Public bug reports
Capture 404/500 issues, UI regressions, performance problems, typo fixes, and policy violations in one place.
OWASP Project • AGPLv3 Licensed
One landing page for public bugs, secure disclosures, and contributor momentum.
OWASP BLT gives teams a practical front door to collect issue reports, route sensitive vulnerabilities to BLT-Zero, and keep community reporting transparent through a live leaderboard.
- 16
- Bugs reported
- 4
- Domains
- 5
- Active reporters
What OWASP BLT gives your team
Built for practical bug intake: clear public reporting, safe vulnerability handling, and community visibility in one workflow.
Anonymous intake via BLT-API
Contributors can submit reports without exposing account identity when privacy is important.
Secure vulnerability path
Route critical security disclosures through BLT-Zero with zero-log, zero-tracking guarantees.
Live leaderboard
Recognition stays visible through an auto-refreshed leaderboard generated from issue activity.
Report issues on any website
BLT covers the entire internet — report bugs, broken pages, or security problems on any domain, not just your own.
Earn rewards for every report
Reporters earn BACON tokens for accepted bug reports, turning community contributions into tangible recognition.
How teams use OWASP BLT daily
Keep public issue intake simple, keep sensitive security reports private, and keep contributor trust high with transparent tracking.
Report a public bug
GitHub template or anonymous submission
Supported issue categories include:
404 / 500 errors
Functional issues
Performance
Slow loading
Typos
Design issues
IP / trademark
License violations
Report a bug
Report a vulnerability
Private channel powered by BLT-Zero
For sensitive security findings, use a private disclosure route with stronger safety guarantees:
Zero logs
Zero tracking
Zero storage
Encrypted transport
Only the report ID and status are visible to the organization. Sensitive vulnerability payloads are not stored in the receiving server.
Report vulnerability
Recent bug reports
Latest community-submitted issues from this repository
[BUG] whole div "Chapters", should be clickable and remove test data
Mar 8, 2026
Yes, this is a bug reported for http://www.owasp.community/ it will stay open until they fix it
5 comments
[BUG] video bugs are not showing up
Mar 2, 2026
Issues aren't particularly assigned here as such. You can directly raise a PR if the copilot one is not in the ready to merge zone yet. If it is, then that'll probably get merged.
2 comments[BUG] page always shows loading screen even though it’s loaded before
Mar 1, 2026
Hi @DonnieBLT ! I'd like to work on this issue. I'll try reproducing the bug locally and investigate why the loading screen persists after refresh.
3 commentsHow it works
Three practical steps to improve web quality and security response.
1. Spot a bug
Find a broken flow, performance issue, typo, visual regression, or policy concern.
2. Submit report
Use the GitHub template for normal issues or submit anonymously through BLT-API.
3. Build trust
Accepted reports improve your leaderboard rank and help teams triage faster.
Leaderboard
Updated Mar 10, 2026
Top Reporters
Top Commenters
Top Domains
View Full Leaderboard
Leaderboard refreshes every 6 hours via GitHub Actions.