SOURCE BLEED
We find critical vulnerabilities in open-source software and responsibly disclose them. Lethal precision for the security of the ecosystem we all depend on.
LATEST_FINDINGS
LIVE FEED / RECENT DISCLOSURES
OPEN-SOURCE RCE IN WIDELY-USED LIBRARY
Remote code execution vulnerability discovered in a popular open-source package. Responsible disclosure completed. Patch available.
DEPENDENCY_CHAIN_AUDIT
Automated supply chain analysis tool for detecting transitive dependency vulnerabilities.
PROTOCOL_FUZZER_V2
Next-generation protocol fuzzing framework targeting network stack implementations.
OUR MISSION:
UNHESITATING PRECISION
Source Bleed was founded on the principle that open-source security is a shared responsibility. We systematically audit critical projects to find vulnerabilities before malicious actors do.
We operate through responsible disclosure. Every vulnerability we find is reported to maintainers first, and publicly disclosed only after patches are available. Our CVEs protect millions of users worldwide.
JOIN THE RESEARCH
Think you have what it takes to find the needle in the codebase? We are always looking for elite researchers with expertise in reverse engineering, code auditing, and vulnerability research.
ALL SUBMISSIONS ARE REVIEWED BY THE CORE TEAM.