All Open Bug Bounty emails are sent only from openbugbounty.org domain being digitally signed. All others are fake. Learn more.
For security researchers
Report a Vulnerability
Submit, help fixing, get kudos.
For website owners
Start a Bug Bounty
Run your bounty program for free.
1,466,861 coordinated disclosures
1,111,301 fixed vulnerabilities
1,747 bug bounty programs, 3,466 websites
34,321 researchers, 1,538 honor badges
Overpaying Bug Bounty Management Fees?
Try Crowd Security Testing at Open Bug Bounty Platform
Open Bug Bounty is an open, disintermediated, cost-free, and community-driven Bug Bounty
platform for coordinated, responsible and ISO 29147 compatible vulnerability disclosure

Open Bug Bounty

 Community helped fix
1,111,302 vulnerabilities


Testimonials About Our Security Researchers
santé publique france
Philippe C. from Santé publique France   Twitter @sahorle

"Merci pour la notification. La faille de sécurité est corrigée."

Verizon
Rob McGregor from VERIZON   Twitter @RobMcGregor4

"Indeed professional, rapid to respond, and we do look forward to working together for any future issues identified. Keep up the good work!!"

DELL
Omey from Dell   Twitter @omey_09

"Thank you for your great assistance for finding XSS vulnerability on our site. Keep it up....."

American Bar Association
Josh from ABA   Twitter @JoshHar25910089

"Thanks for finding the XSS vulnerability - very helpful, and he was quick to respond when I couldn't reproduce it."

Berkeley university
Gary from UC Berkeley   Twitter @casterln

"Much appreciated alert. Will take seriously any future notices for sure. Very helpful. Recommended!"

Yamaha
ycjisysspg_sec from Yamaha Corporation   Twitter @ycjisysspg_sec

"Thank you tbmnull for finding the XSS vulnerability on www.yamaha.com (Reports No: 180851, 180214). Though a long time has passed from your reporting, we inform that we mended the vulnerabilities. Keep up the good work!"

EPFL
Patrick Saladino from EPFL   Twitter @patricksaladino

"Dear Serge, The EPFL would like to thank you for identifying and responsibly disclosing a vulnerability on one of our websites. Your responsiveness was also greatly appreciated."

EBAY
Robert Philipps from eBay Inc.   Twitter @rophilipps

"Very professional security researcher. dim0k found an unknown XSS vulnerability on one of our sites and provided us with clear information about how and where to find the issue, so we could resolve it very fast. We here at eBay can say that this was a very pleasant experience and are very thankful for his great work!"

British Library
Tony from British Library   Twitter @SecurityBl

"Thank you Sohel for identifying a vulnerability on our site which has contributed to making it more secure. Thank you."

Julius-Maximilians-Universität of Würzburg
Computer Center from University of Vienna   Twitter @ziduniwien

"Dear SonnySpooks, The University of Vienna would like to thank you for your valuable contribution in finding multiple website security issues. Your input is highly welcome and helps to raise the security level of our educational institution. Servus and greetings from Vienna, Austria."

W3C
deniak974 from W3C   Twitter @deniak974

"Great feedback with useful recommendations. Much appreciated!"

IKEA
Josef Nedstam from IKEA IT   Twitter @DrNedstam

"Donkey provided professional help and we are grateful for the discovery of these unfortunate vulnerabilities. Don't hesitate to contact this researcher if your site has reported issues"

The University of TOKYO
bmwghp from University of Tokyo   Twitter @bmwghp

"Thanks for your report of a vulnerability on our site and quick response to our request of additional information. We were able to fix the problem very soon."

Massachusetts Institute of Technology
Alin Tomescu from MIT   Twitter @alinush407

"localblackhat (CMD) found an XSS bug on our website which we were able to quickly fix thanks to her/his help."

wikiHow
Reuben from wikiHow   Twitter @reuben_smith

"Thanks you for bringing these issues to our attention!"

Twitter
Paddy from Twitter   Twitter @paddydrums

"Thanks for helping out. Fast and helpful response."

Canon
Josef Krycha from Canon Europe Ltd.   Twitter @JKrycha

"DrStache reported multiple vulnerabilities in Canon websites ranging form reflected XSS's, SQL injections to information disclosure. All findings were valid and the communication with him was quick and efficient. Thank you for your help and best of luck!"

Virgin Australia
Silas from Virgin Australia   Twitter @__sw1tch__

"Dan is incredibly professional, very responsive and a pleasure to work with. Many thanks!"

Brooklyn Law School
Adam Hess from Brooklyn Law School   Twitter @AdamHessDev

"Serge, Thank you for helping us finding vulnerabilities in our website. I appreciated your responsiveness and clear demonstration of the exploit."

TeamViewer
Axel Schmidt from TeamViewer   Twitter @TeamViewer

"Cameron helped us significantly improve our services, and certainly proved to be extremely knowledgeable. We are extremely grateful to him and very much appreciate his research."




Open Bug Bounty Programs


Open Bug Bounty Programs

Top Bug Bounty Programs   Recently Started
 
 
 
 
 
 
 
 
 

Latest Coordinated Disclosures

Website Reported by Date
30.03.2023
30.03.2023
30.03.2023
30.03.2023
30.03.2023
30.03.2023
30.03.2023
30.03.2023
30.03.2023

Awards Our Security Researchers Get
Open Bug Bounty Researcher wins $200,00 USD Open Bug Bounty Researcher wins $600,00 USD Open Bug Bounty Researcher wins lot of money bounties
Open Bug Bounty Researcher wins Canon Pixma Open Bug Bounty Researcher wins hoody Open Bug Bounty Researcher wins chocolate
Open Bug Bounty Researcher wins lot of bounties Open Bug Bounty Researcher wins Dry Jin Open Bug Bounty Researcher wins BlackBoard
Open Bug Bounty Researcher wins Dry Jin Open Bug Bounty Researcher wins Red Bull reserve Open Bug Bounty Researcher wins powerbeats headphones
Open Bug Bounty Researcher wins Wine Open Bug Bounty Researcher wins lot of gift-cards Open Bug Bounty Researcher wins Vape
Open Bug Bounty Researcher wins watches Open Bug Bounty Researcher wins T-Shirt Open Bug Bounty Researcher wins Vape
Open Bug Bounty Researcher wins FRITZ!Box Open Bug Bounty Researcher wins headphones Open Bug Bounty Researcher wins 500 EUR
Open Bug Bounty Researcher wins Bounty Open Bug Bounty Researcher wins MacBook Pro Open Bug Bounty Researcher wins lot of bounties


Most Recommended Security Researchers

Security Researcher Recommendations Reputation
149
2480
132
2130
130
2410
94
1620
92
1400
91
1310
78
1310
70
950
69
710

Top Security Researchers Securing VIP Websites

Security Researcher Badges Helped Secure
11
2627 VIP Websites  
10
1339 VIP Websites  
11
1385 VIP Websites  
9
660 VIP Websites  
11
882 VIP Websites  
7
895 VIP Websites  
11
982 VIP Websites  
11
808 VIP Websites  
8
850 VIP Websites  

DevSecOps Compatible Bug Bounty and Crowd Security Testing

Open Bug Bounty and Jira Software Open Bug Bounty and Splunk Open Bug Bounty and mantis Bug Tracker Open Bug Bounty and Jira BugZilla


Coordinated and Responsible Disclosure

Recently Patched

Website Patched on Reported by
30.03.2023
30.03.2023
30.03.2023
30.03.2023
30.03.2023
30.03.2023
30.03.2023
30.03.2023
30.03.2023

Quickest Patched

Website Patched in Patched on Reported by
12 hours
28.03.2023
12 hours
21.05.2022
12 hours
05.04.2022
13 hours
28.03.2023
13 hours
27.03.2023
13 hours
25.03.2023
13 hours
20.12.2022
13 hours
27.03.2023
13 hours
27.03.2023