go to top]