The quantity of invalid reports is really impressive.

AI?

Is the volume per month trending up?
And the %-age invalid?

65% invalid? How come? Are those a lot of rogue submissions, bogus CVE’s?

@dtomvan just people eager to get a bounty: "information exposure" claims on the website is common theme, but there are many variations of things that end up deemed neither a bug nor a security problem

Like an integer overflow when passing --wait-timeout (is that the correct option?) being submitted as a high priority security problem?

@dtomvan like that one, yes. (--retry-delay is the option)