\← Back to cloakapi.ioCloakAPI Security

Hall of Fame

Researchers who have responsibly disclosed security findings to CloakAPI.

The Hall of Fame is open. The first entry will be posted as soon as the first responsible-disclosure report is fixed and acknowledged.

Want to be the first? Read the disclosure policy and email security@cloakapi.io.

What appears on this page

Each accepted entry shows: researcher handle (or anonymous on request), disclosure date, finding category at high level (e.g. "OAuth flow", "Receipt verification", "Admin authentication"), CVSS severity bucket, and a short narrative once the public-disclosure window closes. Bounty amounts are not published per-entry; the policy describes the severity-to-bounty mapping at /policy#bounty.

DateResearcherCategorySeverity
— no entries yet —