Nintendo Bug Bounty Program Statistics | BugBountyHunter.com

You are viewing our old website

We are busy working on a brand new website and platform. All of the content on this website is considered out-dated, however challenges and our members section are working as before. Stay tuned for updates!

Nintendo Program Statistics

17 total issues disclosed

$14,906 total paid publicly

Most disclosed (2 disclosures) — Stack Overflow

Disclosed Reports

Report Title	Vulnerability Type	Disclosed By	Severity	Disclosed on
Splatoon 3 Anticheat Seed Randomization Weakness	Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)	hana2736	No rating	2026-02-19
ASLR leak in Mario Kart World through LAN mode	Information Disclosure	kinnay	High	2026-02-19
Man-in-the-middle through broken SSL certificate verification	Man-in-the-Middle	kinnay	Medium	2025-08-08
[MK8DX] Improper ranking/replay file parsing	Memory Corruption - Generic	crazy_man123	Critical	2025-07-06
NEX: Stack overflow in UnicodeToUtf8	Stack Overflow	kinnay	None	2025-06-27
[Xenoblade Chronicles X: Definitive Edition] Unrestricted RPCs allow DoS and writing arbitrary flags remotely	Resource Injection	roccodev	Critical	2025-05-15
[Xenoblade Chronicles X: Definitive Edition] Improper validation of names allows injecting formatting tags and bypassing profanity filter	None supplied	roccodev	Medium	2025-05-15
[Xenoblade Chronicles X: Definitive Edition] Buffer overflow in string escape function, multiplayer DoS	Classic Buffer Overflow	roccodev	High	2025-05-15
[Switch, PIA/MK8DX] Stack buffer overflow and potential RCE in PIA (LAN/LDN, possibly NEX) room info deserialization	Stack Overflow	jitlua	Medium	2024-09-30
Arbitrary code execution in TSEC Heavy Secure, return-oriented programming in TSEC Secure ROM, and recovery of TSEC-derived cryptographic secrets	Privilege Escalation	lnchan	Medium	2024-07-22
[WiiU/Switch] nullptr dereference in the ENL framework	NULL Pointer Dereference	crazy_man123	High	2023-08-22
[MK8DX] Improper metadata validation 2	Array Index Underflow	crazy_man123	High	2023-08-17
[MK8DX] Improper metadata parsing	NULL Pointer Dereference	crazy_man123	Critical	2023-08-17
[WiiU/Switch] Remote code execution inside the ENL library	Classic Buffer Overflow	crazy_man123	High	2023-08-11
[MK8DX] Improper verification of Competition creation allows to create "Official" competitions	Improper Access Control - Generic	crazy_man123	High	2022-12-15
[3DS][StreetPass] Buffer Overflow in Super Mario Maker level decompression	Heap Overflow	mrnbayoh	Critical	2021-04-20
[3DS][SSL] Improper certificate validation allows an attacker to perform MitM attacks	Improper Certificate Validation	mrnbayoh	Critical	2020-12-18