Report a Vulnerability
Submit, help fixing, get kudos.
Start a Bug Bounty
Run your bounty program for free.
583,854 coordinated disclosures
375,353 fixed vulnerabilities
892 bug bounties with 1,781 websites
18,149 researchers, 1179 honor badges
Overpaying Bug Bounty Management Fees?
Try Crowd Security Testing at Open Bug Bounty Platform
Open Bug Bounty is an open, disintermediated, cost-free, and community-driven Bug Bounty
platform for coordinated, responsible and ISO 29147 compatible vulnerability disclosure

Open Bug Bounty

 Community helped fix
375,353 vulnerabilities


Testimonials About Our Security Researchers
santé publique france
Philippe C. from Santé publique France     Twitter @sahorle

"Merci pour la notification. La faille de sécurité est corrigée."

British Library
Tony from British Library     Twitter @SecurityBl

"Thank you Sohel for identifying a vulnerability on our site which has contributed to making it more secure. Thank you."

EBAY
Robert Philipps from eBay Inc.     Twitter @rophilipps

"Very professional security researcher. dim0k found an unknown XSS vulnerability on one of our sites and provided us with clear information about how and where to find the issue, so we could resolve it very fast. We here at eBay can say that this was a very pleasant experience and are very thankful for his great work!"

W3C
deniak974 from W3C     Twitter @deniak974

"Great feedback with useful recommendations. Much appreciated!"

Philips
Peter from Philips     Twitter @PeterQsm94934

"Pedro did a swift job in disclosing the vulnerability he found. Thanks!"

Twitter
Paddy from Twitter     Twitter @paddydrums

"Thanks for helping out. Fast and helpful response."

American Bar Association

"Thanks for finding the XSS vulnerability - very helpful, and he was quick to respond when I couldn't reproduce it."

TeamViewer
Axel Schmidt from TeamViewer     Twitter @TeamViewer

"Cameron helped us significantly improve our services, and certainly proved to be extremely knowledgeable. We are extremely grateful to him and very much appreciate his research."

IKEA
Josef Nedstam from IKEA IT     Twitter @DrNedstam

"Donkey provided professional help and we are grateful for the discovery of these unfortunate vulnerabilities. Don't hesitate to contact this researcher if your site has reported issues"

EPFL
Patrick Saladino from EPFL     Twitter @patricksaladino

"Dear Serge, The EPFL would like to thank you for identifying and responsibly disclosing a vulnerability on one of our websites. Your responsiveness was also greatly appreciated."

The University of TOKYO
bmwghp from University of Tokyo     Twitter @bmwghp

"Thanks for your report of a vulnerability on our site and quick response to our request of additional information. We were able to fix the problem very soon."

Massachusetts Institute of Technology
Alin Tomescu from MIT     Twitter @alinush407

"localblackhat (CMD) found an XSS bug on our website which we were able to quickly fix thanks to her/his help."

Brooklyn Law School
Adam Hess from Brooklyn Law School     Twitter @AdamHessDev

"Serge, Thank you for helping us finding vulnerabilities in our website. I appreciated your responsiveness and clear demonstration of the exploit."

DELL
Omey from Dell     Twitter @omey_09

"Thank you for your great assistance for finding XSS vulnerability on our site. Keep it up....."

A1
Responsible Disclosure from A1 Telekom Austria     Twitter @PaulMar23292621

"Hey, sorry last time I checked your site I didn't see this way to get in contact with you. Thank you very much for your submission to us. As you have noticed the issue has already been fixed. We don't have a hall of fame yet, but I will make sure that you are on it once it arrives. Please excuse the late reply. All the best, RD @ A1"

Virgin Australia
Silas from Virgin Australia     Twitter @__sw1tch__

"Dan is incredibly professional, very responsive and a pleasure to work with. Many thanks!"

Berkeley university
Gary from UC Berkeley     Twitter @casterln

"Much appreciated alert. Will take seriously any future notices for sure. Very helpful. Recommended!"

wikiHow
Reuben from wikiHow     Twitter @reuben_smith

"Thanks you for bringing these issues to our attention!"

Yamaha
ycjisysspg_sec from Yamaha Corporation     Twitter @ycjisysspg_sec

"Thank you tbmnull for finding the XSS vulnerability on www.yamaha.com (Reports No: 180851, 180214). Though a long time has passed from your reporting, we inform that we mended the vulnerabilities. Keep up the good work!"

Verizon
Rob McGregor from VERIZON     Twitter @RobMcGregor4

"Indeed professional, rapid to respond, and we do look forward to working together for any future issues identified. Keep up the good work!!"



Open Bug Bounty Programs

Top Bug Bounty Programs Recently Started

Latest Coordinated Disclosures

Website Reported by Date
22.09.2020
22.09.2020
22.09.2020
22.09.2020
22.09.2020
22.09.2020
22.09.2020
22.09.2020
22.09.2020

Awards Our Security Researchers Get
Open Bug Bounty Researcher wins lot of gift-cards Open Bug Bounty Researcher wins lot of bounties Open Bug Bounty Researcher wins lot of monay bounties
Open Bug Bounty Researcher wins Canon Pixma Open Bug Bounty Researcher wins hoody Open Bug Bounty Researcher wins chocolate
Open Bug Bounty Researcher wins $600,00 USD Open Bug Bounty Researcher wins Dry Jin Open Bug Bounty Researcher wins BlackBoard
Open Bug Bounty Researcher wins Dry Jin Open Bug Bounty Researcher wins Red Bull reserve Open Bug Bounty Researcher wins powerbeats headphones
Open Bug Bounty Researcher wins Wine Open Bug Bounty Researcher wins $200,00 USD Open Bug Bounty Researcher wins Vape
Open Bug Bounty Researcher wins watches Open Bug Bounty Researcher wins T-Shirt Open Bug Bounty Researcher wins Vape
Open Bug Bounty Researcher wins FRITZ!Box Open Bug Bounty Researcher wins headphones Open Bug Bounty Researcher wins 500 EUR
Open Bug Bounty Researcher wins Bounty Open Bug Bounty Researcher wins MacBook Pro Open Bug Bounty Researcher wins lot of bounties


Most Recommended Security Researchers

Security Researcher Recommendations Reputation
110
1710
104
1950
91
1310
90
1370
76
1250
69
940
69
720
60
830
58
580

VIP Websites Top Security Researchers

Security Researcher Badges Helped Secure
10
1339 VIP Websites  
11
1382 VIP Websites  
9
649 VIP Websites  
8
851 VIP Websites  
11
657 VIP Websites  
8
732 VIP Websites  
5
432 VIP Websites  
9
510 VIP Websites  
12
427 VIP Websites  

DevSecOps Compatible Bug Bounty and Crowd Security Testing

Open Bug Bounty and Jira Software Open Bug Bounty and Splunk Open Bug Bounty and mantis Bug Tracker Open Bug Bounty and Jira BugZilla


Coordinated and Responsible Disclosure

Recently Patched

Website Patched on Reported by
22.09.2020
22.09.2020
22.09.2020
22.09.2020
22.09.2020
22.09.2020
22.09.2020
22.09.2020
22.09.2020

Quickest Patched

Website Patched in Patched on Reported by
-2931 minutes
05.09.2020
-2854 minutes
05.09.2020
-56 minutes
07.09.2020
2 minutes
27.01.2020
29 minutes
08.06.2020
40 minutes
15.07.2020
41 minutes
15.07.2020
49 minutes
21.04.2020
1 hour
12.12.2019

Top Alexa Rank Websites

Website Status Reported by
patched
patched
patched
patched
patched
patched
patched
patched
patched

Top Google PR Websites

Website Status Reported by
patched
patched
patched
patched
patched
patched
patched
patched
patched