An anonymous reader writes: Last week, Slashdot carried a discussion about Internet startup WabiSabiLabi that was launching an eBay style auction site for software vulnerabilities. According to a Washington Post story, some in the research community have worked out two of the five vulnerabilities currently for sale in the auction. From the story: "Zampariolo confirmed that one of the vulnerabilities publicly reported by researchers indeed was the exact same as a flaw being auctioned on the site — a bug in an add-on component of an open source e-mail application called "SquirrelMail" — and that it had since been patched by the vendor. However, he said the site is preparing to start an auction on a new flaw found in the newest, patched version of SquirrelMail. The company is touting both incidents as an example of how their service will serve to make software users safer in the long run."