I’ve just found these 4 that are publicly disclosed since Sept 14, 2015 and they do not show information about informing ignite realtime about it:
Unrestricted File Upload: http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-FILE-UPLOAD.txt
Remote File Inclusion: http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-RFI.txt
Privilege escalation: http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-PRIV-ESCALATION.txt
Persistent & Reflected XSS: http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-XSS.txt
Please take care of those.