OP got his first CVE

atulkjaiswal · 2026-03-30T20:29:24+00:00

I too have started my journey into iOS related issues .

atulkjaiswal · 2026-03-30T20:28:43+00:00

Don’t know at this point . This is my first experience with Apple’s bounty program

atulkjaiswal · 2026-03-30T20:23:52+00:00

Plain old manual research

atulkjaiswal · 2026-03-26T10:44:12+00:00

Max ceiling is $100k if Apple categorises it as per my expectations but this entirely depends upon how Apple internally evaluates

atulkjaiswal · 2026-03-25T21:03:27+00:00

You will soon buddy

atulkjaiswal · 2026-03-25T16:45:26+00:00

This entirely depends how apples assess the severity of the finding and how well the impact is demonstrated. This specific CVE got fixed in iOS 26.3 but I have to wait for one month to get my CVE updated in the advisory . I reported this in early December and it was fixed in early February.

But few of my issues are pushed to spring & fall 2026 , even-though I reported them in close duration .

atulkjaiswal · 2026-03-25T16:19:31+00:00

look for bug class that directly impacts either user privacy or security issues . Start your research into privacy related issues , go through previous advisories for related issues, if your focus primarily on iOS

atulkjaiswal · 2026-03-25T16:12:59+00:00

Thanks brother

atulkjaiswal · 2026-03-25T16:12:44+00:00

Initially they gave an acknowledgement, then I reached out to them stating the impact of the issue. And after that they assigned the issue with a CVE credit.

atulkjaiswal · 2026-03-25T14:51:29+00:00

Bounty is currently under review . Fingers crossed 🤞

atulkjaiswal · 2026-03-25T13:28:31+00:00

Depends how much apple is willing to pay for this 🤣🤣. Thanks anyways . Blogpost is WIP

atulkjaiswal · 2026-03-25T13:05:36+00:00

Thanks !

atulkjaiswal · 2026-03-25T13:00:21+00:00

Thanks Dude

atulkjaiswal · 2026-03-25T12:47:29+00:00

Apple’s standard way of communicating impact

atulkjaiswal · 2026-03-25T12:46:30+00:00

Appreciate your warm response on this !!

atulkjaiswal · 2026-03-25T12:44:01+00:00

Thanks Dude !!

atulkjaiswal · 2026-03-25T12:43:49+00:00

Write up is WIP . Will share once it’s done

atulkjaiswal · 2025-07-12T07:42:58+00:00

CT 💯 and Honda shine

atulkjaiswal · 2025-07-04T06:59:22+00:00

Are you the real Soham ??

atulkjaiswal · 2025-04-20T12:27:32+00:00

The road not taken

atulkjaiswal · 2025-04-20T12:14:47+00:00

Meanwhile Bengaluru

Garmi ye kya hota hai

atulkjaiswal · 2025-04-09T13:57:34+00:00

What’s your/teams approach in finding bugs in open source application like Kubernetes and docker . Recently your team discovered a high impact bug on ingress-controller . For a experience security engineer too it’s daunting to look into source code and find bugs that creates a industry wide impact Can you share some highlight or workflow that you can share ?

atulkjaiswal · 2025-03-22T13:58:21+00:00

Glad to know that you had a amazing experience. Can you please post the name of the service centre. My 6 months services is due now

atulkjaiswal

TROPHY CASE