[redacted] Billing Research

[redacted] Billing/Usage Bypass Research Responsible Disclosure — [redacted] VDP Araştırmacı: Atilla (atilla0283@hackerone) Amaç: Billing/usage enforcement bypass zafiyetleri tespit etmek

Target: AI SaaS Provider
Category: Race Condition
Channel: HackerOne
Disclosed: 2026-03

Redaction note

Vendor identity withheld.

This finding is documented here as part of MemCyber’s public disclosure record. The vendor has been anonymized to a sector and region descriptor. Full technical detail — including root cause, reproducible proof-of-concept, remediation guidance, and vendor attribution where granted — is available to qualified prospects under NDA.

Coordinated disclosure

How we handled it.

Reported to the vendor via HackerOne with a reproducible proof-of-concept.
Triage + remediation window coordinated with the vendor security team.
Fix verified before any public reference.
This record published only after the embargo period closed.

[redacted] Billing Research

Vendor identity withheld.

How we handled it.

Race Condition in Financial Operations

Race Condition Parallel Primer Tokens (No Mutex)

[vendor] - P2P Partner, Race Condition, Financial Endpoint Security Test Report

Want the full technical detail?