Open Bug Bounty selected among the
Top 5 Bug Bounty programs to watch
in 2021 by The Hacker News

For security researchers
Report a Vulnerability
Submit, help fixing, get kudos.
For website owners
Start a Bug Bounty
Run your bounty program for free.
935,279 coordinated disclosures
558,770 fixed vulnerabilities
1303 bug bounties with 2,604 websites
22,351 researchers, 1294 honor badges

API for CERTs and LEAs

To promote coordinated and responsible disclosure enabled by Open Bug Bounty non-profit project, we provide national and private (subject to qualification) CERTs and Law Enforcement Agencies (LEA) with a free and unlimited API to search our databases and get alerts on new submissions affecting any domain.

The API does not provide vulnerability details (that belong to the security researchers) unless they are publicly disclosed.

Request API access

* Agency Name:
* Agency Country:
* Contact Person Name:
* Contact Person Email:
Special Requests:
 

Your data will remain confidential and will not be shared with any third parties.

  Latest Patched

 19.04.2021 lavozdegalicia.es
 19.04.2021 history.ncdcr.gov
 18.04.2021 webinar.ru
 18.04.2021 uniraj.ac.in
 18.04.2021 myfloridalicense.com
 18.04.2021 franklincountypa.gov
 18.04.2021 g-pra.com
 18.04.2021 cumbria.gov.uk
 18.04.2021 tiverton.ri.gov
 17.04.2021 springfield-or.gov

  Latest Blog Posts

11.04.2021 by Open Bug Bounty
Better Notifications Mechanism
28.03.2021 by febin_rev
Windows Stack Buffer Overflow in a real life app — Exploit development — CloudMe_1.11.2 Buffer Overflow-CVE-2018–6892
10.02.2021 by Renzi25031469
Sysadminotaur nº88
10.02.2021 by Open Bug Bounty
Higher Submissions Quality Standard
25.12.2020 by _Y000_
How to bypass mod_security (WAF)

  Recent Recommendations

@MrMoney84315336     16 April, 2021
    Twitter MrMoney84315336:
Serious, fast and professional.Thanks for the report.
@lmanunza     15 April, 2021
    Twitter lmanunza:
The Researcher found an XSS vulnerability in our site and acted ethically by reporting it to us, so we could fix it in a timely manner. Thank you!
@studentdoctor     14 April, 2021
    Twitter studentdoctor:
Rngdr4 is an absolute professional. Very helpful in finding and helping to resolve our bug. Highly recommended! Thanks, rngdr4!
@lmanunza     13 April, 2021
    Twitter lmanunza:
Pooja found an XSS vulnerability in our website and acted ethically by reporting it to us, as well as providing all the information we needed to reproduce and fix the issue in a timely manner. Thank you very much!
@MrMoney84315336     13 April, 2021
    Twitter MrMoney84315336:
Thank you for reporting the XSS issue.
Thanks to the detailed report, we were able to fix the problem on the same day.