Our disclosure process is now open source! 🎉
We reward for every valid disclosure you make.
Contributing with GitHub
Our bounty database is now open source! To disclose a vulnerability,
open a pull request against our
and get rewarded!
All of your disclosures will improve your GitHub contributions graph, so you get the best of both worlds. Open source contributions and some extra dollar! 💻💵
We pay $25 for every disclosure where:
The package has over 1000 downloads per month
The CVSS score is at least 3.0
A fix is not already available