Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

Nord Security - HackerOne Reports

View on HackerOne

47

Total Reports

2

Critical

3

High

18

Medium

14

Low

No Rate Limit On Forgot Password Page Of affiliates.nordvpn.com

Reported by: alishah | Disclosed:

Medium

Weakness: Improper Authentication - Generic

NordVPN Linux Client - Unsafe service file permissions leads to Local Privilege Escalation

Reported by: bashketchum | Disclosed:

Medium

Weakness: Privilege Escalation

The Linux binaries (nordvpn and nordvpnd) don't use PIE/ASLR

Reported by: skyplabs | Disclosed:

Weakness: Violation of Secure Design Principles

Password Reset Link not expiring after changing the email Leads To Account Takeover

Reported by: dantt | Disclosed:

Low

Weakness: Improper Authentication - Generic

Subscription check bypass of NordVPN service

Reported by: tlsh1 | Disclosed:

High

Weakness: Improper Authorization

Clickjacking at join.nordvpn.com

Reported by: ddaasddd | Disclosed:

Low

Stored XSS at nordvpn.com

Reported by: thiagomarques | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Stored

Previous Page 3 of 3