$ grep -r "CVE-" ~/.disclosures/ | wc -l
cve & findings
Security vulnerabilities responsibly disclosed. Includes CVEs and private bug bounty finds.
0
Critical
0
High
0
Medium
1
Total
Google VRP-516239623LOWCVSS: 2026-05-24Report Closed
Rate Limiting Vulnerability
vendor: Googleproduct: Formsaffected:
Google Forms does not implement sufficient server-side rate limiting when form owners disable account verification. This allows automated tools to submit hundreds of fake responses in a short period, rendering form data unusable.
DISCLAIMER: All vulnerabilities listed here were discovered and reported through responsible disclosure. No undisclosed vulnerabilities are shared. Some findings may be anonymized at the vendor's request.