Hall of Fame
To be included in the Hall of Fame, a researcher must submit a valid vulnerability report, follow all terms of our responsible disclosure policy, and cooperate throughout remediation. Inclusion on this page does not imply employment, partnership, or endorsement by Forculus. We publish the names or aliases of researchers only with their explicit consent. This page is updated after each verified and responsibly reported vulnerability.
For full details on how to report security vulnerabilities, please refer to our Responsible Disclosure Policy.
Security Researcher Acknowledgements
We value the contributions of independent security researchers who help us safeguard our customers and our platform. The individuals listed below have responsibly reported vulnerabilities in accordance with our disclosure policy, enabling us to address issues swiftly and effectively.
Researcher (Alias)
Anonymous
Anonymous
Date Acknowledged
November 2025
January 2026
Vulnerability Category
Email Authentication Misconfiguration
Transport Security Misconfiguration
Impact Area
Phishing & Impersonation Risk
Mail Interception & Downgrade Attack Risk
Status
Fixed
Open
Notes
Missing BIMI record identified. This reduces brand verification strength in email ecosystems and may increase exposure to phishing impersonation.
Missing MTA-STS policy. Without MTA-STS, SMTP connections to your mail server are not enforced to use TLS, leaving inbound mail vulnerable to downgrade attacks and interception.